Ethereum Client Parity Unveils Fix To Ethereum Node Vulnerability
Parity Technologies announced a fix to vulnerability in the implementation of its Ethereum node, which caused its nodes to go offline.
The problem was discovered on 3 February when Parity Tech received several reports that attackers could send a specially crafted RPC request to the Parity Ethereum nodes in public.
The bug had opened an attack vector so that nodes could be forced to go offline by potential attackers.
If not discovered, the attack could have threatened a substantial portion of the Ethereum blockchain.
It appears that the only nodes affected were those synchronized with public JSON-RPC services such as Infura, MyEtherWallet and MyCrypto.
Since then, the team has released a fix and encourages all operators of the Parity node to upgrade to the latest.
We were notified that a special RPC request can be sent to a public Parity Ethereum node (pre-2.29 or 2.3.2) & that node will crash. Updates that will fix this will be out in 1-2 hours. Watch @ParityTech for updates; stand by to update your node ASAP. https://t.co/OqIkB4Oj3y
— Parity Technologies (@ParityTech) February 3, 2019