CVE-1999-1073

Name of the Vulnerable Software and Affected Versions Excite for Web Servers (EWS) version 1.1

Description The issue allows an attacker to more easily guess passwords via brute force or dictionary attacks because the first two characters of a plaintext password are recorded in the beginning of the encrypted password.

Recommendations For Excite for Web Servers (EWS) version 1.1, consider changing passwords to strong, unique ones and restricting access to sensitive areas of the web server until a fix is available. As a temporary workaround, restrict the use of weak passwords and monitor for suspicious login attempts. At the moment, there is no information about a newer version that contains a fix for this vulnerability.