PT-1998-1142 · Excite · Excite For Web Servers

Published

1998-11-30

Updated

2016-10-18

CVE-1999-1072

CVSS v2.0

7.2

High

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Excite for Web Servers (EWS) version 1.1

Description The issue allows local users to gain privileges by obtaining the encrypted password from the world-readable Architext.conf authentication file and replaying the encrypted password in an HTTP request to "AT-generated.cgi" or "AT-admin.cgi" endpoints, using the password variable.

Recommendations For Excite for Web Servers (EWS) version 1.1, consider restricting access to the Architext.conf file to prevent local users from obtaining the encrypted password, and limit access to the "AT-generated.cgi" and "AT-admin.cgi" endpoints to minimize the risk of exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-1999-1072

Affected Products

Excite For Web Servers

PT-1998-1142 · Excite · Excite For Web Servers

CVE-1999-1072

Related Identifiers

Affected Products

References · 2