Forum Thread: TeamViewer Denial of Service Vulnerability

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
Vulnerabilities

See the original Secunia advisory:
TeamViewer Denial of Service Vulnerability

Secunia TeamViewer Denial of Service Vulnerability
Secunia Official 22nd May, 2010 13:51
Ranking: 0
Posts: 0
User Since: -
System Score: -
Location: Copenhagen, DK
fl0 fl0w has discovered a vulnerability in TeamViewer, which can be exploited by malicious people to cause a DoS (Denial of Service).

The vulnerability is caused due to an error in the connection handling, which can be exploited to render a system unresponsive and cause a crash of the application by sending a large amount of specially crafted data to port 5938/TCP.

The vulnerability is confirmed in version 5.0.8232. Other versions may also be affected.

This user no longer exists RE: TeamViewer Denial of Service Vulnerability
Member 22nd May, 2010 13:51
Last edited on 22nd May, 2010 13:51 this bug was found by Luigi Auriemma in February 2009
http://aluigi.altervista.org/poc/teamvieweird.zip
Was this reply relevant?
+1
-0

Leendert Kip

TeamViewer Denial of Service Vulnerability
[+]
This reply has been minimised due to a negative Relevancy Score.

This user no longer exists

RE: TeamViewer Denial of Service Vulnerability
[+]
This reply has been minimised due to a negative Relevancy Score.

Leendert Kip

TeamViewer Denial of Service Vulnerability
[+]
This reply has been minimised due to a negative Relevancy Score.
jgrimmster RE: TeamViewer Denial of Service Vulnerability
Member 24th Jun, 2010 19:22
Score: 2
Posts: 1
User Since: 24th Jun 2010
System Score: N/A
Location: US
Per TeamViewer support this vulnerability has been patched in v5.0.8539.
Was this reply relevant?
+2
-0
ELBE RE: TeamViewer Denial of Service Vulnerability
Member 2nd Jul, 2010 08:01
Score: 4
Posts: 11
User Since: 20th Jul 2009
System Score: N/A
Location: DE
Last edited on 2nd Jul, 2010 08:01
new v5.0.8625 has been released
Was this reply relevant?
+2
-0
opherko RE: TeamViewer Denial of Service Vulnerability
Member 31st Jul, 2010 16:58
Score: 3
Posts: 2
User Since: 31st Jul 2010
System Score: N/A
Location: US
Last edited on 31st Jul, 2010 16:58
TeamViewer v4.1.8107 is the latest version of the 4.x series (released 3/22/2010) however it still remains unpatched per PSI. Updating to v.5.x for the commercial product can be a significant expense. TeamViewer should patch v.4.x for insecurities instead of trapping customers into paying for a new update to secure their product.
Was this reply relevant?
+1
-0