Ews Security Vulnerabilities and Issues — Ews CVE List

Lucene search

ExciteEws

4 matches found

CVE•added 1999/09/29 4:0 a.m.•54 views

CVE-1999-0279

Excite for Web Servers (EWS) allows remote command execution via shell metacharacters.

7.5CVSS7.3AI score0.01171EPSS

CVE•added 2001/09/12 4:0 a.m.•47 views

CVE-1999-1072

Excite for Web Servers (EWS) 1.1 allows local users to gain privileges by obtaining the encrypted password from the world-readable Architext.conf authentication file and replaying the encrypted password in an HTTP request to AT-generated.cgi or AT-admin.cgi.

7.2CVSS7.1AI score0.00183EPSS

CVE•added 2001/09/12 4:0 a.m.•37 views

CVE-1999-1071

Excite for Web Servers (EWS) 1.1 installs the Architext.conf authentication file with world-writeable permissions, which allows local users to gain access to Excite accounts by modifying the file.

7.2CVSS7.5AI score0.00048EPSS

CVE•added 2001/09/12 4:0 a.m.•29 views

CVE-1999-1073

Excite for Web Servers (EWS) 1.1 records the first two characters of a plaintext password in the beginning of the encrypted password, which makes it easier for an attacker to guess passwords via a brute force or dictionary attack.

7.2CVSS7.3AI score0.00067EPSS