Forum

Page 3 of 6 FirstFirst 12345 ... LastLast
Results 31 to 45 of 84
  1. #31
    Join Date
    October 2015
    Posts
    1
    Quote Originally Posted by ScP View Post
    If you don't want to (or can't) increase the minimum client version on your server, you can prevent users from exploiting this vulnerability by revoking the permissions to create channels with descriptions on your server.
    Can you please explain the exact permissions and or how we revoke these?

  2. #32
    Join Date
    January 2010
    Location
    Phoenix, AZ
    Posts
    99
    Hey SCP,

    does this also work through the queryclient ?

    Reason I ask, two days ago a friends server was scanned by a queryclient named [scan][email protected][647]

    It connected and sent a test PM to me. In researching who did this I found a youtube video about creating channels from a web page. It all looks suspicious to me.

    Please check out the video and this vk web page (kinda like facebook but russian) On the vk page I stumbled upon images of hundreds of teamspeak servers being scanned and checking to see if the queryclient can accept a pm, can create a channel and can accept a poke.
    https://www.youtube.com/watch?v=PpHNj-dlCq8

    https://vk.com/fyfywka_dev

    If you cant find the images of the scan, I can email them to you.


    Thanks
    Bob
    Last edited by sgtrwe; October 11th, 2015 at 05:16 AM.

  3. #33
    Join Date
    August 2014
    Posts
    21
    Quote Originally Posted by sgtrwe View Post
    Hey SCP,

    does this also work through the queryclient ?

    Reason I ask, two days ago a friends server was scanned by a queryclient named [scan][email protected][647]

    It connected and sent a test PM to me. In researching who did this I found a youtube video about creating channels from a web page. It all looks suspicious to me.

    Please check out the video and this vk web page (kinda like facebook but russian) On the vk page I stumbled upon images of hundreds of teamspeak servers being scanned and checking to see if the queryclient can accept a pm, can create a channel and can accept a poke.
    https://www.youtube.com/watch?v=PpHNj-dlCq8

    https://vk.com/fyfywka_dev

    If you cant find the images of the scan, I can email them to you.


    Thanks
    Bob
    As PMs are no attack vector this is most likely just a regular spam bot. It would have had to create a temporary test channel with a description or retrieve the permissions list to actually check if your server could be abused as a virus distributor.
    Last edited by phvcky; October 11th, 2015 at 09:36 AM.

  4. #34
    Join Date
    October 2003
    Location
    Germany
    Posts
    2,370
    Good morning! First, I'd like to give you guys a quick status update...

    An updated Android client is available on Google Play now. However the iOS update will take longer to complete and has to go through Apple's approval process, so we might not be able to publish our new iOS client before the end of the week.

    We still strongly recommend updating the minimum version requirement in your servers in order to force your users to upgrade their clients and ensure their security, but you might experience an increase in support inquiries from mobile users (primarily iOS users) in the next few days.

    As already stated in my initial posting, the alternative to increasing the minimum version number for now is revoking the permissions to set channel descriptions for non-admins.

    Now let's see if I can give answers to your questions from the last hours...

    Quote Originally Posted by iStinger View Post
    Thanks for the updates. Just a concern, the pop up box that comes up when connecting to a server with the min client version check looks like a virus. Any chance that pop up could be changed in the next version?
    I agree, that that dialog is not pretty, but it get's the job done. Do you have a suggestion on how to make it look better? I'd forward your input to the devs then.

    Quote Originally Posted by JustinK View Post
    Using:
    UPDATE server_properties SET value = '1444491275' WHERE ident = 'virtualserver_min_client_version';
    Updates current virtual servers, but for virtual servers created after running this, will they automatically have this value as well, or does something else need to be done for that and if so what?
    Yes. This SQL query will also update the default settings for virtual servers (ID 0). In addition, upcoming server versions will automatically increase the minimum client version and add new server properties to control the minimum iOS and Android versions separate.

    Quote Originally Posted by ken311 View Post
    Can you please explain the exact permissions and or how we revoke these?
    Basically, there are two permissions you should temporary remove from non-admin groups:

    1. b_channel_create_with_description
    2. b_channel_modify_description

    In the default permission set shipped with the TS3 Server (defaults.sql), these permissions are already disabled for guests. You only need to do this if you actively changed your guest group permissions.

  5. #35
    Join Date
    February 2014
    Posts
    90
    Would it be possible for you to show us a screenshot of the pop-up box that shows your client is out-of-date? Then we can give feed-back on how to make it look more legitimate.

