rkhunter
François Patte
Francois.Patte at math-info.univ-paris5.fr
Fri Oct 15 17:46:44 UTC 2004
Selon Alexander Dalloz <alexander.dalloz at uni-bielefeld.de>:
> Am Fr, den 15.10.2004 schrieb François Patte um 13:43:
>
> > * Application version scan
> > - GnuPG 1.2.3 [ Vulnerable
> ]
> > - Apache 2.0.47 [ Vulnerable
> ]
> > - OpenSSL 0.9.7a [ Vulnerable
> ]
> > - PHP 4.3.3 [ Vulnerable
> ]
> > - OpenSSH 3.6.1p2 [ Vulnerable
> ]
> >
> > I'm running fc1 and tried to update these soft but yum answer is that
> everything
> > in installed in the latest version...
> >
> > Are fedoralegacy mirrors not up to date or rkhunter is wrong?
>
> The mirrors are up to date. Besides the nonsense which rkhunter reports
> - a tool which only checks version numbers is crap - there are updates:
>
>
http://mirrors.ircam.fr/pub/fedoralegacy/legacy/fedora/1/updates/i386/gnupg-1.2.3-2.i386.rpm
>
http://mirrors.ircam.fr/pub/fedoralegacy/legacy/fedora/1/updates/i386/httpd-2.0.51-1.4.legacy.i386.rpm
>
http://mirrors.ircam.fr/pub/fedoralegacy/legacy/fedora/1/updates/i386/openssl-0.9.7a-33.10.i386.rpm
>
http://mirrors.ircam.fr/pub/fedoralegacy/legacy/fedora/1/updates/i386/php-4.3.8-1.1.i386.rpm
>
> You didn't even made it in the time when Redhat provided security
> updates to keep your FC1 up2date. Think about it.
Something is wrong in rkhunter:
rpm -q gnupg
gnupg-1.2.3-2
rpm -q httpd
le paquetage httpd n'est pas installé
rpm -q openssl
openssl-0.9.7a-33.10
rpm -q php
le paquetage php n'est pas installé
rpm -q openssh
openssh-3.6.1p2-19
who knows!
--
François Patte
Ecole française d'Extrême-Orient - Pune - Inde
Université René Descartes - Paris 5
UFR de mathématiques et informatique
http://www.math-info.univ-paris5.fr/~patte
More information about the fedora-list
mailing list