CVE-2014-4168
(1) iodined.c and (2) user.c in iodine before 0.7.0 allows remote attackers to bypass authentication by continuing execution after an error has been triggering.
Ver en NVDSeveridad
N/A
EPSS
Probabilidad de explotación (próx. 30 días): 0.0104 (1.0%)
Percentil: 77.5%
EPSS: 2026-05-06
Afecta
kryo:iodineDescripción técnica
(1) iodined.c and (2) user.c in iodine before 0.7.0 allows remote attackers to bypass authentication by continuing execution after an error has been triggering.
Publicada: 3/7/2014, 17:55:06
Última modificación: 6/5/2026, 22:30:45
Referencias
- http://secunia.com/advisories/59417
- http://www.debian.org/security/2014/dsa-2964
- http://www.openwall.com/lists/oss-security/2014/06/16/5
- http://www.openwall.com/lists/oss-security/2014/06/18/1
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=751834
- https://github.com/yarrick/iodine/blob/b715be5cf3978fbe589b03b09c9398d0d791f850/CHANGELOG
- http://secunia.com/advisories/59417
- http://www.debian.org/security/2014/dsa-2964