Forum

Page 1 of 2 12 LastLast
Results 1 to 15 of 84

Hybrid View

  1. #1
    Join Date
    October 2003
    Location
    Germany
    Posts
    2,370

    Exclamation [SECURITY UPDATE] TeamSpeak 3 Client 3.0.18.1 is Available

    We have just released a very important security update for the TeamSpeak 3 Client addressing a RFI (Remote File Inclusion) vulnerability. Please upgrade your desktop clients to version 3.0.18.1 immediately. The update is available for Windows, Linux and OS X. Mobile clients for Android and iOS are not affected by this issue.

    You can use the auto-update feature to grab this new release. If you need an installer, please refer to our Downloads page.

    Here's the full changelog:

    Code:
    === Client Release 3.0.18.1 10 Oct 2015
      ! Hotfix release to fix security vulnerability


    *** IMPORTANT ***
    We strongly recommend that all server providers and admins change the minimum desktop client version for users required to connect to the server. Unfortunately, this will also prevent mobile clients to connect for now. We'll release updates to Google Play and the Apple App Store as soon as possible (see updates below).

    If you don't want to (or can't) increase the minimum client version on your server, you can prevent users from exploiting this vulnerability by revoking the permissions to create channels with descriptions on your server.

    There are two ways to increase the minimum client version:

    1. Update Server Settings via ServerQuery
    Use the following commands via ServerQuery (per default running on TCP port 10011) to do this:

    Code:
    // authenticate with your serveradmin account (generated during initial server start)
    login username password
    
    // change default settings for virtual servers you create in the future
    use 0           
    serveredit virtualserver_min_client_version=1444491275
    
    // repeat this for all existing virtual servers in the TeamSpeak instance
    use port=9987   
    serveredit virtualserver_min_client_version=1444491275
    use port=9988   
    serveredit virtualserver_min_client_version=1444491275
    ...
    No restart is required when you're using ServerQuery to change the settings.

    2. Update Server Settings via SQL
    If you have access to your servers database (SQLite or MySQL) you can use this SQL query to update all virtual servers at once:

    Code:
    UPDATE server_properties SET value = '1444491275' WHERE ident = 'virtualserver_min_client_version';
    You need to restart the server afterwards so the settings will be reload.



    We sincerely apologize for any inconvenience caused.



    *** UPDATE 01 ***
    An updated Android client has just been pushed to Google Play and will be available in the next few hours.

    *** UPDATE 02 ***
    The Android client update is now live. In addition to a new build number, it introduces Android 6.0 compatibility.

    *** UPDATE 03 ***
    The iOS client has been sumbitted to the Apple App Store and we're waiting for approval.
    Apple usual needs 7-14 days for this.
    Last edited by dante696; October 19th, 2015 at 09:35 AM. Reason: added details about ios approval

  2. #2
    Join Date
    March 2014
    Posts
    12
    Will setting the virtualserver_min_client_version affect mobile clients connections?

  3. #3
    Join Date
    October 2003
    Location
    Germany
    Posts
    2,370
    Quote Originally Posted by Kubuxu View Post
    Will setting the virtualserver_min_client_version affect mobile clients connections?
    Unfortunately, it does. Upcoming server versions will allow you to specify the minimum client version for Android and iOS separate from the desktop version.

    Quote Originally Posted by ahmedkoki View Post
    I am updating it now but why is it that important?
    Well... previous client versions were affected by a vulnerability that allowed an attacker to download malicious files to your computer. So this is very serious. We strongly recommend that everyone updates their clients before the way to exploit this is publicly known.
    Last edited by ScP; October 10th, 2015 at 08:47 PM.

  4. #4
    Join Date
    July 2013
    Posts
    2

  5. #5
    Join Date
    October 2003
    Location
    Germany
    Posts
    2,370
    My best guess is that this is an UAC issue because you did not start the installer in elevated mode or the TS3 Client is currently running (but I don't see that on your screenshot)... The installer itself seems to be OK since I am unable to reproduce this error on any of my systems.

    Please note that you can also use the auto update feature by starting the TS3 Client and hitting Help -> Check for Update.

  6. #6
    Join Date
    October 2015
    Posts
    3
    I was affected by this attack.

    Could the attacker also execute the files? Or just download?

  7. #7
    Join Date
    August 2014
    Posts
    5
    I am updating it now but why is it that important?

