CVE-2021-21382 Unsafe loopback forwarding interface in Restund

Restund is an open source NAT traversal server. The restund TURN server can be instructed to open a relay to the loopback address range. This allows you to reach any other service running on localhost which you might consider private. In the configuration that we ship...

Debian DLA-1671-1 : coturn security update

Multiple vulnerabilities were discovered in coTURN, a TURN and STUN server for VoIP. CVE-2018-4056 A SQL injection vulnerability was discovered in the coTURN administrator web portal. As the administration web interface is shared with the production, it is unfortunately not possible to easily...

[SECURITY] [DLA 1671-1] coturn security update

Package : coturn Version : 4.2.1.2-1+deb8u1 CVE ID : CVE-2018-4056 CVE-2018-4058 CVE-2018-4059 Multiple vulnerabilities were discovered in coTURN, a TURN and STUN server for VoIP. CVE-2018-4056 An SQL injection vulnerability was discovered in the coTURN administrator web portal. As the...

Debian: Security Advisory (DLA-1671-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

coturn <= 4.5.0.8 Multiple Vulnerabilities

coturn is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:coturn:coturn"; if description...

Vulnerability Spotlight: Multiple vulnerabilities in coTURN

Nicolas Edet of Cisco discovered these vulnerabilities. Executive summary Today, Cisco Talos is disclosing three vulnerabilities in coTURN. coTURN is an open-source implementation of TURN and STUN servers that can be used as a general-purpose networking traffic TURN server. TURN servers are usual...

Debian DSA-4373-1 : coturn - security update

Multiple vulnerabilities were discovered in coTURN, a TURN and STUN server for VoIP. - CVE-2018-4056 A SQL injection vulnerability was discovered in the coTURN administrator web portal. As the administration web interface is shared with the production, it is unfortunately not possible to easily...

[SECURITY] [DSA 4373-1] coturn security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4373-1 [email protected] https://www.debian.org/security/ Yves-Alexis Perez January 28, 2019 https://www.debian.org/security/faq -...

Debian: Security Advisory (DSA-4373-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

coTURN TURN server unsafe loopback forwarding default configuration vulnerability

Summary An exploitable unsafe default configuration vulnerability exists in the TURN server functionality of coTURN prior to 4.5.0.9. By default, the TURN server allows relaying external traffic to the loopback interface of its own host. This can provide access to other private services running o...