Michael Imfeld

**Name of the Vulnerable Software and Affected Versions** TeamSpeak 3 Server versions prior to 3.13.8 **Description** An issue exists in the clientek Handshake Handler component due to improper processing. A remote attacker can trigger a reachable assertion by manipulating the `proof` argument. **Recommendations** Update to version 3.13.8.

**Name of the Vulnerable Software and Affected Versions** TeamSpeak 3 Server versions prior to 3.13.8 **Description** A heap-based buffer overflow exists in the ECC Key Parser component. This issue allows a remote attacker to cause a memory corruption by manipulating the parser, which handles Elliptic Curve Cryptography (ECC) keys used for secure communication. **Recommendations** Update to version 3.13.8.

**Name of the Vulnerable Software and Affected Versions** TeamSpeak 3 Server versions prior to 3.13.8 **Description** A use after free issue exists in the Connection State Management component. The flaw occurs when the server receives two clientinit packets in rapid succession on UDP port 9987. While one packet completes the handshake, the other triggers an error path that deletes only the endpoint map entry. Subsequently, the `process resend queue()` function resolves a client ID of 0 and frees the `ResendingPacket` structure, but the address remains stored in the ACK slot of a successful client. When a corresponding ACK arrives, the `process received ack()` function attempts to access the freed structure and invoke a virtual method, potentially leading to a remote denial of service. **Recommendations** Update to version 3.13.8.

**Name of the Vulnerable Software and Affected Versions** Udisks versions prior to the fix included in SlackwareLinux security advisory. **Description** A flaw exists in the Udisks daemon that allows unprivileged users to create loop devices via the D-BUS system. This is due to insufficient validation of the `index` parameter within the loop device handler, specifically a missing lower bound check. An attacker can exploit this by providing a negative value for the `index` parameter, potentially causing a crash of the daemon process or gaining access to internal file descriptors, which could lead to local privilege escalation. **Recommendations** Apply the security fix included in the latest SlackwareLinux security advisory for udisks2.

Name of the Vulnerable Software and Affected Versions: INSTAR 2K+ and 4K version 3.11.1 Build 1124 Description: A buffer overflow issue exists in the `fcgi server` component due to the manipulation of the `Authorization` argument within the `base64 decode` function. This allows for remote exploitation of the issue. Recommendations: INSTAR 2K+ and 4K version 3.11.1 Build 1124: As a temporary workaround, consider restricting access to the `fcgi server` component to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: INSTAR 2K+ and 4K version 3.11.1 Build 1124 Description: A vulnerability exists in the Backend IPC Server component that can lead to a denial of service. The attack can be initiated remotely. The exploit has been publicly disclosed. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: INSTAR 2K+ and 4K version 3.11.1 Build 1124 Description: A vulnerability exists in the UART Interface component of the software, leading to improper physical access control. This allows for potential attacks directly on the physical device. The exploit has been publicly disclosed. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** MailCleaner versions up to 2023.03.14 **Description** A critical issue has been found in the Admin Endpoints component of MailCleaner, affecting an unknown functionality. This issue leads to os command injection, allowing remote attacks. The exploit for this issue has been disclosed publicly. **Recommendations** For MailCleaner versions up to 2023.03.14, apply a patch to fix this issue. As a temporary workaround, consider restricting access to the Admin Endpoints component until a patch is available.

**Name of the Vulnerable Software and Affected Versions** MailCleaner versions up to 2023.03.14 **Description** A problematic vulnerability was found in the Admin Interface component of MailCleaner, affecting an unknown function. The manipulation of Mail Message leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. **Recommendations** To fix this issue, it is recommended to apply a patch for MailCleaner versions up to 2023.03.14. As a temporary workaround, consider restricting access to the Admin Interface until a patch is available.

**Name of the Vulnerable Software and Affected Versions** MailCleaner versions up to 2023.03.14 **Description** A critical issue affects an unknown part of the component Admin Endpoints, leading to path traversal. The manipulation can be initiated remotely. The issue has been disclosed publicly and may be exploited. **Recommendations** Apply a patch to fix this issue for versions up to 2023.03.14. As a temporary workaround, consider restricting access to the Admin Endpoints until a patch is available.

**Name of the Vulnerable Software and Affected Versions** MailCleaner versions up to 2023.03.14 **Description** A vulnerability was found in the Log File Endpoint component, which can be exploited to lead to cross-site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. **Recommendations** For MailCleaner versions up to 2023.03.14, it is recommended to apply a patch to fix this issue. As a temporary workaround, consider restricting access to the Log File Endpoint component to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** MailCleaner versions up to 2023.03.14 **Description** A critical issue has been found in MailCleaner, affecting the SOAP Service component. The vulnerability leads to os command injection, which can be exploited with local access. The affected function includes getStats, Services silentDump, Services stopStartMTA, Config saveDateTime, Config hostid, Logs StartGetStat, and dumpConfiguration. An exploit for this issue has been disclosed publicly. **Recommendations** For MailCleaner versions up to 2023.03.14, apply a patch to fix this issue. As a temporary workaround, consider restricting access to the SOAP Service component until a patch is available. Avoid using the affected functions, such as getStats, until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** MailCleaner versions up to 2023.03.14 **Description** A critical issue has been found in the Email Handler component of MailCleaner, leading to os command injection. The manipulation can be initiated remotely. The issue affects some unknown processing of the component, and the exploit has been disclosed to the public. **Recommendations** To fix this issue, apply a patch to MailCleaner versions up to 2023.03.14. As a temporary workaround, consider restricting access to the Email Handler component until a patch is available.