MidnightBSD

Advisories for hashcash

CVE-2005-0687 HIGH

Format string vulnerability in Hashcash 1.16 allows remote attackers to cause a denial of service (memory consumption) and possibly execute arbitrary code via format string specifiers in a reply address, which is not properly handled when printing the header.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
hashcash hashcash 1.15
hashcash hashcash 1.14
hashcash hashcash 1.16
CVE-2006-3251 HIGH

Heap-based buffer overflow in the array_push function in hashcash.c for Hashcash before 1.21 might allow attackers to execute arbitrary code via crafted entries.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
hashcash hashcash 1.15
hashcash hashcash 1.07
hashcash hashcash 1.01
hashcash hashcash 1.18
hashcash hashcash 1.12
hashcash hashcash 1.17
hashcash hashcash 1.05
hashcash hashcash 1.10
hashcash hashcash 1.03
hashcash hashcash 1.02
hashcash hashcash 1.04
hashcash hashcash 1.06
hashcash hashcash 1.11
hashcash hashcash 1.14
hashcash hashcash 1.08
hashcash hashcash 1.16
hashcash hashcash 1.00
hashcash hashcash 1.13
hashcash hashcash 1.19
hashcash hashcash *
hashcash hashcash 1.09
CVE-2006-3750 MEDIUM

PHP remote file inclusion vulnerability in server.php in the Hashcash Component (com_hashcash) 1.2.1 for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-94,

Products Affected

Vendor Product Version
hashcash hashcash 1.2.1