RE: Rkhunter : old or patched
Hi
I also use rkhunter and have noticed this. Before I upgraded to rkhunter
1.1.9 I used 1.1.8 and used to get a different message when it does an
application version scan, it used to moan and say that I have vuln
packages when I'm pretty sure I didn't as I ran security
updates/upgrades everyday and still do.
> * Application version scan
> - Bind DNS 8.3.3 [ Old or patched version ]
> - OpenSSL 0.9.6c [ Old or patched version ]
> - OpenSSH 3.4p1 [ Old or patched version ]
After I upgraded to rkhunter 1.1.9 and ran rkhunter --update I got these
messages too, I'm pretty sure its ok.
Cheers
Dave
-----Original Message-----
From: Jacques Lav!gnotte [mailto:jacques@pollux.frmug.org]
Sent: 25 January 2005 11:57 AM
To: debian-security@lists.debian.org
Subject: Rkhunter : old or patched
Hello,
On a 'stable' + security updated machine RkHunter says :
* Application version scan
- Bind DNS 8.3.3 [ Old or patched version ]
- OpenSSL 0.9.6c [ Old or patched version ]
- OpenSSH 3.4p1 [ Old or patched version ]
Does it means 'safe' or not ?
Thanks, Jacques
--
To UNSUBSCRIBE, email to debian-security-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact
listmaster@lists.debian.org
Reply to: