Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
debianDebianDEBIAN:DSA-4829-1:79144
HistoryJan 11, 2021 - 1:57 p.m.

[SECURITY] [DSA 4829-1] coturn security update

2021-01-1113:57:27
lists.debian.org
7

0.002 Low

EPSS

Percentile

56.8%

JSON

Debian Security Advisory DSA-4829-1 [email protected]
https://www.debian.org/security/ Salvatore Bonaccorso
January 11, 2021 https://www.debian.org/security/faq

Package : coturn
CVE ID : CVE-2020-26262

A flaw was discovered in coturn, a TURN and STUN server for VoIP. By
default coturn does not allow peers on the loopback addresses
(127.x.x.x and ::1). A remote attacker can bypass the protection via a
specially crafted request using a peer address of '0.0.0.0' and trick
coturn in relaying to the loopback interface. If listening on IPv6 the
loopback interface can also be reached by using either [::1] or [::] as
the address.

For the stable distribution (buster), this problem has been fixed in
version 4.5.1.1-1.1+deb10u2.

We recommend that you upgrade your coturn packages.

For the detailed security status of coturn please refer to its security
tracker page at:
https://security-tracker.debian.org/tracker/coturn

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: [email protected]

OSVersionArchitecturePackageVersionFilename
Debian10armelcoturn-dbgsym< 4.5.1.1-1.1+deb10u2coturn-dbgsym_4.5.1.1-1.1+deb10u2_armel.deb
Debian10allcoturn< 4.5.1.1-1.1+deb10u2coturn_4.5.1.1-1.1+deb10u2_all.deb
Debian10amd64coturn< 4.5.1.1-1.1+deb10u2coturn_4.5.1.1-1.1+deb10u2_amd64.deb
Debian9amd64coturn< 4.5.0.5-1+deb9u3coturn_4.5.0.5-1+deb9u3_amd64.deb
Debian10ppc64elcoturn-dbgsym< 4.5.1.1-1.1+deb10u2coturn-dbgsym_4.5.1.1-1.1+deb10u2_ppc64el.deb
Debian9armhfcoturn< 4.5.0.5-1+deb9u3coturn_4.5.0.5-1+deb9u3_armhf.deb
Debian10s390xcoturn< 4.5.1.1-1.1+deb10u2coturn_4.5.1.1-1.1+deb10u2_s390x.deb
Debian9arm64coturn< 4.5.0.5-1+deb9u3coturn_4.5.0.5-1+deb9u3_arm64.deb
Debian10mips64elcoturn-dbgsym< 4.5.1.1-1.1+deb10u2coturn-dbgsym_4.5.1.1-1.1+deb10u2_mips64el.deb
Debian10arm64coturn-dbgsym< 4.5.1.1-1.1+deb10u2coturn-dbgsym_4.5.1.1-1.1+deb10u2_arm64.deb
Rows per page:
1-10 of 271

Related

fedora 2
nessus 5
openvas 7
redhatcve 1
veracode 1
osv 5
debian 2
archlinux 1
mageia 1
zdt 1
ubuntucve 1
alpinelinux 1
cvelist 1
prion 1
ubuntu 1
cve 1
debiancve 1
nvd 1
packetstorm 1
fedora
fedora
[SECURITY] Fedora 33 Update: coturn-4.5.2-1.fc33
2021-01-20 01:33:03
[SECURITY] Fedora 32 Update: coturn-4.5.2-1.fc32
2021-01-20 01:28:22
nessus
nessus
Fedora 32 : coturn (2021-32d0068851)
2021-01-20 00:00:00
Debian DSA-4829-1 : coturn - security update
2021-01-12 00:00:00
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : coTURN vulnerability (USN-4690-1)
2021-01-12 00:00:00
openvas
openvas
Debian: Security Advisory (DLA-2522-1)
2021-01-13 00:00:00
Fedora: Security Advisory for coturn (FEDORA-2021-32d0068851)
2021-01-20 00:00:00
Ubuntu: Security Advisory (USN-4690-1)
2021-01-13 00:00:00
redhatcve
redhatcve
CVE-2020-26262
2022-05-20 23:57:46
veracode
veracode
Authorization Bypass
2021-01-11 20:53:49
osv
osv
coturn vulnerability
2021-01-11 21:19:33
coturn - security update
2021-01-12 00:00:00
coturn - security update
2021-01-11 00:00:00
debian
debian
[SECURITY] [DSA 4829-1] coturn security update
2021-01-11 13:57:27
[SECURITY] [DLA 2522-1] coturn security update
2021-01-12 08:47:33
archlinux
archlinux
[ASA-202101-21] coturn: insufficient validation
2021-01-12 00:00:00
mageia
mageia
Updated coturn package fixes a security vulnerability
2021-02-19 13:27:54
zdt
zdt
Coturn 4.5.1.x Access Control Bypass Vulnerability
2021-01-11 00:00:00
ubuntucve
ubuntucve
CVE-2020-26262
2021-01-11 00:00:00
alpinelinux
alpinelinux
CVE-2020-26262
2021-01-13 19:15:16
cvelist
cvelist
CVE-2020-26262 Loopback bypass in Coturn
2021-01-13 18:15:17
prion
prion
Design/Logic Flaw
2021-01-13 19:15:00
ubuntu
ubuntu
coTURN vulnerability
2021-01-11 00:00:00
cve
cve
CVE-2020-26262
2021-01-13 19:15:16
debiancve
debiancve
CVE-2020-26262
2021-01-13 19:15:16
nvd
nvd
CVE-2020-26262
2021-01-13 19:15:16
packetstorm
packetstorm
Coturn 4.5.1.x Access Control Bypass
2021-01-11 00:00:00

0.002 Low

EPSS

Percentile

56.8%

JSON
Related for DEBIAN:DSA-4829-1:79144
fedora2nessus5openvas7redhatcve1veracode1osv5debian2archlinux1mageia1zdt1ubuntucve1alpinelinux1cvelist1prion1ubuntu1cve1debiancve1nvd1packetstorm1