Debian Security Update DSA-4829 coturn - security update

Thread starter LinuxBot
Start date Jan 11, 2021

LinuxBot

Member

Jan 11, 2021

A flaw was discovered in coturn, a TURN and STUN server for VoIP. By default coturn does not allow peers on the loopback addresses (127.x.x.x and ::1). A remote attacker can bypass the protection via a specially crafted request using a peer address of 0.0.0.0 and trick coturn in relaying to the loopback interface. If listening on IPv6 the loopback interface can also be reached by using either [::1] or [::] as the address.

Continue reading...

You must log in or register to reply here.

Facebook X (Twitter) Reddit Pinterest Tumblr WhatsApp Email Link

Members online

Total: 1,020 (members: 9, guests: 1,011)

Latest posts

Installed Xubuntu 22.04, some observations/questions
- Latest: f33dm3bits
- 18 minutes ago
Ubuntu forum
How to add pkgs.org and other mirrors in centOS 8?
- Latest: f33dm3bits
- Today at 8:55 AM
General Linux Questions
All in Ones - Brother and Canon
- Latest: wizardfromoz
- Today at 7:51 AM
Getting Started
Can't detect my nvme SSD on Linux mint edge boot usb
- Latest: wizardfromoz
- Today at 7:41 AM
Getting Started
Solved getent passwd or group alone does not list all AD entries when sssd in use
- Latest: wizardfromoz
- Today at 7:32 AM
General Linux Questions

Top