Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-2553

Overview

Vulnerability Score 6.0 6.0
CVE Id CVE-2004-2553
Last Modified 07 Mar 2011 09:19:01
Published 31 Dec 2004 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication SINGLE_INSTANCE

CVE-2004-2553

Summary

The Ignition Project ignitionServer 0.1.2 through 0.1.2-R2 allows remote authenticated users with local IRC operator privileges to obtain global IRC operator privileges by using the unofficial umode command with the +ORD argument.

Vulnerable Systems

Application

  • The Ignition Project Ignitionserver 0.1.2

  • The Ignition Project Ignitionserver 0.1.2 R1

  • The Ignition Project Ignitionserver 0.1.2 R2


References

BID - 9783

SECTRACK - 1009301

SECUNIA - 11017

XF - ignition-server-gain-privileges(15363)

OSVDB - 4121

MISC - http://sourceforge.net/tracker/index.php?func=detail&aid=891555&group_id=96071&atid=613526

CONFIRM - http://cvs.sourceforge.net/viewcvs.py/ignition/ignitionserver/docs/security/20040302-operator-privilege-escalation.txt?view=markup


Last Updated: 27 May 2016 10:39:32