5
CVSSv2

CVE-2018-17144

Published: 19/09/2018 Updated: 09/04/2019
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 451
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Summary

Bitcoin Core 0.14.x prior to 0.14.3, 0.15.x prior to 0.15.2, and 0.16.x prior to 0.16.3 and Bitcoin Knots 0.14.x up to and including 0.16.x prior to 0.16.3 allow a remote denial of service (application crash) exploitable by miners via duplicate input. An attacker can make bitcoind or Bitcoin-Qt crash.

Vulnerability Trend

Vendor Advisories

Arch Linux Security Advisory ASA-201809-1 ========================================= Severity: Medium Date : 2018-09-22 CVE-ID : CVE-2018-17144 Package : bitcoin-daemon Type : denial of service Remote : Yes Link : securityarchlinuxorg/AVG-766 Summary ======= The package bitcoin-daemon before version 0163-1 is vulnerable to ...
Bitcoin Core 014x before 0143, 015x before 0152, and 016x before 0163 and Bitcoin Knots 014x through 016x before 0163 allow a remote denial of service (application crash) exploitable by miners via duplicate input Any attempts to double-spend a transaction output within a single transaction inside of a block where the output being ...
Arch Linux Security Advisory ASA-201809-2 ========================================= Severity: Medium Date : 2018-09-22 CVE-ID : CVE-2018-17144 Package : bitcoin-qt Type : denial of service Remote : Yes Link : securityarchlinuxorg/AVG-766 Summary ======= The package bitcoin-qt before version 0163-1 is vulnerable to denial o ...

Github Repositories

ruimarinho/bitcoin-core A bitcoin-core docker image Tags 0171, 017, latest (017/Dockerfile) 0171-alpine, 017-alpine (017/alpine/Dockerfile) 0163, 016 (016/Dockerfile) 0163-alpine, 016-alpine (016/alpine/Dockerfile) 0151, 015 (015/Dockerfile) 0151-alpine, 015-alpine (015/alpine/Dockerfile) Picking the right tag ruimarinho/bitcoin-core:

Bitcoin Candy bitcoincandyone What is Bitcoin candy? Bitcoin candy is a hard fork of Bitcoin Cash Compared to Bitcoin Cash, it brings more attractive featuresï¼? (1) ASIC-resistant POW: Equihash; (2) Amount: 21 billion; (3) Block Interval: 2 minutes; (4) Double way replay protection It became a separate currency from the version supported by Bitcoin Cash

ban-exploitable-bitcoin-nodes Ban all denial-of-service vulnerability exploitable nodes from your node CVE-2018-17144 Requirements for the bash script (bansh) Command-line JSON processor jq Install on Debian-based Linux sudo apt-get install jq Download and use the script git clone githubcom/iioch/ban-exploitable-bitcoin-nodesgit Run: cd ban-exploitable-bitcoin-node

Note about Denial-of-Service vulnerability (Sep 21, 2018): A denial-of-service vulnerability (CVE-2018-17144) exploitable by miners Since BitcoinSaving POW Mining was turn off after Block 2,000 & Switching to POS - Bitcoin SavingCoin is safe and not need any code update githubcom/bitcoin/bitcoin/blob/master/doc/release-notes/release-notes-0163md#denial-o

Welcome To The Crypto Archives The Crypto Archives is a living resource stewarded by the analysts at Multicoin Capital, a thesis-driven cryptofund that invests in tokens reshaping entire sectors of the global economy It aims to provide a comprehensive archive of technical concepts, case studies, and essays in crypto It traverses consensus algorithms, state machines, zero-kno

CVE Extensions This repository is an extension of our research on cryptocurrency clones and vulnerabilities that takes existing vulnerabilities in major coins and uses clone detection tools as a method of identifying propagations of these vulnerabilities in other coins CVE-2018-17144 A reachable assert statement in Bitcoin Core allows a remote denial of service (application c

PoC of BitcoinCore Denial-Of-Service and DoubleSpending CVE-2018-17144 On 18/19 September, bitcoin Core, the mainstream client of Bitcoin, published an article on the serious security of its code A denial-of-service vulnerability exploitable by miners has been discovered in Bitcoin Core versions 0140 up to 0162 It is recommended to upgrade any of the vulnerable versions t

Welcome To The Crypto Archives The Crypto Archives is a living resource stewarded by the analysts at Multicoin Capital, a thesis-driven cryptofund that invests in tokens reshaping entire sectors of the global economy It aims to provide a comprehensive archive of technical concepts, case studies, and essays in crypto It traverses consensus algorithms, state machines, zero-kno

bitzeny-holders-opinion 以下の内容についてBitZenyホルダーの意見を集めます なおnao20010128naoはCoreDevの一人ですが、あくまでも参考にしかなりません。個人的なものです 最終決定はCoreDevによって行われます 投票方法 ZjaTKHiqLV5wsXBAMvqUFKEjAfzbiRGrNzにOP_RETURN(コメント)とともに少額送金 コメント

Awesome CVE PoC A curated list of CVE PoCs Here is a collection about Proof of Concepts of Common Vulnerabilities and Exposures, and you may also want to check out awesome-web-security Please read the contribution guidelines before contributing This repo is full of PoCs for CVEs If you enjoy this awesome list and would like to support it, check out my Patreon page :