Ignition · Ignitionserver · CVE-2004-2553
**Name of the Vulnerable Software and Affected Versions**
The Ignition Project ignitionServer versions 0.1.2 through 0.1.2-R2
**Description**
The issue allows remote authenticated users with local IRC operator privileges to obtain global IRC operator privileges. This is achieved by using the unofficial `umode` command with the `+ORD` argument.
**Recommendations**
For versions 0.1.2 through 0.1.2-R2, consider restricting access to the `umode` command or removing the `+ORD` argument functionality to prevent exploitation until a patch is available.