  6. #36
    Join Date
    October 2003
    Location
    Germany
    Posts
    2,370
    Quote Originally Posted by Patrick1164 View Post
    Would it be possible for you to show us a screenshot of the pop-up box that shows your client is out-of-date? Then we can give feed-back on how to make it look more legitimate.
    Sure. Here it is:

    Click image for larger version. 

Name:	Bildschirmfoto 2015-10-11 um 11.26.15.png 
Views:	933 
Size:	80.6 KB 
ID:	13016

  7. #37
    Join Date
    February 2014
    Posts
    90
    I think the "This server requires a newer client version." is kinda what makes it seem non-genuine, maybe rephrasing it to something like:

    "This server has set the minimum client version to 3.0.18.1, you are currently running 3.0.18."

    "Please update your client or visit www.teamspeak.com to download the latest version in order to be able to connect to this server"

  8. #38
    Join Date
    September 2015
    Posts
    3

    2 things im wondering about

    hi ...
    the first thing is...why i did have no choice if i want or want not to install. why i become a disconnect and by trying reconnecting the message says "update or you will never come back to the daylight"

    the second is a already reported problem of mine...without solution!!!!!
    i need to use ts vers. 3.0.16 because with this version i become a poke window in front of the ts window by playing a game on my first screen and ts is running on second screen. actually the poke window opens but behind the ts window. so i cant read the message by take a look at my second screen. i need to move with my mouse over ts window and klick the ts window and by this click the poke window comes into front of ts window.
    pls dont advise me to play in window mode...thats no option for me and many other players i did know

    solong
    speedson

  9. #39
    Join Date
    October 2003
    Location
    Germany
    Posts
    2,370
    Quote Originally Posted by speedson View Post
    hi ...
    the first thing is...why i did have no choice if i want or want not to install. why i become a disconnect and by trying reconnecting the message says "update or you will never come back to the daylight"

    the second is a already reported problem of mine...without solution!!!!!
    i need to use ts vers. 3.0.16 because with this version i become a poke window in front of the ts window by playing a game on my first screen and ts is running on second screen. actually the poke window opens but behind the ts window. so i cant read the message by take a look at my second screen. i need to move with my mouse over ts window and klick the ts window and by this click the poke window comes into front of ts window.
    pls dont advise me to play in window mode...thats no option for me and many other players i did know

    solong
    speedson
    Actually, there is a solution to your problem. With client 3.0.18, we introduced an option to disable the poke dialog.

    Click Settings
    -> Options -> Never show Poke Dialog.

  10. #40
    Join Date
    August 2013
    Location
    Germany
    Posts
    318
    Quote Originally Posted by fyfywka View Post
    My friend, scanning is done only for statistics vulnerabilities, you can write to me on my mail to find all the answers.
    So you are basically scanning all server that you find for potential security risks?

    If so, do you inform the admins that the risk does exist and is there a list of IP's used for scanning?

  11. #41
    Join Date
    April 2015
    Posts
    9

    Help

    Quote Originally Posted by ScP View Post
    We have just released a very important security update for the TeamSpeak 3 Client addressing a RFI (Remote File Inclusion) vulnerability. Please upgrade your desktop clients to version 3.0.18.1 immediately. The update is available for Windows, Linux and OS X. Mobile clients for Android and iOS are not affected by this issue.

    You can use the auto-update feature to grab this new release. If you need an installer, please refer to our Downloads page.

    Here's the full changelog:

    Code:
    === Client Release 3.0.18.1 10 Oct 2015
      ! Hotfix release to fix security vulnerability


    *** IMPORTANT ***
    We strongly recommend that all server providers and admins change the minimum desktop client version for users required to connect to the server. Unfortunately, this will also prevent mobile clients to connect for now. We'll release updates to Google Play and the Apple App Store as soon as possible (see updates below).

    If you don't want to (or can't) increase the minimum client version on your server, you can prevent users from exploiting this vulnerability by revoking the permissions to create channels with descriptions on your server.

    There are two ways to increase the minimum client version:

    1. Update Server Settings via ServerQuery
    Use the following commands via ServerQuery (per default running on TCP port 10011) to do this:

    Code:
    // authenticate with your serveradmin account (generated during initial server start)
    login username password
    
    // change default settings for virtual servers you create in the future
    use 0           
    serveredit virtualserver_min_client_version=1444491275
    
    // repeat this for all existing virtual servers in the TeamSpeak instance
    use port=9987   
    serveredit virtualserver_min_client_version=1444491275
    use port=9988   
    serveredit virtualserver_min_client_version=1444491275
    ...
    No restart is required when you're using ServerQuery to change the settings.

