Selon Alexander Dalloz <alexander.dalloz@xxxxxxxxxxxxxxxx>: > Am Fr, den 15.10.2004 schrieb François Patte um 19:46: > > > > > * Application version scan > > > > - GnuPG 1.2.3 [ > Vulnerable > > > ] > > > > - Apache 2.0.47 [ > Vulnerable > > > ] > > > > - OpenSSL 0.9.7a [ > Vulnerable > > > ] > > > > - PHP 4.3.3 [ > Vulnerable > > > ] > > > > - OpenSSH 3.6.1p2 [ > Vulnerable > > > ] > > > > http://mirrors.ircam.fr/pub/fedoralegacy/legacy/fedora/1/updates/i386/gnupg-1.2.3-2.i386.rpm > > > > > > http://mirrors.ircam.fr/pub/fedoralegacy/legacy/fedora/1/updates/i386/httpd-2.0.51-1.4.legacy.i386.rpm > > > > > > http://mirrors.ircam.fr/pub/fedoralegacy/legacy/fedora/1/updates/i386/openssl-0.9.7a-33.10.i386.rpm > > > > > > http://mirrors.ircam.fr/pub/fedoralegacy/legacy/fedora/1/updates/i386/php-4.3.8-1.1.i386.rpm > > > Something is wrong in rkhunter: > > > > rpm -q gnupg > > gnupg-1.2.3-2 > > > > rpm -q httpd > > le paquetage httpd n'est pas installé > > > > rpm -q openssl > > openssl-0.9.7a-33.10 > > > > rpm -q php > > le paquetage php n'est pas installé > > > > rpm -q openssh > > openssh-3.6.1p2-19 > > > François Patte > > Yes, that is indeed curious. You really checked the same system? How > should rkhunter detect the initial Apache2 version of FC1 > > http://mirrors.ircam.fr/pub/fedoralegacy/legacy/fedora/1/os/i386/httpd-2.0.47-10.i386.rpm > > if this package isn't even installed. Along with the the detected PHP > version > > http://mirrors.ircam.fr/pub/fedoralegacy/legacy/fedora/1/os/i386/php-4.3.3-6.i386.rpm > No, these package haven't been installed: it is a very minimal system only used to be an interface beetween a private network and the internet! -- François Patte Ecole française d'Extrême-Orient - Pune - Inde Université René Descartes - Paris 5 UFR de mathématiques et informatique http://www.math-info.univ-paris5.fr/~patte
