CVE-2010-3383

NameCVE-2010-3383
DescriptionThe (1) teamspeak and (2) teamspeak-server scripts in TeamSpeak 2.0.32 place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
Debian Bugs598304, 598305

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
teamspeak-clientsource(unstable)2.0.32-3.1low598304
teamspeak-serversource(unstable)2.0.24.1+debian-1.1low598305

Notes

[lenny] - teamspeak-client <no-dsa> (Non-free not supported)
[lenny] - teamspeak-server <no-dsa> (Non-free not supported)

Search for package or bug name: Reporting problems