Showing 1 - 3 of 3

CVE-2020-26262

Status Candidate

Overview

Coturn is free open source implementation of TURN and STUN Server. Coturn before version 4.5.2 by default does not allow peers to connect and relay packets to loopback addresses in the range of `127.x.x.x`. However, it was observed that when sending a `CONNECT` request with the `XOR-PEER-ADDRESS` value of `0.0.0.0`, a successful response was received and subsequently, `CONNECTIONBIND` also received a successful response. Coturn then is able to relay packets to the loopback interface. Additionally, when coturn is listening on IPv6, which is default, the loopback interface can also be reached by making use of either `[::1]` or `[::]` as the peer address. By using the address `0.0.0.0` as the peer address, a malicious user will be able to relay packets to the loopback interface, unless `--denied-peer-ip=0.0.0.0` (or similar) has been specified. Since the default configuration implies that loopback peers are not allowed, coturn administrators may choose to not set the `denied-peer-ip` setting. The issue patched in version 4.5.2. As a workaround the addresses in the address block `0.0.0.0/8`, `[::1]` and `[::]` should be denied by default unless `--allow-loopback-peers` has been specified.

Related Files

Debian Security Advisory 4829-1: Posted Jan 28, 2021; Authored by Debian | Site debian.org; Debian Linux Security Advisory 4829-1 - A flaw was discovered in coturn, a TURN and STUN server for VoIP. By default coturn does not allow peers on the loopback addresses (127.x.x.x and ::1). A remote attacker can bypass the protection via a specially crafted request using a peer address of '0.0.0.0' and trick coturn in relaying to the loopback interface. If listening on IPv6 the loopback interface can also be reached by using either [::1] or [::] as the address.; tags | advisory, remote; systems | linux, debian; advisories | CVE-2020-26262; SHA-256 | 0e50e94f21084349379aee27ae6a0c950c9d141059b68a995c92c65ef2de6f30; Download | Favorite | View

Ubuntu Security Notice USN-4690-1: Posted Jan 13, 2021; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 4690-1 - It was discovered that coTURN allowed peers to connect and relay packets to loopback addresses in the range of 127.x.x.x. A malicious user could use this vulnerability to insert packages into the loopback interface.; tags | advisory; systems | linux, ubuntu; advisories | CVE-2020-26262; SHA-256 | e5a6b608a261733f2ac478eebef781a73d720ced5c66448b8f123eac9fc56328; Download | Favorite | View

Coturn 4.5.1.x Access Control Bypass: Posted Jan 11, 2021; Authored by Sandro Gauci | Site enablesecurity.com; Coturn version 4.5.1.x suffers from a loopback access control bypass vulnerability.; tags | exploit, bypass; advisories | CVE-2020-26262; SHA-256 | 229c4e41914e88114f7a7cb31815c02ae2d943c82d215356fe5d583cf79c579d; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 356 files
Ubuntu 76 files
Debian 31 files
Gentoo 25 files
tmrswrr 9 files
R0ckE7 5 files
Ph0s 5 files
Rahad Chowdhury 4 files
Google Security Research 3 files
Seth Jenkins 2 files

File Archives

Systems

AIX (429)
Apple (2,037)
BSD (375)
CentOS (57)
Cisco (1,926)
Debian (6,909)
Fedora (1,692)
FreeBSD (1,246)
Gentoo (4,379)
HPUX (880)
iOS (363)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (47,753)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (486)
RedHat (14,557)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,113)
UNIX (9,338)
UnixWare (187)
Windows (6,605)
Other

CVE-2020-26262

Overview

Related Files

File Archive:

November 2023

Top Authors In Last 30 Days

File Tags

File Archives

Systems