漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Improper Initialization in coturn
Vulnerability Description
In coturn before version 4.5.1.3, there is an issue whereby STUN/TURN response buffer is not initialized properly. There is a leak of information between different client connections. One client (an attacker) could use their connection to intelligently query coturn to get interesting bytes in the padding bytes from the connection of another client. This has been fixed in 4.5.1.3.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L
Vulnerability Type
初始化不恰当
Vulnerability Title
CoTURN 安全漏洞
Vulnerability Description
CoTURN是一款TURN(VoIP媒体业务NAT穿越服务器和网关)和STUN(用户数据报协议简单穿越网络地址转换器)Server的开源实现。 CoTURN 4.5.1.3之前版本中存在安全漏洞,该漏洞源于程序没有正确初始化STUN/TURN响应缓冲区。攻击者可利用该漏洞获取信息。
CVSS Information
N/A
Vulnerability Type
N/A