The do_set_password function in modules/chanserv/set.c in IRC Services before 5.0.60 preserves channel founder privileges across a channel password change (ChanServ SET PASSWORD), which allows remote authenticated users to obtain the new password through automated e-mail, or perform privileged actions without knowing the new password.
References
Configurations
History
No history.
Information
Published : 2007-06-15 01:30
Updated : 2025-04-09 00:30
NVD link : CVE-2007-3246
Mitre link : CVE-2007-3246
CVE.ORG link : CVE-2007-3246
JSON object : View
Products Affected
irc_services
- irc_services
CWE