    2. Update Server Settings via SQL
    If you have access to your servers database (SQLite or MySQL) you can use this SQL query to update all virtual servers at once:

    Code:
    UPDATE server_properties SET value = '1444491275' WHERE ident = 'virtualserver_min_client_version';
    You need to restart the server afterwards so the settings will be reload.



    We sincerely apologize for any inconvenience caused.



    *** UPDATE 01 ***
    An updated Android client has just been pushed to Google Play and will be available in the next few hours.

    *** UPDATE 02 ***
    The Android client update is now live. In addition to a new build number, it introduces Android 6.0 compatibility.
    Hello, i have a Problem.

    i did all what you wrote and after the restart of my server clients still have other versions ..

    for example:

    Nickname: Ubstiwam Hazard
    Version:3.0.16 on Windows
    Online since:7 minutes 40 seconds

    Nickname: EmPePeC
    Version:3.0.16 on Windows
    Online since:9 minutes 9 seconds

    Nickname: JohnRandom
    Version:3.0.17 on Windows
    Online since:8 minutes 37 seconds

    Nickname: Mroczek
    Version:3.0.16 on Windows
    Online since:9 minutes 27 seconds

    Nickname: Opos
    Version:3.0.17 on Windows
    Online since:9 minutes 35 seconds

    Nickname: ShayBecK.Biceps
    Version:3.0.18 on Windows
    Online since:9 minutes 51 seconds


    or even me from my ios iphone

    Nickname: ♣ аиoиyмουs ♣1
    Version:3.0.18 on iOS
    Online since:2 minutes 25 seconds

    please help me.

  12. #42
    Join Date
    October 2003
    Location
    Germany
    Posts
    2,370
    Quote Originally Posted by comander View Post
    Hello, i have a Problem.

    i did all what you wrote and after the restart of my server clients still have other versions ..

    ...

    please help me.
    As far as I know, YaTQA - a third party TS3 administration utility - allows you to set the minimum version for all virtual servers at once:

    http://addons.teamspeak.com/director...-(German).html

  13. #43
    Join Date
    April 2012
    Posts
    13
    A good site for someone you is not good in english:
    Explains the Update very well!

    http://www.ostek.de/wordpress/?p=82

  14. #44
    Join Date
    April 2015
    Posts
    9
    Quote Originally Posted by ScP View Post
    As far as I know, YaTQA - a third party TS3 administration utility - allows you to set the minimum version for all virtual servers at once:

    http://addons.teamspeak.com/director...-(German).html
    Yes that helped! with YaTQA you can set up the minimum version for all virtual servers at once

    for people who don't want to do it with the Query Inside, look at the Screenshot:

    Click image for larger version. 

Name:	serv.PNG 
Views:	435 
Size:	86.6 KB 
ID:	13017

    Quote Originally Posted by mr-brown View Post
    A good site for someone you is not good in english:
    Explains the Update very well!

    http://www.ostek.de/wordpress/?p=82
    i think you mean someone else? because i understand english very well.

  15. #45
    Join Date
    October 2003
    Location
    Germany
    Posts
    2,370
    Another small update...

    I've been contacted by two people with infected systems. Both had a variant of Troj/Agent-ACIA sitting in their ProgramData directory.

    https://www.sophos.com/en-us/threat-...gent-ACIA.aspx

    To check if you're infected, check if there are any AutoIt scripts (*.au3), Visual Basic scripts (*.vbs) or suspicious executables (*.exe) in C:\ProgramData and have a look at running processes.

    Here's a list of some files you don't want to find:

    Code:
    Name         | SHA1 Checksum
    <random>.au3 | b648d925d56404c325ae3f328cdd5dcc024b9077
    <random>.exe | cae4e8c730de5a01d30aabeb3e5cb2136090ed8d
    abc.exe      | 5e6b86477ee431115ad125231606910a7fe83957
    mario.vbs    | 7bb1a4beebe6c0f4dce3f6b4734adb64bbfe167b
    In addition, if a script kiddie has tried to exploit the vulnerability in your TeamSpeak 3 Client, there's probably a file called ts3.bat in your Autostart directory. If you see this file, delete it immediately before it can unleash its evil magic...

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Replies: 0
    Last Post: August 13th, 2015, 05:01 AM
  2. Cannot Update TeamSpeak 3 Client
    By FazzaR in forum Bug Reports [EN/DE]
    Replies: 2
    Last Post: May 24th, 2011, 08:01 AM
  3. TeamSpeak 3 Client Update failing at 59%.
    By rifter in forum Windows
    Replies: 4
    Last Post: May 17th, 2011, 04:24 PM
  4. Replies: 5
    Last Post: October 29th, 2010, 05:53 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •