Lucene search

[email protected]CVE-2007-3956

HistoryJul 24, 2007 - 6:30 p.m.

CVE-2007-3956

2007-07-2418:30:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2007-3956

teamspeak webserver

windows

denial of service

parameter length validation

tcp sessions

nvd

7.1 High

AI Score

Confidence

High

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.092 Low

EPSS

Percentile

94.6%

JSON

TeamSpeak WebServer 2.0 for Windows does not validate parameter value lengths and does not expire TCP sessions, which allows remote attackers to cause a denial of service (CPU and memory consumption) via long username and password parameters in a request to login.tscmd on TCP port 14534.

CPENameOperatorVersion
teamspeak:web_serverteamspeak web servereq2.0

CPE	Name	Operator	Version
teamspeak:web_server	teamspeak web server	eq	2.0

References

osvdb.org/38595

secunia.com/advisories/26141

www.securityfocus.com/bid/24977

exchange.xforce.ibmcloud.com/vulnerabilities/35518

www.exploit-db.com/exploits/4205

7.1 High

AI Score

Confidence

High

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.092 Low

EPSS

Percentile

94.6%

JSON

Related for CVE-2007-3956

prion1 ubuntucve1