Rootkithunter on FC1/FC2

Wed Aug 18 21:14:06 UTC 2004

On Thu, 19 Aug 2004 07:01:54 +1000 (EST), Michael Mansour wrote:

> Hi,
> 
> I've recently installed RootkitHunter on my FC1/2
> machines and am concerned how it finds some vulnerable
> packages.
> 
> A standard run on FC1 produces:
> 
> * Application version scan
>    - GnuPG 1.2.3                                      
>        [ Vulnerable ]

>   - OpenSSH 3.6.1p2                                  
>       [ Vulnerable ]

-snip-

Most likely it just compares the software version numbers and doesn't take
into account any backported security fixes. Check the FC1/2 security
advisories or read the package changelogs (rpm -q --changelog ...).