joshua/dash-docs
1
0
Fork 0
mirror of https://github.com/seigler/dash-docs synced 2025-07-27 09:46:12 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Format "dos" page like the rest of the site, and add links

Browse source
This commit is contained in:
Luke Dashjr 2012-05-15 20:59:16 +00:00
parent b6c5ef11b9
commit e9968acebc
1 changed files with 15 additions and 14 deletions
Download patch file Download diff file Expand all files Collapse all files

29
dos.html
View file

@ -4,39 +4,40 @@ layout: simple
<div class="container"> <div class="container">
<section id="dos"> <section id="dos">
<h1>CVE-2012-2459: Critical Vulnerability (denial-of-service)</h1> <h1>CVE-2012-2459: Critical Vulnerability (denial-of-service)</h1>
<h2>Risks</h2>
<p> <p>
A denial-of-service vulnerability that affects all versions of A denial-of-service vulnerability that affects all versions of
bitcoind and Bitcoin-Qt has been reported and fixed. An attacker bitcoind and Bitcoin-Qt has been reported and fixed. An attacker
could isolate a victim's node and cause the creation of blockchain could isolate a victim's node and cause the creation of blockchain
forks. forks.
</p> </p>
<h2>Solutions</h2>
<p> <p>
Because this bug could be exploited to severely disrupt the Bitcoin Because this bug could be exploited to severely disrupt the Bitcoin
network we consider this a critical vulnerability, and encourage network we consider this a critical vulnerability, and encourage
everybody to upgrade to the latest version: 0.6.2. everybody to upgrade to <a href="https://sourceforge.net/projects/bitcoin/files/Bitcoin/bitcoin-0.6.2/">the latest version: 0.6.2</a>.
</p> </p>
<p> <p>
Backports for older releases (0.5.5 and 0.4.6) are also available if <a href="https://bitcointalk.org/?topic=79651">Backports for older releases (0.5.5 and 0.4.6) are also available</a> if
you cannot upgrade to version 0.6.2. you cannot upgrade to version 0.6.2.
</p> </p>
<h2>Technical Details</h2>
<p> <p>
Full technical details are being withheld to give people the Full technical details are being withheld to give people the
opportunity to upgrade. opportunity to upgrade.
</p> </p>
<p> <p>
Thanks to Forrest Voight for discovering and reporting the vulnerability. Thanks to <a href="http://forre.st/">Forrest Voight</a> for discovering and reporting the vulnerability.
</p> </p>
<p> <h2>Questions &amp; Answers</h2>
Questions that might be frequently asked: <h3>
</p>
<p>
How would I know if I am the victim of this attack? How would I know if I am the victim of this attack?
</p> </h3>
<p> <p>
Your bitcoin process would stop processing blocks and would have a Your bitcoin process would stop processing blocks and would have a
different block count from the rest of the network (you can see the different block count from the rest of the network (you can see the
current block count at websites like blockexplorer.com or current block count at websites like <a href="http://blockexplorer.com/">blockexplorer.com</a> or
blockchain.info). Eventually it would display the message: <a href="http://blockchain.info/">blockchain.info</a>). Eventually it would display the message:
</p> </p>
<blockquote>WARNING: Displayed transactions may not be correct! You may need to <blockquote>WARNING: Displayed transactions may not be correct! You may need to
upgrade, or other nodes may need to upgrade.</blockquote> upgrade, or other nodes may need to upgrade.</blockquote>
@ -46,15 +47,15 @@ detects that the rest of the network seems to have a different
block count, which can happen for several reasons unrelated to block count, which can happen for several reasons unrelated to
this vulnerability). this vulnerability).
</p> </p>
<p> <h3>
Could this bug be used to steal my wallet? Could this bug be used to steal my wallet?
</p> </h3>
<p> <p>
No. No.
</p> </p>
<p> <h3>
Could this bug be used to install malware on my system? Could this bug be used to install malware on my system?
</p> </h3>
<p> <p>
No. No.
</p> </p>