FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

iodined -- authentication bypass

Affected packages
iodine < 0.7.0

Details

VuXML ID 0981958a-f733-11e3-8276-071f1604ef8a
Discovery 2014-06-16
Entry 2014-06-18

Erik Ekman of the iodine project reports:

The client could bypass the password check by continuing after getting error from the server and guessing the network parameters. The server would still accept the rest of the setup and also network traffic.

[source]

References

URL https://github.com/yarrick/iodine/commit/b715be5cf3978fbe589b03b09c9398d0d791f850

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.