MidnightBSD

Advisories for the_ignition_project

CVE-2004-2431 HIGH

Unknown vulnerability in The Ignition Project ignitionServer 0.1.2 through 0.3.1, with the linking service enabled, allows remote attackers to bypass authentication.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
the_ignition_project ignitionserver 0.2.2_brc2
the_ignition_project ignitionserver 0.2.3_brc3
the_ignition_project ignitionserver 0.3.1_b1
the_ignition_project ignitionserver 0.1.2_r2
the_ignition_project ignitionserver 0.2.1_brc1
the_ignition_project ignitionserver 0.1.2
CVE-2004-2553 MEDIUM

The Ignition Project ignitionServer 0.1.2 through 0.1.2-R2 allows remote authenticated users with local IRC operator privileges to obtain global IRC operator privileges by using the unofficial umode command with the +ORD argument.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
the_ignition_project ignitionserver 0.1.2_r1
the_ignition_project ignitionserver 0.1.2_r2
the_ignition_project ignitionserver 0.1.2
CVE-2005-1640 HIGH

mod_channel.bas in The Ignition Project ignitionServer 0.3.0 to 0.3.6, and possibly earlier versions, does not properly verify whether a host has the owner privileges required to delete IRC channel access entries, which allows remote attackers to bypass intended restrictions.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
the_ignition_project ignitionserver 0.3.6
the_ignition_project ignitionserver 0.3.0
the_ignition_project ignitionserver 0.3.1
the_ignition_project ignitionserver 0.3.5
the_ignition_project ignitionserver 0.3.3
the_ignition_project ignitionserver 0.3.2
the_ignition_project ignitionserver 0.3.4
CVE-2005-1641 LOW

mod_channel in The Ignition Project ignitionServer 0.3.0 to 0.3.6, and possibly earlier versions, does not allow protected operators to access channels that have been locked out by a key, which allows IRC users to cause a denial of service.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
the_ignition_project ignitionserver 0.3.6
the_ignition_project ignitionserver 0.3.0
the_ignition_project ignitionserver 0.3.1
the_ignition_project ignitionserver 0.3.5
the_ignition_project ignitionserver 0.3.3
the_ignition_project ignitionserver 0.3.2
the_ignition_project ignitionserver 0.3.4