Privilege Escalation in TeamSpeak Server 2.0.20.1 by Unauthorized Users
CVE-2007-4529

Currently unrated

Key Information:

Vendor: Teamspeak
Status: Web Server
Vendor: CVE Published:; 25 August 2007

What is CVE-2007-4529?

The WebAdmin interface in TeamSpeak Server 2.0.20.1 allows remote authenticated users with the ServerAdmin flag to assign inappropriate privileges to Registered users. This leads to an extension of control beyond the ServerAdmin's designated servers, enabling potentially malicious actions such as adding, deleting, starting, or stopping other servers. Unauthorized management of arbitrary virtual servers can occur via modifications to the server ID in requests to specific .tscmd URIs, opening avenues for broader server administration misuse.

References

http://www.securityfocus.com/archive/1/477424/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://secunia.com/advisories/25242

third-party-advisoryx_refsource_SECUNIA

http://securityvulns.com/Rdocument6.html

x_refsource_MISC

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 25, 2007
Vulnerability Reserved
Aug 24, 2007

CVE-2007-4529 Data

JSON

Teamspeak

What is CVE-2007-4529?

References

Timeline