CyberSec.Space Logo
Back to CVE Browser

CVE-2014-4168

MEDIUM
5.0
CVSS Severity Score
EPSS Score0.0260%
EPSS Percentile22.51th
PublishedJul 3, 2014
Last ModifiedMay 6, 2026

Vulnerability Description

(1) iodined.c and (2) user.c in iodine before 0.7.0 allows remote attackers to bypass authentication by continuing execution after an error has been triggering.

Affected Platforms (CPE)

πŸ“¦
Kryo

Iodine

<= 0.6.0
πŸ“¦
Kryo

Iodine

= 0.3.0
πŸ“¦
Kryo

Iodine

= 0.3.1
πŸ“¦
Kryo

Iodine

= 0.3.2
πŸ“¦
Kryo

Iodine

= 0.3.3
πŸ“¦
Kryo

Iodine

= 0.3.4
πŸ“¦
Kryo

Iodine

= 0.4.0
πŸ“¦
Kryo

Iodine

= 0.4.1
πŸ“¦
Kryo

Iodine

= 0.4.2
πŸ“¦
Kryo

Iodine

= 0.5.0
πŸ“¦
Kryo

Iodine

= 0.5.1
πŸ“¦
Kryo

Iodine

= 0.5.2

References & Advisories

πŸ”— http://secunia.com/advisories/59417
πŸ”— http://www.debian.org/security/2014/dsa-2964
πŸ”— http://www.openwall.com/lists/oss-security/2014/06/16/5
πŸ”— http://www.openwall.com/lists/oss-security/2014/06/18/1
πŸ”— https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=751834
πŸ”— https://github.com/yarrick/iodine/blob/b715be5cf3978fbe589b03b09c9398d0d791f850/CHANGELOG
πŸ”— http://secunia.com/advisories/59417
πŸ”— http://www.debian.org/security/2014/dsa-2964

Related Vulnerabilities

CVE-2006-483110.0

Unspecified vulnerability in IP over DNS is now easy (iodine) before 0.3.2 has unknown impact and attack vectors, related to "pote...

CVE-2006-57817.5

Stack-based buffer overflow in the handshake function in iodine 0.3.2 allows remote attackers to execute arbitrary code via a craf...

CVE-2014-052310.0

Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allow attackers to execute arbitrary code...

CVE-2014-052610.0

Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allow attackers to execute arbitrary code...