CVE-1999-1071

CVSS 2.0 Score 7.2 of 10 (high)

Details

Published Nov 30, 1998
Updated: Nov 20, 2024

Summary

CVE-1999-1071 is a vulnerability affecting Excite for Web Servers (EWS) version 1.1. The issue arises due to the installation of the Architext.conf authentication file with world-writeable permissions. An attacker can exploit this vulnerability by modifying the file locally, allowing unauthorized access to Excite accounts. This flaw poses a significant risk to system security, as it enables local users to gain unintended access to sensitive information. It is crucial for users to update their EWS installation or apply appropriate file permissions to mitigate this vulnerability.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share