25 July 2007, 11:37

DoS vulnerability in Teamspeak server

A vulnerability in the TeamspeakVoIP software package might be exploited by attackers to knock out the server. On the Milw0rm exploit portal, a demo has been released to demonstrate the hole. Specific HTTP requests containing excess length user names and passwords cause a very high CPU load on the inbuilt web server. As a consequence, the server is either slowed down considerably or ceases to respond. Authentication is not required to execute such attack.

The flaw has been detected in version 2.0.x for Windows, and it is probable that prior versions are also vulnerable. An updated server that is free of the bug is now available to download, but restricting access to TCP port 14534 over which the web admin interface communicates can also serve as an interim workaround.

Also on The H:

Share this article

DoS vulnerability in Teamspeak server

Also on The H:

Microsoft's struggle against bugs

CSI:Internet - Open heart surgery

CSI:Internet - A trip into RAM

The H Update Check

Internet Toolkit

Monopoly madness

What's new in Linux 3.4

A Practical Internet of Things

Booting up: Tools and tips for systemd

Kernel Log: Coming in 3.4 (Part 3) - Graphics drivers

Control Centre: The systemd Linux init system

Kernel Log: Coming in 3.4 (Part 2) - Filesystems, storage and drivers

Kernel Log: Coming in 3.4 (Part 1) - Infrastructure

What's new in Linux 3.3

Building a GSM network with open source

CSI:Internet - Controlled from the beyond

Price Insight Top 10 powered by Skinflint

The H

The H open source

The H Security

The H Internet Toolkit