Rootkithunter on FC1/FC2

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi,

I've recently installed RootkitHunter on my FC1/2
machines and am concerned how it finds some vulnerable
packages.

A standard run on FC1 produces:

* Application version scan
   - GnuPG 1.2.3                                      
       [ Vulnerable ]
   - Apache 2.0.50                                    
       [ OK ]
   - Bind DNS [unknown]                               
       [ OK ]
   - OpenSSL 0.9.7a                                   
       [ Vulnerable ]
   - PHP 4.3.8                                        
       [ OK ]
   - Procmail MTA 3.22                                
       [ OK ]
   - OpenSSH 3.6.1p2                                  
       [ Vulnerable ]

A standard run on FC2 produces:

* Application version scan
   - GnuPG 1.2.4                                      
       [ OK ]
   - Apache 2.0.50                                    
       [ OK ]
   - Bind DNS [unknown]                               
       [ OK ]
   - OpenSSL 0.9.7a                                   
       [ Vulnerable ]
   - PHP 4.3.8                                        
       [ OK ]
   - Procmail MTA 3.22                                
       [ OK ]
   - OpenSSH 3.6.1p2                                  
       [ Vulnerable ]

RKhunter doesn't say what vulnerabilities exist in
these packages, but since they do have vulnerabilities
why don't Fedora patch these?

Michael.


Find local movie times and trailers on Yahoo! Movies.
http://au.movies.yahoo.com
[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux