PT-1998-1141 · Excite · Excite For Web Servers

Published

1998-11-30

Updated

2017-12-19

CVE-1999-1071

CVSS v2.0

7.2

High

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Excite for Web Servers (EWS) version 1.1

Description The issue allows local users to gain access to Excite accounts by modifying the Architext.conf authentication file, which is installed with world-writeable permissions.

Recommendations For Excite for Web Servers (EWS) version 1.1, change the permissions of the Architext.conf file to prevent world-writeable access.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-1999-1071

Affected Products

Excite For Web Servers

PT-1998-1141 · Excite · Excite For Web Servers

CVE-1999-1071

Related Identifiers

Affected Products

References · 3