Resource icon

Hotfix for TeamSpeak vulnerabilities [till 3.0.13] 1.0.0

No permission to download
Overview History Discussion
N

NoXx

Member
Joined
Apr 24, 2016
Messages
33
Reaction score
29
Points
50
HerrAusragend said:
Somebody tested 3.0.13.2 ?
Click to expand...
Yes, looks stable to me, at least the vulnerabilities from the earlier versions seem fixed. I couldn't reproduce a crash on it.

BTW: On your HoB server you've got the .1 version which got removed due to a security vulnerability with the query client. I would recommend you to change it to .2 or block Query-Requests.
 
Last edited:
U

User_15801

We have scheduled the update to 01:00 tomorrow. Due to this we disabled ServerQuery
 
VJean

VJean

Active Member
Joined
Jan 28, 2016
Messages
16
Reaction score
0
Points
76
dedmen said:
Just so no one gets confused by that.. This is not a fix.. Its just a workaround.. We just have to change one line of code in our exploit to circumvent that
Click to expand...
it's rule block bad packet with string "TS3INIT1", to avoid conflicts with other packages from clients
 
dedmen

dedmen

TeamSpeak Developer
Contributor
Joined
Mar 28, 2016
Messages
530
Reaction score
584
Points
197
VJean said:
it's rule block bad packet with string "TS3INIT1", to avoid conflicts with other packages from clients
Click to expand...
But it doesnt fix the exploit.. We only have to change one line of code to circumvent your "fix". Which is already done in the dev versions of the exploit.
 
Mpsmith

Mpsmith

Member
Joined
Dec 21, 2015
Messages
51
Reaction score
17
Points
43
i hope this last update....

e6b9a7b59dc5431dbd0d7f38d096a6af.png
 
VJean

VJean

Active Member
Joined
Jan 28, 2016
Messages
16
Reaction score
0
Points
76
dedmen said:
But it doesnt fix the exploit.. We only have to change one line of code to circumvent your "fix". Which is already done in the dev versions of the exploit.
Click to expand...
I know about it. This rule will prevent errors like this:
Fls said:
i tested on my server working crash my server, but i added a line iptables, tools send length 315, i drop this packet on iptables and working for me
-A INPUT -p udp -m udp -j DROP --match length --length 300:350

It works, but sinusbot if I have occupied enters but it goes dropped

http://prntscr.com/c5ojgc

Help me please
Click to expand...
 
C

cuncuska

Active Member
Joined
Jan 30, 2016
Messages
108
Reaction score
11
Points
90
16-08-15 20:19:10.648335|INFO |VirtualServer |1 |listening on 0.0.0.0:9987, :::9987
2016-08-15 20:23:04.101332|INFO |PktHandler |1 |Cleaning up connection because of 13 resends of COMMAND packet
2016-08-15 20:23:04.101458|INFO |PktHandler |1 |Dropping client 14 because of resend timeout
2016-08-15 20:30:46.650961|INFO |PktHandler |1 |Cleaning up connection because of 10 resends of COMMAND packet
2016-08-15 20:30:46.651044|INFO |PktHandler |1 |Dropping client 35 because of resend timeout
2016-08-15 20:38:13.011009|INFO |PktHandler |1 |Cleaning up connection because of 10 resends of COMMAND packet
2016-08-15 20:38:13.011113|INFO |PktHandler |1 |Dropping client 57 because of resend timeout
2016-08-15 21:01:12.464732|INFO |PktHandler |1 |Cleaning up connection because of 3 resends of COMMAND packet
2016-08-15 21:01:12.464811|INFO |PktHandler |1 |Dropping client 71 because of resend timeout
2016-08-15 21:04:40.322834|INFO |PktHandler |1 |Dropping client 24 because of ping timeout 19 0 0
2016-08-15 21:28:50.964993|INFO |PktHandler |1 |Cleaning up connection because of 13 resends of COMMAND packet
2016-08-15 21:28:50.967232|INFO |PktHandler |1 |Dropping client 36 because of resend timeout
2016-08-15 21:33:23.059747|INFO |PktHandler |1 |Cleaning up connection because of 13 resends of COMMAND packet
2016-08-15 21:33:23.059893|INFO |PktHandler |1 |Dropping client 78 because of resend timeout
2016-08-15 21:37:29.016540|INFO |PktHandler |1 |Cleaning up connection because of 14 resends of COMMAND packet
2016-08-15 21:37:29.016630|INFO |PktHandler |1 |Dropping client 56 because of resend timeout
2016-08-15 21:38:33.368211|INFO |PktHandler |1 |Cleaning up connection because of 10 resends of COMMAND packet
2016-08-15 21:38:33.368342|INFO |PktHandler |1 |Dropping client 83 because of resend timeout
2016-08-15 21:47:01.771467|INFO |PktHandler |1 |Cleaning up connection because of 11 resends of COMMAND packet
2016-08-15 21:47:01.771575|INFO |PktHandler |1 |Dropping client 13 because of resend timeout
2016-08-15 22:19:11.639491|INFO |PktHandler |1 |Cleaning up connection because of 8 resends of COMMAND packet
2016-08-15 22:19:11.639576|INFO |PktHandler |1 |Dropping client 53 because of resend timeout
2016-08-15 22:30:12.606190|INFO |PktHandler |what problem
 
