CVE-2004-2553

The Ignition Project ignitionServer 0.1.2 through 0.1.2-R2 allows remote authenticated users with local IRC operator privileges to obtain global IRC operator privileges by using the unofficial umode command with the +ORD argument.

Published: Dec 31, 2004
Updated: Apr 13, 2023
CVE: CVE-2004-2553
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 6
AV:N/AC:M/Au:S/C:P/I:P/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
the_ignition_project / ignitionserver	0.1.2_r2	0.1.2_r2.x
the_ignition_project / ignitionserver	0.1.2	0.1.2.x
the_ignition_project / ignitionserver	0.1.2_r1	0.1.2_r1.x

http://cvs.sourceforge.net/viewcvs.py/ignition/ignitionserver/docs/security/20040302-operator-privilege-escalation.txt?view=markup
http://secunia.com/advisories/11017
http://securitytracker.com/id?1009301
http://sourceforge.net/tracker/index.php?func=detail&aid=891555&group_id=96071&atid=613526
http://www.osvdb.org/4121
http://www.securityfocus.com/bid/9783
https://exchange.xforce.ibmcloud.com/vulnerabilities/15363

Vulnerability Database

291,049

CVE-2004-2553