joshua/dash-docs
1
0
Fork 0
mirror of https://github.com/seigler/dash-docs synced 2025-07-27 09:46:12 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge pull request #37 from luke-jr/dos_links

Browse source 
Format "dos" page like the rest of the site, and add links
This commit is contained in:
Nils Schneider 2012-05-15 14:08:59 -07:00
commit 335895bcc0
1 changed files with 15 additions and 14 deletions
Download patch file Download diff file Expand all files Collapse all files

29
dos.html
View file

@ -4,39 +4,40 @@ layout: simple
<div class="container">
<section id="dos">
<h1>CVE-2012-2459: Critical Vulnerability (denial-of-service)</h1>
<h2>Risks</h2>
<p>
A denial-of-service vulnerability that affects all versions of
bitcoind and Bitcoin-Qt has been reported and fixed. An attacker
could isolate a victim's node and cause the creation of blockchain
forks.
</p>
<h2>Solutions</h2>
<p>
Because this bug could be exploited to severely disrupt the Bitcoin
network we consider this a critical vulnerability, and encourage
everybody to upgrade to the latest version: 0.6.2.
everybody to upgrade to <a href="https://sourceforge.net/projects/bitcoin/files/Bitcoin/bitcoin-0.6.2/">the latest version: 0.6.2</a>.
</p>
<p>
Backports for older releases (0.5.5 and 0.4.6) are also available if
<a href="https://bitcointalk.org/?topic=79651">Backports for older releases (0.5.5 and 0.4.6) are also available</a> if
you cannot upgrade to version 0.6.2.
</p>
<h2>Technical Details</h2>
<p>
Full technical details are being withheld to give people the
opportunity to upgrade.
</p>
<p>
Thanks to Forrest Voight for discovering and reporting the vulnerability.
Thanks to <a href="http://forre.st/">Forrest Voight</a> for discovering and reporting the vulnerability.
</p>
<p>
Questions that might be frequently asked:
</p>
<p>
<h2>Questions &amp; Answers</h2>
<h3>
How would I know if I am the victim of this attack?
</p>
</h3>
<p>
Your bitcoin process would stop processing blocks and would have a
different block count from the rest of the network (you can see the
current block count at websites like blockexplorer.com or
blockchain.info). Eventually it would display the message:
current block count at websites like <a href="http://blockexplorer.com/">blockexplorer.com</a> or
<a href="http://blockchain.info/">blockchain.info</a>). Eventually it would display the message:
</p>
<blockquote>WARNING: Displayed transactions may not be correct! You may need to
upgrade, or other nodes may need to upgrade.</blockquote>
@ -46,15 +47,15 @@ detects that the rest of the network seems to have a different
block count, which can happen for several reasons unrelated to
this vulnerability).
</p>
<p>
<h3>
Could this bug be used to steal my wallet?
</p>
</h3>
<p>
No.
</p>
<p>
<h3>
Could this bug be used to install malware on my system?
</p>
</h3>
<p>
No.
</p>