The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Rootkit Hunter & Cpanel (vulnerable versions of software)

Discussion in 'General Discussion' started by Angel78, Aug 24, 2004.

Thread Status:
Not open for further replies.
  1. Angel78

    Angel78 Well-Known Member

    Joined:
    May 9, 2002
    Messages:
    413
    Likes Received:
    1
    Trophy Points:
    16
    GnuPg 1.2.1,
    OpenSSL 0.9.7a
    ProFTPd 1.2.9
    OpenSSH 3.6.1p2


    are shown as vulnerable versions, when rkhunter 1.1.6 is run. Is this true or it's like different versioning system done by RHE 3.0 causes this?
     
  2. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    Have a search on the forum, this has already been explained. Rkhunter is wrong in this regard as RH almost always backports security updates.
     
  3. Angel78

    Angel78 Well-Known Member

    Joined:
    May 9, 2002
    Messages:
    413
    Likes Received:
    1
    Trophy Points:
    16
    ok, thank you, I wasnt 100%. sure

    :)

    those red letters Vulnerable in SSH scared me :)
     
  4. speckados

    speckados Well-Known Member

    Joined:
    May 21, 2003
    Messages:
    291
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Acequias :: Granada :: España
    cPanel Access Level:
    DataCenter Provider
    Twitter:
    A bad response.

    OpenSSL/0.9.7a IT?S NOT A SECURE VERSION

    On Cpanel it's easy send to administrators to:

    Configure Apache + PHP + SuEXEC.

    Bat that it's correct response.

    Vulneravilitie from OpenSSL/0.9.7a it's a Attack Denial Service it's currently used for crackers.

    It' very wrong that a major upgrade for OpenSSL it's not patched to easyapache.


    :mad: :mad: :mad: :mad: :mad: :mad: :mad: :mad: :mad:
     
  5. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    Nope, you are wrong. If you had done as I advised in my post you wouldn't have made this mistake.
     
  6. speckados

    speckados Well-Known Member

    Joined:
    May 21, 2003
    Messages:
    291
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Acequias :: Granada :: España
    cPanel Access Level:
    DataCenter Provider
    Twitter:
    Incorrect?

    Perphas my english it's bad.

    But I'm very angry.

    Too much problems with security on cpanel (35 machines), and all see: "It's you rproblem, it's apache and php not suexec , etc..."

    Problem it's a poor worry for security on Cpanel systems.

    OpenSSL it's wor ng version.

    That it's all folks!!!!
     
  7. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    No, openssl is not the wrong version - you simply haven't bothered to investigate properly as I have already suggested to you.
     
Thread Status:
Not open for further replies.

Share This Page