M

markusmarkusz

Active Member
Joined
Apr 20, 2016
Messages
4
Reaction score
0
Points
73
cuncuska said:
16-08-15 20:19:10.648335|INFO |VirtualServer |1 |listening on 0.0.0.0:9987, :::9987
2016-08-15 20:23:04.101332|INFO |PktHandler |1 |Cleaning up connection because of 13 resends of COMMAND packet
2016-08-15 20:23:04.101458|INFO |PktHandler |1 |Dropping client 14 because of resend timeout
2016-08-15 20:30:46.650961|INFO |PktHandler |1 |Cleaning up connection because of 10 resends of COMMAND packet
2016-08-15 20:30:46.651044|INFO |PktHandler |1 |Dropping client 35 because of resend timeout
2016-08-15 20:38:13.011009|INFO |PktHandler |1 |Cleaning up connection because of 10 resends of COMMAND packet
2016-08-15 20:38:13.011113|INFO |PktHandler |1 |Dropping client 57 because of resend timeout
2016-08-15 21:01:12.464732|INFO |PktHandler |1 |Cleaning up connection because of 3 resends of COMMAND packet
2016-08-15 21:01:12.464811|INFO |PktHandler |1 |Dropping client 71 because of resend timeout
2016-08-15 21:04:40.322834|INFO |PktHandler |1 |Dropping client 24 because of ping timeout 19 0 0
2016-08-15 21:28:50.964993|INFO |PktHandler |1 |Cleaning up connection because of 13 resends of COMMAND packet
2016-08-15 21:28:50.967232|INFO |PktHandler |1 |Dropping client 36 because of resend timeout
2016-08-15 21:33:23.059747|INFO |PktHandler |1 |Cleaning up connection because of 13 resends of COMMAND packet
2016-08-15 21:33:23.059893|INFO |PktHandler |1 |Dropping client 78 because of resend timeout
2016-08-15 21:37:29.016540|INFO |PktHandler |1 |Cleaning up connection because of 14 resends of COMMAND packet
2016-08-15 21:37:29.016630|INFO |PktHandler |1 |Dropping client 56 because of resend timeout
2016-08-15 21:38:33.368211|INFO |PktHandler |1 |Cleaning up connection because of 10 resends of COMMAND packet
2016-08-15 21:38:33.368342|INFO |PktHandler |1 |Dropping client 83 because of resend timeout
2016-08-15 21:47:01.771467|INFO |PktHandler |1 |Cleaning up connection because of 11 resends of COMMAND packet
2016-08-15 21:47:01.771575|INFO |PktHandler |1 |Dropping client 13 because of resend timeout
2016-08-15 22:19:11.639491|INFO |PktHandler |1 |Cleaning up connection because of 8 resends of COMMAND packet
2016-08-15 22:19:11.639576|INFO |PktHandler |1 |Dropping client 53 because of resend timeout
2016-08-15 22:30:12.606190|INFO |PktHandler |what problem
Click to expand...
Wrong topic.
And this messafes are meaning that users are timing out.
 
Energeek

Energeek

Your best friend
Joined
Aug 17, 2015
Messages
6
Reaction score
9
Points
38
freets3.ovh said:
i tested on my server working crash my server, but i added a line iptables, tools send length 315, i drop this packet on iptables and working for me
-A INPUT -p udp -m udp -j DROP --match length --length 300:350
Click to expand...

I don't recommend this ; Client can crash when sending certain text messages (timeout after 10 seconds, only voice is transmitted before reconnection).
 
F

freets3.ovh

Active Member
Joined
Sep 19, 2015
Messages
150
Reaction score
105
Points
85
Energeek said:
I don't recommend this ; Client can crash when sending certain text messages (timeout after 10 seconds, only voice is transmitted before reconnection).
Click to expand...
I have 35K clients connected on this and no problem on my 3 roots
 
R

Ramses

Active Member
Joined
Sep 11, 2016
Messages
33
Reaction score
2
Points
80
ut it doesnt fix the exploit.. We only have to change one line of code to circumvent your "fix". Which is already done in the dev versions of the exploit. You can upload fix file?
 
You must log in or register to reply here.
Top