CyberSec.Space Logo
返回 CVE 浏览器

CVE-2014-4168

MEDIUM
5.0
CVSS Severity Score
EPSS Score0.0260%
EPSS Percentile22.51th
Published2014年7月3日
Last Modified2026年5月6日

Vulnerability Description

(1) iodined.c and (2) user.c in iodine before 0.7.0 allows remote attackers to bypass authentication by continuing execution after an error has been triggering.

Affected Platforms (CPE)

📦
Kryo

Iodine

<= 0.6.0
📦
Kryo

Iodine

= 0.3.0
📦
Kryo

Iodine

= 0.3.1
📦
Kryo

Iodine

= 0.3.2
📦
Kryo

Iodine

= 0.3.3
📦
Kryo

Iodine

= 0.3.4
📦
Kryo

Iodine

= 0.4.0
📦
Kryo

Iodine

= 0.4.1
📦
Kryo

Iodine

= 0.4.2
📦
Kryo

Iodine

= 0.5.0
📦
Kryo

Iodine

= 0.5.1
📦
Kryo

Iodine

= 0.5.2

References & Advisories

🔗 http://secunia.com/advisories/59417
🔗 http://www.debian.org/security/2014/dsa-2964
🔗 http://www.openwall.com/lists/oss-security/2014/06/16/5
🔗 http://www.openwall.com/lists/oss-security/2014/06/18/1
🔗 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=751834
🔗 https://github.com/yarrick/iodine/blob/b715be5cf3978fbe589b03b09c9398d0d791f850/CHANGELOG
🔗 http://secunia.com/advisories/59417
🔗 http://www.debian.org/security/2014/dsa-2964

相关漏洞威胁

CVE-2006-483110.0

Unspecified vulnerability in IP over DNS is now easy (iodine) before 0.3.2 has unknown impact and attack vectors, related to "pote...

CVE-2006-57817.5

Stack-based buffer overflow in the handshake function in iodine 0.3.2 allows remote attackers to execute arbitrary code via a craf...

CVE-2014-052810.0

Double free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allows attac...

CVE-2014-052510.0

The API in Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X does not prevent access to unm...