TeamSpeak Client 2.x < 2.0.33.7 Buffer Overflow

This script is Copyright (C) 2010-2016 Tenable Network Security, Inc.


Synopsis :

The remote Windows host contains an application that is susceptible to
buffer overflow.

Description :

According to its version, the instance of TeamSpeak 2.x Client, a VoIP
software collaboration application, installed on the remote host is
affected by a buffer overflow vulnerability.

An attacker can corrupt memory on such clients via a specially crafted
voice transmission packet sent via a TeamSpeak server. This corrupted
memory is later used during the teardown process and can lead to
execution of arbitrary code.

See also :

http://www.nsense.fi/advisories/nsense_2010_002.txt
http://www.cert.fi/en/reports/2010/vulnerability404670.html

Solution :

Upgrade to version 2.0.33.7 or later as that reportedly addresses the
issue.

Risk factor :

High / CVSS Base Score : 9.0
(CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C)
CVSS Temporal Score : 7.0
(CVSS2#E:POC/RL:OF/RC:ND)
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 50603 ()

Bugtraq ID: 44502

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now