Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 16 Jan 2009 06:36:43 GMT
From:      Mark Foster <mark@foster.cc>
To:        freebsd-gnats-submit@FreeBSD.org
Subject:   ports/130608: vuxml submission for audio/teamspeak_server
Message-ID:  <200901160636.n0G6ahfl059896@www.freebsd.org>
Resent-Message-ID: <200901160640.n0G6e19A096238@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help 

>Number:         130608
>Category:       ports
>Synopsis:       vuxml submission for audio/teamspeak_server
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          update
>Submitter-Id:   current-users
>Arrival-Date:   Fri Jan 16 06:40:01 UTC 2009
>Closed-Date:
>Last-Modified:
>Originator:     Mark Foster
>Release:        7.1
>Organization:
Credentia
>Environment:
FreeBSD frau.foster.cc 7.1-RELEASE-p1 FreeBSD 7.1-RELEASE-p1 #4: Sat Jan 10 20:04:30 PST 2009     root@frau.foster.cc:/usr/obj/usr/src/sys/GENERIC  i386

>Description:

>How-To-Repeat:

>Fix:
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">;
   <vuln vid="400a149d-3b56-4fa3-8481-675156b9f1d8">
     <topic>teamspeak_server -- TeamSpeak help Command Directory Traversal Vulnerability</topic>
     <affects>
       <package>
         <name>teamspeak_server</name>
         <range><le>2.0.23.17</le></range>
       </package>
     </affects>
     <description>
       <body xmlns="http://www.w3.org/1999/xhtml">;
         <p>SecurityFocus reports:</p>
         <blockquote cite="http://www.securityfocus.com/bid/33256">;
           <p>TeamSpeak is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input data.

Exploiting the issue may allow an attacker to obtain sensitive information that could aid in further attacks.

Versions of TeamSpeak up to and including 2.0.23.17 are vulnerable to this issue.</p>
         </blockquote>
       </body>
     </description>
     <references>
      <url>http://www.securityfocus.com/bid/33256</url>;
      <bid>33256</bid>
     </references>
     <dates>
       <discovery>2009-01-14</discovery>
       <entry>2009-01-15</entry>
     </dates>
   </vuln>



>Release-Note:
>Audit-Trail:
>Unformatted:

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200901160636.n0G6ahfl059896>