[原文]The Ignition Project ignitionServer 0.1.2 through 0.1.2-R2 allows remote authenticated users with local IRC operator privileges to obtain global IRC operator privileges by using the unofficial umode command with the +ORD argument.
ignitionServer umode Command Global Operator Privilege Escalation
Local Access Required
Loss of Integrity
ignitionServer contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when a local operator uses an undocumented command to escalate privileges to global operator.
Upgrade to version 0.2.1-BRC1 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.