Vulnerability Description
ColossusCoinXT through 1.0.5 (a chain-based proof-of-stake cryptocurrency) allows a remote denial of service, exploitable by an attacker who acquires even a small amount of stake/coins in the system. The attacker sends invalid headers/blocks, which are stored on the victim's disk.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Colossusxt | Colossuscoinxt | <= 1.0.5 |
Related Weaknesses (CWE)
References
- http://fc19.ifca.ai/preproceedings/180-preproceedings.pdfTechnical DescriptionThird Party Advisory
- https://github.com/ColossusCoinXT/ColossusCoinXT/compare/0223904...9666bb8Patch
- https://medium.com/%40dsl_uiuc/fake-stake-attacks-on-chain-based-proof-of-stake-
- http://fc19.ifca.ai/preproceedings/180-preproceedings.pdfTechnical DescriptionThird Party Advisory
- https://github.com/ColossusCoinXT/ColossusCoinXT/compare/0223904...9666bb8Patch
- https://medium.com/%40dsl_uiuc/fake-stake-attacks-on-chain-based-proof-of-stake-
FAQ
What is CVE-2018-19158?
CVE-2018-19158 is a vulnerability with a CVSS score of 7.5 (HIGH). ColossusCoinXT through 1.0.5 (a chain-based proof-of-stake cryptocurrency) allows a remote denial of service, exploitable by an attacker who acquires even a small amount of stake/coins in the system. ...
How severe is CVE-2018-19158?
CVE-2018-19158 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-19158?
Check the references section above for vendor advisories and patch information. Affected products include: Colossusxt Colossuscoinxt.