Vulnonym.org

CVE-1999-1072 - Eustyle Assmuncher

Description

Excite for Web Servers (EWS) 1.1 allows local users to gain privileges by obtaining the encrypted password from the world-readable Architext.conf authentication file and replaying the encrypted password in an HTTP request to AT-generated.cgi or AT-admin.cgi.

Reference

http://marc.info/?l=bugtraq&m=91248445931140&w=2