CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-38698 – .eth registrar controller can shorten the duration of registered names
https://notcve.org/view.php?id=CVE-2023-38698
Ethereum Name Service (ENS) is a distributed, open, and extensible naming system based on the Ethereum blockchain. According to the documentation, controllers are allowed to register new domains and extend the expiry of existing domains, but they cannot change the ownership or reduce the expiration time of existing domains. However, a preliminary analysis suggests that an attacker-controlled controller may be able to reduce the expiration time of existing domains due to an integer overflow in the renew function. The vulnerability resides `@ensdomains/ens-contracts` prior to version 0.0.22. If successfully exploited, this vulnerability would enable attackers to force the expiration of any ENS record, ultimately allowing them to claim the affected domains for themselves. Currently, it would require a malicious DAO to exploit it. • https://github.com/ensdomains/ens-contracts/blob/master/contracts/ethregistrar/BaseRegistrarImplementation.sol#L171 https://github.com/ensdomains/ens-contracts/commit/e6b136e979084de3761c125142620304173990ca https://github.com/ensdomains/ens-contracts/security/advisories/GHSA-rrxv-q8m4-wch3 • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.7EPSS: 0%CPEs: 1EXPL: 0CVE-2020-5232 – Ethereum Name Service - Malicious takeover of previously owned ENS names
https://notcve.org/view.php?id=CVE-2020-5232
A user who owns an ENS domain can set a trapdoor, allowing them to transfer ownership to another user, and later regain ownership without the new owners consent or awareness. A new ENS deployment is being rolled out that fixes this vulnerability in the ENS registry. Un usuario que posee un dominio ENS puede establecer una trapdoor, permitiéndole transferir la propiedad a otro usuario y luego recuperar la propiedad sin el consentimiento o conocimiento de los nuevos propietarios. Se está poniendo en funcionamiento una nueva implementación de ENS que corrige esta vulnerabilidad en el registro de ENS. • https://github.com/ensdomains/ens/commit/36e10e71fcddcade88646821e0a57cc6c19e1ecf https://github.com/ensdomains/ens/security/advisories/GHSA-8f9f-pc5v-9r5h • CWE-285: Improper Authorization •