CVE-2007-4529
published 2007-08-25CVE-2007-4529: The WebAdmin interface in TeamSpeak Server 2.0.20.1 allows remote authenticated users with the ServerAdmin flag to assign Registered users certain privileges…
PriorityP338high8.5CVSS 2.0
AVNACMAuSCCICAC
EPSS
2.01%
78.5th percentile
The WebAdmin interface in TeamSpeak Server 2.0.20.1 allows remote authenticated users with the ServerAdmin flag to assign Registered users certain privileges, resulting in a privilege set that extends beyond that ServerAdmin's own servers, as demonstrated by the (1) AdminAddServer, (2) AdminDeleteServer, (3) AdminStartServer, and (4) AdminStopServer privileges; and administration of arbitrary virtual servers via a request to a .tscmd URI with a modified serverid parameter, as demonstrated by (a) add_server.tscmd, (b) ask_delete_server.tscmd, (c) start_server.tscmd, and (d) stop_server.tscmd.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| teamspeak | web_server | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
HP StorageWorks - NSI Double Take Remote Overflow (Metasploit)
exploitdb·2008-06-04
CVE-2008-1661 HP StorageWorks - NSI Double Take Remote Overflow (Metasploit)
HP StorageWorks - NSI Double Take Remote Overflow (Metasploit)
---
##
# $Id: doubletake.rb 4529 2007-03-23 01:08:18Z $
##
##
# This file is part of the Metasploit Framework and may be subject to
# redistribution and commercial restrictions. Please see the Metasploit
# Framework web site for more information on licensing and terms of use.
# http://metasploit.com/projects/Framework/
##
require 'msf/core'
module Msf
class Exploits::Windows::Misc::Doubletake 'doubletake Overflow',
'Description' => %q{
This Module Exploits a stack overflow in the authentication mechanism of NSI Doubletake which is also rebranded
as hp storage works Vulnerability found by Titon of Bastard Labs.
},
'Author' => [ 'ri0t ' ],
'Version' => '$Revision: 9 $',
'References' =>
[
],
'DefaultOptions' =>
{
'EXITFUNC'
Exploit-DB
eIQnetworks ESA SEARCHREPORT - Remote Overflow (Metasploit)
exploitdb·2007-10-24
CVE-2007-5699 eIQnetworks ESA SEARCHREPORT - Remote Overflow (Metasploit)
eIQnetworks ESA SEARCHREPORT - Remote Overflow (Metasploit)
---
##
# $Id: eiqnetworks_esa.rb 4529 2007-03-12 01:08:18Z hdm $
##
##
# This file is part of the Metasploit Framework and may be subject to
# redistribution and commercial restrictions. Please see the Metasploit
# Framework web site for more information on licensing and terms of use.
# http://metasploit.com/projects/Framework/
##
require 'msf/core'
module Msf
class Exploits::Windows::Misc::Eiqnetworks_SEARCHREPORT 'eIQNetworks ESA SEARCHREPORT Overflow',
'Description' => %q{
This module exploits a stack overflow in eIQnetworks
Enterprise Security Analyzer. During the processing of
long arguments to the SEARCHREPORT command, a stack-based
buffer overflow occurs.
},
'Author' => [ 'ri0t ', ],
'Version' => '$Revision: 4529 $',
No writeups or analysis indexed.
http://archives.neohapsis.com/archives/fulldisclosure/2007-05/0165.htmlhttp://osvdb.org/36047http://secunia.com/advisories/25242http://securityvulns.com/Rdocument6.htmlhttp://www.securityfocus.com/archive/1/477424/100/0/threadedhttp://www.securityfocus.com/bid/23935https://exchange.xforce.ibmcloud.com/vulnerabilities/34254http://archives.neohapsis.com/archives/fulldisclosure/2007-05/0165.htmlhttp://osvdb.org/36047http://secunia.com/advisories/25242http://securityvulns.com/Rdocument6.htmlhttp://www.securityfocus.com/archive/1/477424/100/0/threadedhttp://www.securityfocus.com/bid/23935https://exchange.xforce.ibmcloud.com/vulnerabilities/34254
2007-08-25
Published