Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Rootkit Hunter & Cpanel (vulnerable versions of software)

Discussion in 'General Discussion' started by Angel78, Aug 24, 2004.

Thread Status:
Not open for further replies.
  1. Angel78

    Angel78 Well-Known Member

    Joined:
    May 9, 2002
    Messages:
    413
    Likes Received:
    1
    Trophy Points:
    318
    GnuPg 1.2.1,
    OpenSSL 0.9.7a
    ProFTPd 1.2.9
    OpenSSH 3.6.1p2


    are shown as vulnerable versions, when rkhunter 1.1.6 is run. Is this true or it's like different versioning system done by RHE 3.0 causes this?
     
  2. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,460
    Likes Received:
    21
    Trophy Points:
    463
    Location:
    Go on, have a guess
    Have a search on the forum, this has already been explained. Rkhunter is wrong in this regard as RH almost always backports security updates.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. Angel78

    Angel78 Well-Known Member

    Joined:
    May 9, 2002
    Messages:
    413
    Likes Received:
    1
    Trophy Points:
    318
    ok, thank you, I wasnt 100%. sure

    :)

    those red letters Vulnerable in SSH scared me :)
     
  4. speckados

    speckados Well-Known Member

    Joined:
    May 21, 2003
    Messages:
    320
    Likes Received:
    1
    Trophy Points:
    168
    Location:
    Pastrana :: Guadalajara :: España
    cPanel Access Level:
    DataCenter Provider
    Twitter:
    A bad response.

    OpenSSL/0.9.7a IT?S NOT A SECURE VERSION

    On Cpanel it's easy send to administrators to:

    Configure Apache + PHP + SuEXEC.

    Bat that it's correct response.

    Vulneravilitie from OpenSSL/0.9.7a it's a Attack Denial Service it's currently used for crackers.

    It' very wrong that a major upgrade for OpenSSL it's not patched to easyapache.


    :mad: :mad: :mad: :mad: :mad: :mad: :mad: :mad: :mad:
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,460
    Likes Received:
    21
    Trophy Points:
    463
    Location:
    Go on, have a guess
    Nope, you are wrong. If you had done as I advised in my post you wouldn't have made this mistake.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  6. speckados

    speckados Well-Known Member

    Joined:
    May 21, 2003
    Messages:
    320
    Likes Received:
    1
    Trophy Points:
    168
    Location:
    Pastrana :: Guadalajara :: España
    cPanel Access Level:
    DataCenter Provider
    Twitter:
    Incorrect?

    Perphas my english it's bad.

    But I'm very angry.

    Too much problems with security on cpanel (35 machines), and all see: "It's you rproblem, it's apache and php not suexec , etc..."

    Problem it's a poor worry for security on Cpanel systems.

    OpenSSL it's wor ng version.

    That it's all folks!!!!
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  7. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,460
    Likes Received:
    21
    Trophy Points:
    463
    Location:
    Go on, have a guess
    No, openssl is not the wrong version - you simply haven't bothered to investigate properly as I have already suggested to you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...
Thread Status:
Not open for further replies.

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice