Summary
Detail | |||
---|---|---|---|
Vendor | Teamspeak | First view | 2007-07-24 |
Product | Web Server | Last view | 2007-08-24 |
Version | Type | Application | |
Update | |||
Edition | |||
Language | |||
Sofware Edition | |||
Target Software | |||
Target Hardware | |||
Other |
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
CPE Name | Affected CVE |
---|---|
cpe:2.3:a:teamspeak:web_server:2.0.20.1:*:*:*:*:*:*:* | 2 |
cpe:2.3:a:teamspeak:web_server:2.0:*:*:*:*:*:*:* | 1 |
Related : CVE
Date | Alert | Description | |
---|---|---|---|
4.3 | 2007-08-24 | CVE-2007-4530 | Multiple cross-site scripting (XSS) vulnerabilities in TeamSpeak Server 2.0.20.1 allow remote attackers to inject arbitrary web script or HTML via (1) the error_text parameter to error_box.html or (2) the ok_title parameter to ok_box.html. |
8.5 | 2007-08-24 | CVE-2007-4529 | The WebAdmin interface in TeamSpeak Server 2.0.20.1 allows remote authenticated users with the ServerAdmin flag to assign Registered users certain privileges, resulting in a privilege set that extends beyond that ServerAdmin's own servers, as demonstrated by the (1) AdminAddServer, (2) AdminDeleteServer, (3) AdminStartServer, and (4) AdminStopServer privileges; and administration of arbitrary virtual servers via a request to a .tscmd URI with a modified serverid parameter, as demonstrated by (a) add_server.tscmd, (b) ask_delete_server.tscmd, (c) start_server.tscmd, and (d) stop_server.tscmd. |
7.8 | 2007-07-24 | CVE-2007-3956 | TeamSpeak WebServer 2.0 for Windows does not validate parameter value lengths and does not expire TCP sessions, which allows remote attackers to cause a denial of service (CPU and memory consumption) via long username and password parameters in a request to login.tscmd on TCP port 14534. |
Open Source Vulnerability Database (OSVDB)
id | Description |
---|---|
38596 | TeamSpeak WebServer TCP Query Interface Arbitrary File Access |
38595 | TeamSpeak WebServer login.tscmd Crafted HTTP Post Request Resource Consumptio... |
36049 | TeamSpeak Server WebAdmin ok_box.html ok_title Parameter XSS |
36048 | TeamSpeak Server WebAdmin error_box.html error_text Parameter XSS |
36047 | TeamSpeak Server WebAdmin ServerAdmin Remote Privilege Escalation |