  8. #8
    Join Date
    October 2015
    Posts
    1
    Quote Originally Posted by ScP View Post
    If you don't want to (or can't) increase the minimum client version on your server, you can prevent users from exploiting this vulnerability by revoking the permissions to create channels with descriptions on your server.
    Can you please explain the exact permissions and or how we revoke these?

  9. #9
    Join Date
    April 2015
    Posts
    9

    Help

    Quote Originally Posted by ScP View Post
    We have just released a very important security update for the TeamSpeak 3 Client addressing a RFI (Remote File Inclusion) vulnerability. Please upgrade your desktop clients to version 3.0.18.1 immediately. The update is available for Windows, Linux and OS X. Mobile clients for Android and iOS are not affected by this issue.

    You can use the auto-update feature to grab this new release. If you need an installer, please refer to our Downloads page.

    Here's the full changelog:

    Code:
    === Client Release 3.0.18.1 10 Oct 2015
      ! Hotfix release to fix security vulnerability


    *** IMPORTANT ***
    We strongly recommend that all server providers and admins change the minimum desktop client version for users required to connect to the server. Unfortunately, this will also prevent mobile clients to connect for now. We'll release updates to Google Play and the Apple App Store as soon as possible (see updates below).

    If you don't want to (or can't) increase the minimum client version on your server, you can prevent users from exploiting this vulnerability by revoking the permissions to create channels with descriptions on your server.

    There are two ways to increase the minimum client version:

    1. Update Server Settings via ServerQuery
    Use the following commands via ServerQuery (per default running on TCP port 10011) to do this:

    Code:
    // authenticate with your serveradmin account (generated during initial server start)
    login username password
    
    // change default settings for virtual servers you create in the future
    use 0           
    serveredit virtualserver_min_client_version=1444491275
    
    // repeat this for all existing virtual servers in the TeamSpeak instance
    use port=9987   
    serveredit virtualserver_min_client_version=1444491275
    use port=9988   
    serveredit virtualserver_min_client_version=1444491275
    ...
    No restart is required when you're using ServerQuery to change the settings.

    2. Update Server Settings via SQL
    If you have access to your servers database (SQLite or MySQL) you can use this SQL query to update all virtual servers at once:

    Code:
    UPDATE server_properties SET value = '1444491275' WHERE ident = 'virtualserver_min_client_version';
    You need to restart the server afterwards so the settings will be reload.



    We sincerely apologize for any inconvenience caused.



    *** UPDATE 01 ***
    An updated Android client has just been pushed to Google Play and will be available in the next few hours.

    *** UPDATE 02 ***
    The Android client update is now live. In addition to a new build number, it introduces Android 6.0 compatibility.
    Hello, i have a Problem.

    i did all what you wrote and after the restart of my server clients still have other versions ..

    for example:

    Nickname: Ubstiwam Hazard
    Version:3.0.16 on Windows
    Online since:7 minutes 40 seconds

    Nickname: EmPePeC
    Version:3.0.16 on Windows
    Online since:9 minutes 9 seconds

    Nickname: JohnRandom
    Version:3.0.17 on Windows
    Online since:8 minutes 37 seconds

    Nickname: Mroczek
    Version:3.0.16 on Windows
    Online since:9 minutes 27 seconds

    Nickname: Opos
    Version:3.0.17 on Windows
    Online since:9 minutes 35 seconds

    Nickname: ShayBecK.Biceps
    Version:3.0.18 on Windows
    Online since:9 minutes 51 seconds


    or even me from my ios iphone

    Nickname: ♣ аиoиyмουs ♣1
    Version:3.0.18 on iOS
    Online since:2 minutes 25 seconds

    please help me.

  10. #10
    Join Date
    October 2003
    Location
    Germany
    Posts
    2,370
    Quote Originally Posted by comander View Post
    Hello, i have a Problem.

    i did all what you wrote and after the restart of my server clients still have other versions ..

    ...

    please help me.
    As far as I know, YaTQA - a third party TS3 administration utility - allows you to set the minimum version for all virtual servers at once:

    http://addons.teamspeak.com/director...-(German).html

  11. #11
    Join Date
    April 2015
    Posts
    9
    Quote Originally Posted by ScP View Post
    As far as I know, YaTQA - a third party TS3 administration utility - allows you to set the minimum version for all virtual servers at once:

    http://addons.teamspeak.com/director...-(German).html
    Yes that helped! with YaTQA you can set up the minimum version for all virtual servers at once

    for people who don't want to do it with the Query Inside, look at the Screenshot:

    Click image for larger version. 

