rkhunter

François Patte Francois.Patte at math-info.univ-paris5.fr
Fri Oct 15 18:48:35 UTC 2004


Selon Alexander Dalloz <alexander.dalloz at uni-bielefeld.de>:

> Am Fr, den 15.10.2004 schrieb François Patte um 19:46:
>
> > > > * Application version scan
> > > >    - GnuPG 1.2.3                                              [
> Vulnerable
> > > ]
> > > >    - Apache 2.0.47                                            [
> Vulnerable
> > > ]
> > > >    - OpenSSL 0.9.7a                                           [
> Vulnerable
> > > ]
> > > >    - PHP 4.3.3                                                [
> Vulnerable
> > > ]
> > > >    - OpenSSH 3.6.1p2                                          [
> Vulnerable
> > > ]
>
> >
>
http://mirrors.ircam.fr/pub/fedoralegacy/legacy/fedora/1/updates/i386/gnupg-1.2.3-2.i386.rpm
> > >
> >
>
http://mirrors.ircam.fr/pub/fedoralegacy/legacy/fedora/1/updates/i386/httpd-2.0.51-1.4.legacy.i386.rpm
> > >
> >
>
http://mirrors.ircam.fr/pub/fedoralegacy/legacy/fedora/1/updates/i386/openssl-0.9.7a-33.10.i386.rpm
> > >
> >
>
http://mirrors.ircam.fr/pub/fedoralegacy/legacy/fedora/1/updates/i386/php-4.3.8-1.1.i386.rpm
>
> > Something is wrong in rkhunter:
> >
> > rpm -q gnupg
> > gnupg-1.2.3-2
> >
> > rpm -q httpd
> > le paquetage httpd n'est pas installé
> >
> > rpm -q openssl
> > openssl-0.9.7a-33.10
> >
> > rpm -q php
> > le paquetage php n'est pas installé
> >
> > rpm -q openssh
> > openssh-3.6.1p2-19
>
> > François Patte
>
> Yes, that is indeed curious. You really checked the same system? How
> should rkhunter detect the initial Apache2 version of FC1
>
>
http://mirrors.ircam.fr/pub/fedoralegacy/legacy/fedora/1/os/i386/httpd-2.0.47-10.i386.rpm
>
> if this package isn't even installed. Along with the the detected PHP
> version
>
>
http://mirrors.ircam.fr/pub/fedoralegacy/legacy/fedora/1/os/i386/php-4.3.3-6.i386.rpm
>

No, these package haven't been installed: it is a very minimal system only used
to be an interface beetween a private network and the internet!

--
François Patte

Ecole française d'Extrême-Orient - Pune - Inde
Université René Descartes - Paris 5
UFR de mathématiques et informatique
http://www.math-info.univ-paris5.fr/~patte




More information about the fedora-list mailing list