TeamSpeak Server WebAdmin Interface Privilege Escalation Vulnerability
BID:23935
Info
TeamSpeak Server WebAdmin Interface Privilege Escalation Vulnerability
| Bugtraq ID: | 23935 |
| Class: | Design Error |
| CVE: |
CVE-2007-4529 |
| Remote: | Yes |
| Local: | No |
| Published: | May 11 2007 12:00AM |
| Updated: | May 07 2015 05:39PM |
| Credit: | Gilberto Ficara is credited with the discovery of this issue. |
| Vulnerable: |
Teamspeak TeamSpeak Server 2.0.23 .17 |
| Not Vulnerable: | |
Discussion
TeamSpeak Server WebAdmin Interface Privilege Escalation Vulnerability
TeamSpeak Server is prone to a privilege-escalation vulnerability.
Attackers with 'ServerAdmin' access can leverage this issue to gain certain 'SuperAdmin' privileges.
A successful attack will allow an attacker to create, start, stop, and delete TeamSpeak servers.
TeamSpeak Server 2.0.20.1 is vulnerable; other versions may also be affected.
TeamSpeak Server is prone to a privilege-escalation vulnerability.
Attackers with 'ServerAdmin' access can leverage this issue to gain certain 'SuperAdmin' privileges.
A successful attack will allow an attacker to create, start, stop, and delete TeamSpeak servers.
TeamSpeak Server 2.0.20.1 is vulnerable; other versions may also be affected.
Exploit / POC
TeamSpeak Server WebAdmin Interface Privilege Escalation Vulnerability
Attackers with ServerAdmin privileges can exploit this issue via the WebAdmin interface.
Attackers with ServerAdmin privileges can exploit this issue via the WebAdmin interface.
Solution / Fix
TeamSpeak Server WebAdmin Interface Privilege Escalation Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
TeamSpeak Server WebAdmin Interface Privilege Escalation Vulnerability
References:
References:
- Vendor Homepage (TeamSpeak)