rkhunter

Michael Schwendt fedora at wir-sind-cool.org
Fri Oct 15 13:36:28 UTC 2004


On Fri, 15 Oct 2004 13:43:25 +0200, François Patte wrote:

> 
> Bonjour,
> 
> who has experienced rkhunter? I have just installed it and tried and everything
> seems ok on my machine, expect these warning messages:
> 
> * Application version scan
>    - GnuPG 1.2.3                                              [ Vulnerable ]
>    - Apache 2.0.47                                            [ Vulnerable ]
>    - OpenSSL 0.9.7a                                           [ Vulnerable ]
>    - PHP 4.3.3                                                [ Vulnerable ]
>    - OpenSSH 3.6.1p2                                          [ Vulnerable ]

> Are fedoralegacy mirrors not up to date or rkhunter is wrong?

The latter. It makes false assumptions about version numbers and doesn't
know about backported security fixes.

  http://www.redhat.com/advice/speaks_backport.html

The fedora.us package of rkhunter has this check disabled by default.

-- 
Fedora Core release 2 (Tettnang) - Linux 2.6.8-1.541
loadavg: 0.00 0.02 0.07




More information about the fedora-list mailing list