Rootkit Hunter & Cpanel (vulnerable versions of software)

Status
Not open for further replies.

Angel78

Well-Known Member
May 9, 2002
413
1
318
GnuPg 1.2.1,
OpenSSL 0.9.7a
ProFTPd 1.2.9
OpenSSH 3.6.1p2


are shown as vulnerable versions, when rkhunter 1.1.6 is run. Is this true or it's like different versioning system done by RHE 3.0 causes this?
 

chirpy

Well-Known Member
Verifed Vendor
Jun 15, 2002
13,466
31
473
Go on, have a guess
Have a search on the forum, this has already been explained. Rkhunter is wrong in this regard as RH almost always backports security updates.
 

Angel78

Well-Known Member
May 9, 2002
413
1
318
chirpy said:
Have a search on the forum, this has already been explained. Rkhunter is wrong in this regard as RH almost always backports security updates.
ok, thank you, I wasnt 100%. sure

:)

those red letters Vulnerable in SSH scared me :)
 

speckados

Well-Known Member
A bad response.

OpenSSL/0.9.7a IT?S NOT A SECURE VERSION

On Cpanel it's easy send to administrators to:

Configure Apache + PHP + SuEXEC.

Bat that it's correct response.

Vulneravilitie from OpenSSL/0.9.7a it's a Attack Denial Service it's currently used for crackers.

It' very wrong that a major upgrade for OpenSSL it's not patched to easyapache.


:mad: :mad: :mad: :mad: :mad: :mad: :mad: :mad: :mad:
 

speckados

Well-Known Member
Incorrect?

Perphas my english it's bad.

But I'm very angry.

Too much problems with security on cpanel (35 machines), and all see: "It's you rproblem, it's apache and php not suexec , etc..."

Problem it's a poor worry for security on Cpanel systems.

OpenSSL it's wor ng version.

That it's all folks!!!!
 

chirpy

Well-Known Member
Verifed Vendor
Jun 15, 2002
13,466
31
473
Go on, have a guess
No, openssl is not the wrong version - you simply haven't bothered to investigate properly as I have already suggested to you.
 
Status
Not open for further replies.