Vulnerability: Unencrypted Private Key Extraction in wxBitcoin and bitcoind
CVE-2011-4447 · MEDIUM Severity
AV:N/AC:M/AU:N/C:P/I:N/A:N
The "encrypt wallet" feature in wxBitcoin and bitcoind 0.4.x before 0.4.1, and 0.5.0rc, does not properly interact with the deletion functionality of BSDDB, which allows context-dependent attackers to obtain unencrypted private keys from Bitcoin wallet files by bypassing the BSDDB interface and reading entries that are marked for deletion.
Learn more about our Web Application Penetration Testing UK.