Enumeration implies a full list of accounts can be retrieved.
This individual seems to have a track record of exploit discoveries: http://archives.neohapsis.com/archives/fulldisclosure/2006-11/0547.html http://www.security-express.com/archives/fulldisclosure/2004-09/0189.html http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2004-09/0072.html http://www.securitytracker.com/alerts/2004/Feb/1009069.html and on and on... In any case, I've added it to the list on arswiki: http://arswiki.org/wiki/ARS_Vulnerabilities Axton Grams On 1/16/07, David Yearsley <[EMAIL PROTECTED]> wrote:
** One of our security people found this website http://www.securityfocus.com/bid/22066/discuss and is very. We have not been on version 5.01.02 for sometime and I was wondering if this vulnerability has been address in later version? Thanks for any information. __20060125_______________________This posting was submitted with HTML in it___
_______________________________________________________________________________ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org ARSlist:"Where the Answers Are"
