CVE-2005-1640 Information

Description

mod_channel.bas in The Ignition Project ignitionServer 0.3.0 to 0.3.6 and possibly earlier versions does not properly verify whether a host has the owner privileges required to delete IRC channel access entries which allows remote attackers to bypass intended restrictions.

Reference

http://secunia.com/advisories/15388 http://www.ignition-project.com/security/20050414-hosts-delete-owner-access-entries