CVE-1999-1072
CVSS 2.0 Score 7.2 of 10 (high)
Details
Published Nov 30, 1998
Updated: Nov 20, 2024
Summary
CVE-1999-1072 is a vulnerability affecting Excite for Web Servers (EWS) version 1.1. This issue grants local users the ability to elevate their privileges by extracting encrypted passwords from the world-readable Architext.conf file. They can then reuse these encrypted passwords to authenticate and access sensitive data through AT-generated.cgi or AT-admin.cgi. This exposure of confidential information allows unauthorized access and potential system compromise.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Vendors
- Excite Japan Co.,Ltd.