joshua/dash-docs
1
0
Fork 0
mirror of https://github.com/seigler/dash-docs synced 2025-07-27 01:36:13 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
dash-docs/_alerts/2012-05-14-dos.html
David A. Harding 4213d102da
Style: Add anchor links to all subheads 
* Adds Makefile test to ensure all subheadings, except those on Choose
  Your Wallet, have an ID (anchor reference)

* Adds an ID to all subheads that didn't have on previously
2015-04-09 11:30:28 -04:00

65 lines
2.2 KiB
HTML
Raw Blame History

---
title: "CVE-2012-2459: Critical Vulnerability (denial-of-service)"
alias: "dos"
active: false
banner: ""
---
<h2 id="risks">Risks</h2>
<p>
A denial-of-service vulnerability that affects all versions of
bitcoind and Bitcoin-Qt has been reported and fixed. An attacker
could isolate a victim's node and cause the creation of blockchain
forks.
</p>
<h2 id="solutions">Solutions</h2>
<p>
Because this bug could be exploited to severely disrupt the Bitcoin
network we consider this a critical vulnerability, and encourage
everybody to upgrade to <a href="http://sourceforge.net/projects/bitcoin/files/Bitcoin/bitcoin-0.6.2/">the latest version: 0.6.2</a>.
</p>
<p>
<a href="https://bitcointalk.org/?topic=79651">Backports for older releases (0.5.5 and 0.4.6) are also available</a> if
you cannot upgrade to version 0.6.2.
</p>
<h2 id="technical-details">Technical Details</h2>
<p>
Full technical details are being withheld to give people the
opportunity to upgrade.
</p>
<p>
Thanks to <a href="http://forre.st/">Forrest Voight</a> for discovering and reporting the vulnerability.
</p>
<h2 id="questions-and-answers">Questions &amp; Answers</h2>
<h3 id="how-do-i-know">
How would I know if I am the victim of this attack?
</h3>
<p>
Your bitcoin process would stop processing blocks and would have a
different block count from the rest of the network (you can see the
current block count at websites like <a href="http://blockexplorer.com/">blockexplorer.com</a> or
<a href="http://blockchain.info/">blockchain.info</a>). Eventually it would display the message:
</p>
<blockquote>WARNING: Displayed transactions may not be correct! You may need to
upgrade, or other nodes may need to upgrade.</blockquote>
<p>
(note that this message is displayed whenever your bitcoin process
detects that the rest of the network seems to have a different
block count, which can happen for several reasons unrelated to
this vulnerability).
</p>
<h3 id="can-my-wallet-be-stolen">
Could this bug be used to steal my wallet?
</h3>
<p>
No.
</p>
<h3 id="can-malware-be-installed">
Could this bug be used to install malware on my system?
</h3>
<p>
No.
</p>
<div style="text-align:right">
<i>This notice last updated: Mon, 14 May 2012 17:00:00 UTC</i>
</div>
Reference in a new issue View git blame Copy permalink