CVE-2016-8889

Sažetak

In Bitcoin Knots v0.11.0.ljr20150711 through v0.13.0.knots20160814 (fixed in v0.13.1.knots20161027), the debug console stores sensitive information including private keys and the wallet passphrase in its persistent command history.

Reference

http://www.securityfocus.com/bid/94235
https://bitcointalk.org/index.php?topic=1618462.0
https://github.com/bitcoinknots/bitcoin/blob/v0.13.1.knots20161027/doc/release-notes.md

CVSS

Base:	2.1
Impact:	2.9
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	NONE

CVSS vektor

AV:L/AC:L/Au:N/C:P/I:N/A:N

Zadnje važnije ažuriranje

29-11-2016 - 19:16

Objavljeno

28-10-2016 - 15:59