Описание
The do_set_password function in modules/chanserv/set.c in IRC Services before 5.0.60 preserves channel founder privileges across a channel password change (ChanServ SET PASSWORD), which allows remote authenticated users to obtain the new password through automated e-mail, or perform privileged actions without knowing the new password.
Ссылки
- Patch
- Patch
Уязвимые конфигурации
Конфигурация 1Версия до 5.0.60 (включая)
cpe:2.3:a:irc_services:irc_services:*:*:*:*:*:*:*:*
EPSS
Процентиль: 68%
0.00566
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
The do_set_password function in modules/chanserv/set.c in IRC Services before 5.0.60 preserves channel founder privileges across a channel password change (ChanServ SET PASSWORD), which allows remote authenticated users to obtain the new password through automated e-mail, or perform privileged actions without knowing the new password.
EPSS
Процентиль: 68%
0.00566
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other