CVE-2007-4529

Name of the Vulnerable Software and Affected Versions TeamSpeak Server version 2.0.20.1

Description The issue allows remote authenticated users with the ServerAdmin flag to assign privileges beyond their own servers. This can be achieved through the WebAdmin interface by exploiting certain privileges, such as AdminAddServer, AdminDeleteServer, AdminStartServer, and AdminStopServer. Additionally, administration of arbitrary virtual servers is possible via a request to a ".tscmd" URI with a modified serverid parameter, as seen in commands like add server.tscmd, ask delete server.tscmd, start server.tscmd, and stop server.tscmd.

Recommendations For TeamSpeak Server version 2.0.20.1, consider restricting access to the WebAdmin interface and limiting the privileges assigned to users with the ServerAdmin flag until a patch is available. As a temporary workaround, consider disabling the AdminAddServer, AdminDeleteServer, AdminStartServer, and AdminStopServer privileges to prevent exploitation. Restrict access to ".tscmd" URIs and limit modifications to the serverid parameter to minimize the risk of arbitrary virtual server administration.