MidnightBSD

Advisories for ruletkaio

CVE-2018-17968 MEDIUM

A gambling smart contract implementation for RuletkaIo, an Ethereum gambling game, generates a random value that is predictable by an external contract call. The developer wrote a random() function that uses a block timestamp and block hash from the Ethereum blockchain. This can be predicted by writing the same random function code in an exploit contract to determine the deadSeat value.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-338,

Products Affected

Vendor Product Version
ruletkaio ruletkaio -