There have been a number of security holes in older versions of MT. I think getting to MT 6.3 patch 16 takes care of all I am aware of. Remember, the 6/7.x MT architecture is completely different than the 5.x. Rick _____
From: Action Request System discussion list(ARSList) [mailto:[EMAIL PROTECTED] On Behalf Of Axton Sent: Tuesday, January 16, 2007 3:25 PM To: arslist@ARSLIST.ORG Subject: Re: Remedy Vulnerability ** Enumeration implies a full list of accounts can be retrieved. This individual seems to have a track record of exploit discoveries: http://archives.neohapsis.com/archives/fulldisclosure/2006-11/0547.html http://www.security-express.com/archives/fulldisclosure/2004-09/0189.html <http://www.security-express.com/archives/fulldisclosure/2004-09/0189.html> http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2004-09/0072.ht ml http://www.securitytracker.com/alerts/2004/Feb/1009069.html and on and on... In any case, I've added it to the list on arswiki: http://arswiki.org/wiki/ARS_Vulnerabilities <http://arswiki.org/wiki/ARS_Vulnerabilities> Axton Grams On 1/16/07, David Yearsley <[EMAIL PROTECTED]> wrote: ** One of our security people found this website http://www.securityfocus.com/bid/22066/discuss and is very. We have not been on version 5.01.02 for sometime and I was wondering if this vulnerability has been address in later version? Thanks for any information. __20060125_______________________This posting was submitted with HTML in it___ __20060125_______________________This posting was submitted with HTML in it___ _______________________________________________________________________________ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org ARSlist:"Where the Answers Are"
