3 matches found
Debian DLA-2271-1 : coturn security update
In coturn before version 4.5.1.3, there is an issue whereby STUN/TURN response buffer is not initialized properly. There is a leak of information between different client connections. One client an attacker could use their connection to intelligently query coturn to get interesting bytes in the...
CoTURN Information Disclosure Vulnerability
CoTURN is an open source implementation of TURN VoIP Media Services NAT Traversal Server and Gateway and STUN Simple Traversal Network Address Translator for User Datagram Protocol Server. A security vulnerability exists in CoTURN versions prior to 4.5.1.3 that stems from the program failing to...
CVE-2020-4067 Improper Initialization in coturn
In coturn before version 4.5.1.3, there is an issue whereby STUN/TURN response buffer is not initialized properly. There is a leak of information between different client connections. One client an attacker could use their connection to intelligently query coturn to get interesting bytes in the...