Atomicorp

Ok I got the following message from rkHunter and need some advice please:

Application advisories
* Application version scan
- GnuPG 1.2.1 [ Old or patched version ]
- Apache 2.0.46 [ Old or patched version ]
- Bind DNS 9.2.4 [ Unknown ]
- OpenSSL 0.9.7a [ Old or patched version ]
- ProFTPd 1.2.9 [ Old or patched version ]

RPM -qa Shows:

gnupg-(none)-1.2.1-10
openssl-(none)-0.9.7a-33.15
psa-proftpd-xinetd-(none)-1.2.9-rhel3.build71050228.12
psa-proftpd-(none)-1.2.9-rhel3.build71050228.12

I'm not finding Bind DNS using the rpm query or Apache.

So, could use some guidance please.

Thanks.

i believe apache rpm is called httpd

And bind DNS is called named

Here is the apache info, named did't come up.. ?!?

httpd-(none)-2.0.46-46.highfd.rhel3.art
redhat-config-httpd-5-1.1.0-4
httpd-(none)-2.0.46-46.2.ent.centos.1

bind should be called bind, heres what it looks like on mine:

[root@3es root]# rpm -qa |grep bind
bind-9.2.4-5_EL3
bind-utils-9.2.4-7_EL3
bind-9.2.4-7_EL3

Ok here is my bind list:

[root@gz root]# rpm -qa |grep bind
redhat-config-bind-(none)-2.0.0-14.2
bind-20-9.2.4-5_EL3
bind-libs-20-9.2.4-5_EL3
bind-libs-10-9.2.4-EL3_10
bind-10-9.2.4-EL3_10
ypbind-3-1.12-5
bind-utils-20-9.2.4-5_EL3
ypbind-3-1.12-5.21.1
redhat-config-bind-(none)-2.0.0-14.2.centos.0
bind-utils-10-9.2.4-EL3_10

So, with RK hunter flagging these programs what do I need to fix to ensure that they are secure? when I yum update "program" I get there are no updates for it, so should I assume I'm ok?

I'm pretty much running only art's channels for yum.

Thanks. This is helping educate me.

In this case Id say thats a false positive with rkhunter then, a lot of times red hat will backport fixes from newer versions of an app, and not change the version numbers.

Ok, with running RHE3, PSA 7.1.x, do I need all the bind apps?

Thanks for your assistance.