1. Home
  2. CVE Database
  3. CVE-1999-1073
HIGH · 7.2

CVE-1999-1073

Excite for Web Servers (EWS) 1.1 records the first two characters of a plaintext password in the beginning of the encrypted password, which makes it easier for an attacker to guess passwords via a bru...

Vulnerability Description

Excite for Web Servers (EWS) 1.1 records the first two characters of a plaintext password in the beginning of the encrypted password, which makes it easier for an attacker to guess passwords via a brute force or dictionary attack.

CVSS Score

7.2

HIGH

AV:L/AC:L/Au:N/C:C/I:C/A:C
Confidentiality
COMPLETE
Integrity
COMPLETE
Availability
COMPLETE

Affected Products

VendorProductVersions
ExciteEws1.1

References

FAQ

What is CVE-1999-1073?

CVE-1999-1073 is a vulnerability with a CVSS score of 7.2 (HIGH). Excite for Web Servers (EWS) 1.1 records the first two characters of a plaintext password in the beginning of the encrypted password, which makes it easier for an attacker to guess passwords via a bru...

How severe is CVE-1999-1073?

CVE-1999-1073 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-1999-1073?

Check the references section above for vendor advisories and patch information. Affected products include: Excite Ews.