Vulnerability in TeamSpeak 2 server
A hole in the TeamSpeak server 2.x for Windows and Linux makes it possible to retrieve arbitrary files from the server and exploit the retrieved information for further attacks. If, for example, server administration is handled via PLESK management software it would be possible to retrieve the password to gain administrative access to the system.
All versions of the teleconferencing software up to and including 220.127.116.11 are affected, but the bug has been fixed in the beta version 18.104.22.168 for Windows and Linux. However, the officially stable version of TeamSpeak stopped at 22.214.171.124. For security reasons, users should switch to the beta version or restrict access to TCP port 51234. This should be done as soon as possible since the vulnerability is very easily exploited. Heise Security has already received a non-public exploit.
Heise Security has also received information from a TeamSpeak hoster who wishes to remain anonymous. According to this source, Teamspeak 2 authorised hosters were not informed about the problem by the manufacturer. Hosters also only found out about the DoS hole reported last week through independent sources. We are told that insider circles are increasingly annoyed about the way this has been handled but dare not voice their criticism since TeamSpeak 3 is due to be released in the near future, and only selected hosters will get permission to offer it.
- [TS2] Windows/Linux Server Binary BETA 126.96.36.199 *HOTFIX*, message on planetteamspeak