Important Security Notice for all versions of MX
Matt Madison
versions of MX V4 and V5, which could allow a malicious user
to execute arbitrary DCL commands with elevated system privileges.
ECO kits have been published for the following MX releases:
Supported releases:
MX V5.3: ftp://ftp.madgoat.com/mx/mx053/ecos/eco02_mx053.zip
MX V5.2: ftp://ftp.madgoat.com/mx/mx052/ecos/eco09_mx052.zip
Releases no longer supported:
MX V5.1A: ftp://ftp.madgoat.com/mx/mx051-a/ecos/mx051-a_eco06.zip
MX V5.1: ftp://ftp.madgoat.com/mx/mx051/ecos/mx051_eco17.zip
MX V4.2 (freeware): ftp://ftp.madgoat.com/mx/mx042/secupd/mx042_secupd.zip
If you are still running an unsupported V5 release, we recommend
upgrading to MX V5.3 and installing the ECO 2 kit for V5.3; upgrades
are covered by your existing MX V5 license at no additional charge.
However, if an updgrade is not possible, the ECO kits listed above
can be used to eliminate the potential vulnerability.
Please note that as always, these ZIP files are in VMS ZIP format
and must be unzipped on a VMS system to create files with the
correct file attributes. A copy of VMS UNZIP is also available
from ftp.madgoat.com.
If you have trouble downloading or installing these updates, or are
running a version of MX that is not listed here, please contact us
at mx-secu...@madgoat.com.
--
Matthew Madison | MadGoat Software | PO Box 556, Santa Cruz, CA 95061 USA
mad...@madgoat.com http://www.madgoat.com