CVE-2004-2553
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:P/I:P/A:P
AI Score
Confidence
Low
EPSS
Percentile
71.5%
The Ignition Project ignitionServer 0.1.2 through 0.1.2-R2 allows remote authenticated users with local IRC operator privileges to obtain global IRC operator privileges by using the unofficial umode command with the +ORD argument.
Affected configurations
| Vendor | Product | Version | CPE |
|---|---|---|---|
| the_ignition_project | ignitionserver | 0.1.2 | cpe:2.3:a:the_ignition_project:ignitionserver:0.1.2:*:*:*:*:*:*:* |
| the_ignition_project | ignitionserver | 0.1.2_r1 | cpe:2.3:a:the_ignition_project:ignitionserver:0.1.2_r1:*:*:*:*:*:*:* |
| the_ignition_project | ignitionserver | 0.1.2_r2 | cpe:2.3:a:the_ignition_project:ignitionserver:0.1.2_r2:*:*:*:*:*:*:* |
References
cvs.sourceforge.net/viewcvs.py/ignition/ignitionserver/docs/security/20040302-operator-privilege-escalation.txt?view=markup
secunia.com/advisories/11017
securitytracker.com/id?1009301
sourceforge.net/tracker/index.php?func=detail&aid=891555&group_id=96071&atid=613526
www.osvdb.org/4121
www.securityfocus.com/bid/9783
exchange.xforce.ibmcloud.com/vulnerabilities/15363
Related
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:P/I:P/A:P
AI Score
Confidence
Low
EPSS
Percentile
71.5%