RSS   Podatności dla 'EWS'   RSS

1998-11-30
 
CVE-1999-1073

 

 
Excite for Web Servers (EWS) 1.1 records the first two characters of a plaintext password in the beginning of the encrypted password, which makes it easier for an attacker to guess passwords via a brute force or dictionary attack.

 
 
CVE-1999-1072

 

 
Excite for Web Servers (EWS) 1.1 allows local users to gain privileges by obtaining the encrypted password from the world-readable Architext.conf authentication file and replaying the encrypted password in an HTTP request to AT-generated.cgi or AT-admin.cgi.

 
 
CVE-1999-1071

CWE-Other
 

 
Excite for Web Servers (EWS) 1.1 installs the Architext.conf authentication file with world-writeable permissions, which allows local users to gain access to Excite accounts by modifying the file.

 
1998-01-01
 
CVE-1999-0279

 

 
Excite for Web Servers (EWS) allows remote command execution via shell metacharacters.

 


Copyright 2024, cxsecurity.com

 

Back to Top