SIRCD Server 0.5.2/0.5.3 - Operator Privilege Escalation

EDB-ID:

23396

CVE:





Platform:

Multiple

Date:

2003-11-20


Become a Certified Penetration Tester

Enroll in Penetration Testing with Kali Linux , the course required to become an Offensive Security Certified Professional (OSCP)

GET CERTIFIED

source: https://www.securityfocus.com/bid/9097/info

sircd has been reported prone to a privilege escalation vulnerability. It has been reported that any user logged on to the sircd server, may set their usermode to +o, or operator mode.

An attacker may exploit this condition to hijack IRC channels or impersonate users, these privileges may aid the attacker in further attacks launched against the target server. 

MODE <nick> +o