Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-1999-1072

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-1999-1072
Last Modified 05 Sep 2008 04:18:39
Published 30 Nov 1998 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-1999-1072

Summary

Excite for Web Servers (EWS) 1.1 allows local users to gain privileges by obtaining the encrypted password from the world-readable Architext.conf authentication file and replaying the encrypted password in an HTTP request to AT-generated.cgi or AT-admin.cgi.

Vulnerable Systems

Application

  • Excite Ews 1.1


References

BUGTRAQ - 19981130 Security bugs in Excite for Web Servers 1.1


Last Updated: 27 May 2016 10:35:16