[Bitcoin-development] Full Disclosure: CVE-2012-2459 (block merkle calculation exploit)

Mike Hearn mike at plan99.net
Wed Aug 22 08:10:29 UTC 2012


Thank you for practicing responsible disclosure.

Now the vulnerability is out in the open, could the code please be updated
to contain the information here, but in the comments? Gavins commit merely
mentions there is a DoS attack without discussing further what it involves,
also, the vulnerability of the merkle hash function should ideally be noted
inside it.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20120822/78ba1b08/attachment.html>


More information about the bitcoin-dev mailing list