CVE-1999-1072
Summary
Excite for Web Servers (EWS) 1.1 allows local users to gain privileges by obtaining the encrypted password from the world-readable Architext.conf authentication file and replaying the encrypted password in an HTTP request to AT-generated.cgi or AT-admin.cgi.
- LOW
- LOCAL
- NONE
- COMPLETE
- COMPLETE
- COMPLETE
References
Advisory Timeline
- Published