PT-2005-2617 · Ignition · Ignitionserver

Publicado

2005-05-17

Atualizado

2008-09-05

CVE-2005-1640

CVSS v2.0

7.5

Alta

Vetor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions The Ignition Project ignitionServer versions 0.3.0 through 0.3.6

Description The issue concerns a problem with verifying owner privileges for deleting IRC channel access entries. This allows remote attackers to bypass intended restrictions.

Recommendations For versions 0.3.0 through 0.3.6, consider restricting access to the mod channel.bas module to minimize the risk of exploitation until a proper fix is applied.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2005-1640

Produtos afetados

Ignitionserver

PT-2005-2617 · Ignition · Ignitionserver

CVE-2005-1640

Identificadores relacionados

Produtos afetados

Referências · 3