Vulnerabilities > CVE-1999-1071 - Unspecified vulnerability in Excite EWS 1.1

CVSS 7.2 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

local

low complexity

excite

NVD

Published: 1998-11-30

Updated: 2017-12-19

Summary

Excite for Web Servers (EWS) 1.1 installs the Architext.conf authentication file with world-writeable permissions, which allows local users to gain access to Excite accounts by modifying the file.

Vulnerable Configurations

Part	Description	Count
Application	Excite Excite EWS 1.1	1

References

http://marc.info/?l=bugtraq&m=91248445931140&w=2
https://exchange.xforce.ibmcloud.com/vulnerabilities/1417