ColossusCoinXT through 1.0.5 (a chain-based proof-of-stake cryptocurrency) allows a remote denial of service, exploitable by an attacker who acquires even a small amount of stake/coins in the system. The attacker sends invalid headers/blocks, which are stored on the victim's disk.
References
Link | Resource |
---|---|
http://fc19.ifca.ai/preproceedings/180-preproceedings.pdf | Technical Description Third Party Advisory |
https://github.com/ColossusCoinXT/ColossusCoinXT/compare/0223904...9666bb8 | Patch |
https://medium.com/%40dsl_uiuc/fake-stake-attacks-on-chain-based-proof-of-stake-cryptocurrencies-b8b05723f806 |
Configurations
History
07 Nov 2023, 02:55
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Information
Published : 2019-03-21 16:00
Updated : 2024-02-28 17:08
NVD link : CVE-2018-19158
Mitre link : CVE-2018-19158
CVE.ORG link : CVE-2018-19158
JSON object : View
Products Affected
colossusxt
- colossuscoinxt
CWE
CWE-400
Uncontrolled Resource Consumption