Updated iodine packages fix CVE-2014-4168
Publication date: 27 Jun 2014Modification date: 27 Jun 2014
Type: security
Affected Mageia releases : 3 , 4
CVE: CVE-2014-4168
Description
Updated iodine packages fix security vulnerability: Oscar Reparaz discovered an authentication bypass vulnerability in iodine, a tool for tunneling IPv4 data through a DNS server. A remote attacker could provoke a server to accept the rest of the setup or also network traffic by exploiting this flaw (CVE-2014-4168).
References
SRPMS
3/core
- iodine-0.6.0-0.rc1.3.mga3
4/core
- iodine-0.6.0-0.rc1.4.mga4