1. Home
  2. CVE Database
  3. CVE-1999-1072
HIGH · 7.2

CVE-1999-1072

Excite for Web Servers (EWS) 1.1 allows local users to gain privileges by obtaining the encrypted password from the world-readable Architext.conf authentication file and replaying the encrypted passwo...

Vulnerability Description

Excite for Web Servers (EWS) 1.1 allows local users to gain privileges by obtaining the encrypted password from the world-readable Architext.conf authentication file and replaying the encrypted password in an HTTP request to AT-generated.cgi or AT-admin.cgi.

CVSS Score

7.2

HIGH

AV:L/AC:L/Au:N/C:C/I:C/A:C
Confidentiality
COMPLETE
Integrity
COMPLETE
Availability
COMPLETE

Affected Products

VendorProductVersions
ExciteEws1.1

References

FAQ

What is CVE-1999-1072?

CVE-1999-1072 is a vulnerability with a CVSS score of 7.2 (HIGH). Excite for Web Servers (EWS) 1.1 allows local users to gain privileges by obtaining the encrypted password from the world-readable Architext.conf authentication file and replaying the encrypted passwo...

How severe is CVE-1999-1072?

CVE-1999-1072 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-1999-1072?

Check the references section above for vendor advisories and patch information. Affected products include: Excite Ews.