Vulnerability Details : CVE-2014-4501
Multiple stack-based buffer overflows in sgminer before 4.2.2, cgminer before 4.3.5, and BFGMiner before 3.3.0 allow remote pool servers to have unspecified impact via a long URL in a client.reconnect stratum message to the (1) extract_sockaddr or (2) parse_reconnect functions in util.c.
Vulnerability category: Overflow
Products affected by CVE-2014-4501
- cpe:2.3:a:sgminer_project:sgminer:*:*:*:*:*:*:*:*
- cpe:2.3:a:sgminer_project:sgminer:4.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:sgminer_project:sgminer:4.1.242:*:*:*:*:*:*:*
- cpe:2.3:a:sgminer_project:sgminer:4.1.153:*:*:*:*:*:*:*
- cpe:2.3:a:sgminer_project:sgminer:4.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:sgminer_project:sgminer:4.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:sgminer_project:sgminer:4.1.271:*:*:*:*:*:*:*
- cpe:2.3:a:cgminer_project:cgminer:*:*:*:*:*:*:*:*
- cpe:2.3:a:cgminer_project:cgminer:4.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:cgminer_project:cgminer:4.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:cgminer_project:cgminer:4.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:cgminer_project:cgminer:4.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:bfgminer:bfgminer:*:*:*:*:*:*:*:*
- cpe:2.3:a:bfgminer:bfgminer:3.2.6:*:*:*:*:*:*:*
- cpe:2.3:a:bfgminer:bfgminer:3.2.4:*:*:*:*:*:*:*
- cpe:2.3:a:bfgminer:bfgminer:3.2.8:*:*:*:*:*:*:*
- cpe:2.3:a:bfgminer:bfgminer:3.2.7:*:*:*:*:*:*:*
- cpe:2.3:a:bfgminer:bfgminer:3.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:bfgminer:bfgminer:3.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:bfgminer:bfgminer:3.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:bfgminer:bfgminer:3.2.5:*:*:*:*:*:*:*
- cpe:2.3:a:bfgminer:bfgminer:3.2.3:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2014-4501
0.64%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 79 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2014-4501
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
NIST |
CWE ids for CVE-2014-4501
-
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.Assigned by: nvd@nist.gov (Primary)
References for CVE-2014-4501
-
https://github.com/sgminer-dev/sgminer/commit/b65574bef233474e915fdf18614aa211e31cc6c2
Stratum: extract_sockaddr: Truncate overlong addresses rather than st… · sgminer-dev/sgminer@b65574b · GitHubPatch
-
https://github.com/ckolivas/cgminer/commit/e1c5050734123973b99d181c45e74b2cbb00272e
Do some random sanity checking for stratum message parsing · ckolivas/cgminer@e1c5050 · GitHubExploit;Patch
-
https://github.com/sgminer-dev/sgminer/commit/78cc408369bdbbd440196c93574098d1482efbce
stratum: parse_reconnect(): treat pool-sent URL as untrusted. · sgminer-dev/sgminer@78cc408 · GitHubExploit;Patch
-
http://seclists.org/fulldisclosure/2014/Jul/118
Full Disclosure: CVE-2014-4501 : Stack Overflow in Parsing client.reconnect Message of the Stratum Mining Protocol
-
https://github.com/luke-jr/bfgminer/commit/c80ad8548251eb0e15329fc240c89070640c9d79
Stratum: extract_sockaddr: Truncate overlong addresses rather than st… · luke-jr/bfgminer@c80ad85 · GitHubPatch
Jump to