Name:	serv.PNG 
Views:	435 
Size:	86.6 KB 
ID:	13017

    Quote Originally Posted by mr-brown View Post
    A good site for someone you is not good in english:
    Explains the Update very well!

    http://www.ostek.de/wordpress/?p=82
    i think you mean someone else? because i understand english very well.

  12. #12
    Join Date
    October 2003
    Location
    Germany
    Posts
    2,370
    Another small update...

    I've been contacted by two people with infected systems. Both had a variant of Troj/Agent-ACIA sitting in their ProgramData directory.

    https://www.sophos.com/en-us/threat-...gent-ACIA.aspx

    To check if you're infected, check if there are any AutoIt scripts (*.au3), Visual Basic scripts (*.vbs) or suspicious executables (*.exe) in C:\ProgramData and have a look at running processes.

    Here's a list of some files you don't want to find:

    Code:
    Name         | SHA1 Checksum
    <random>.au3 | b648d925d56404c325ae3f328cdd5dcc024b9077
    <random>.exe | cae4e8c730de5a01d30aabeb3e5cb2136090ed8d
    abc.exe      | 5e6b86477ee431115ad125231606910a7fe83957
    mario.vbs    | 7bb1a4beebe6c0f4dce3f6b4734adb64bbfe167b
    In addition, if a script kiddie has tried to exploit the vulnerability in your TeamSpeak 3 Client, there's probably a file called ts3.bat in your Autostart directory. If you see this file, delete it immediately before it can unleash its evil magic...

  13. #13
    Join Date
    February 2014
    Posts
    90
    Quote Originally Posted by ScP View Post
    Another small update...

    I've been contacted by two people with infected systems. Both had a variant of Troj/Agent-ACIA sitting in their ProgramData directory.

    https://www.sophos.com/en-us/threat-...gent-ACIA.aspx

    To check if you're infected, check if there are any AutoIt scripts (*.au3), Visual Basic scripts (*.vbs) or suspicious executables (*.exe) in C:\ProgramData and have a look at running processes.

    Here's a list of some files you don't want to find:

    Code:
    Name         | SHA1 Checksum
    <random>.au3 | b648d925d56404c325ae3f328cdd5dcc024b9077
    <random>.exe | cae4e8c730de5a01d30aabeb3e5cb2136090ed8d
    abc.exe      | 5e6b86477ee431115ad125231606910a7fe83957
    mario.vbs    | 7bb1a4beebe6c0f4dce3f6b4734adb64bbfe167b
    In addition, if a script kiddie has tried to exploit the vulnerability in your TeamSpeak 3 Client, there's probably a file called ts3.bat in your Autostart directory. If you see this file, delete it immediately before it can unleash its evil magic...
    Just some more info, if you were running Malwarebytes when starting your PC if you had ts3.bat it would prevent the .exe from getting downloaded. You'll then only have the .vbs and .bat to clear. The .exe & .au3 would not be present. It's likely that some other anti-virus software would have prevented this too.

  14. #14
    Join Date
    October 2015
    Location
    Bonn
    Posts
    1

    Short question on the value for virtualserver_min_client_version

    Quote Originally Posted by ScP View Post

    ...

    // change default settings for virtual servers you create in the future
    use 0
    serveredit virtualserver_min_client_version=[COLOR=#ff0000]1444491275

    ...
    As the directive virtualserver_min_client_version takes it's value in another notation than the "official" client version numbering used (e.g. 3.0.18.1) - what is the conversion formula, so we can do it on our own? I guess it is the unix timestamp of the build, but I just want to make sure

    UTC : 2015-10-10 15:34:35 +0000 UTC
    Local : 2015-10-10 17:34:35 +0200 CEST
    Unix : 1444491275

    Thanks in advance
    __Thorn__
    Attached Images Attached Images  

  15. #15
    Join Date
    June 2008
    Posts
    14,560
    Yes it is the unix timestamp
    When sending me private messages: Please make sure to include reference link to your forum thread or post.

    TeamSpeak FAQ || What should i report, when i open a client thread? ||NPL (Registration)

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Replies: 0
    Last Post: August 13th, 2015, 05:01 AM
  2. Cannot Update TeamSpeak 3 Client
    By FazzaR in forum Bug Reports [EN/DE]
    Replies: 2
    Last Post: May 24th, 2011, 08:01 AM
  3. TeamSpeak 3 Client Update failing at 59%.
    By rifter in forum Windows
    Replies: 4
    Last Post: May 17th, 2011, 04:24 PM
  4. Replies: 5
    Last Post: October 29th, 2010, 05:53 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •