Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2018-4058HistoryMar 21, 2019 - 4:00 p.m.
CVE-2018-4058
2019-03-2116:00:00
Debian Security Bug Tracker
security-tracker.debian.org
9
0.001 Low
EPSS
Percentile
22.0%
An exploitable unsafe default configuration vulnerability exists in the TURN server functionality of coTURN prior to 4.5.0.9. By default, the TURN server allows relaying external traffic to the loopback interface of its own host. This can provide access to other private services running on that host, which can lead to further attacks. An attacker can set up a relay with a loopback address as the peer on an affected TURN server to trigger this vulnerability.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | coturn | < 4.5.1.0-1 | coturn_4.5.1.0-1_all.deb |
| Debian | 11 | all | coturn | < 4.5.1.0-1 | coturn_4.5.1.0-1_all.deb |
| Debian | 10 | all | coturn | < 4.5.1.0-1 | coturn_4.5.1.0-1_all.deb |
| Debian | 999 | all | coturn | < 4.5.1.0-1 | coturn_4.5.1.0-1_all.deb |
| Debian | 13 | all | coturn | < 4.5.1.0-1 | coturn_4.5.1.0-1_all.deb |
Related
talos
talos
prion
prion
Default configuration
2019-03-21 16:00:00
cve
cve
CVE-2018-4058
2019-03-21 16:00:00
ubuntucve
ubuntucve
CVE-2018-4058
2019-03-21 00:00:00
cvelist
cvelist
CVE-2018-4058
2019-03-21 14:15:36
debian
debian
[SECURITY] [DLA 1671-1] coturn security update
2019-02-11 10:27:38
[SECURITY] [DSA 4373-1] coturn security update
2019-01-28 07:37:50
osv
osv
coturn - security update
2019-01-28 00:00:00
coturn - security update
2019-02-11 00:00:00
nessus
nessus
FreeBSD : turnserver -- multiple vulnerabilities (181beef6-2482-11e9-b4a3-00155d006b02)
2019-01-31 00:00:00
Debian DLA-1671-1 : coturn security update
2019-02-12 00:00:00
Debian DSA-4373-1 : coturn - security update
2019-01-29 00:00:00
openvas
openvas
coturn <= 4.5.0.8 Multiple Vulnerabilities
2019-01-30 00:00:00
Debian: Security Advisory (DLA-1671-1)
2019-02-10 00:00:00
Debian: Security Advisory (DSA-4373-1)
2019-01-27 00:00:00
freebsd
freebsd
turnserver -- multiple vulnerabilities
2019-01-28 00:00:00
talosblog
talosblog
Vulnerability Spotlight: Multiple vulnerabilities in coTURN
2019-01-29 07:37:00
hackerone
hackerone
8x8: Outdated Coturn is vulnerable to known vulnerabilities (High)
2020-04-08 14:48:06