Re: [suse-security] PHP 4.3.4 vulnerable in rkhunter

From: ReymanX To: SuSE Security List Date: Saturday, March 12, 2005, 6:47:52 AM Subject: [suse-security] PHP 4.3.4 vulnerable in rkhunter Saturday, March 12, 2005, 6:47:52 AM, you wrote:

Hi all,

I just install rkhunter in my system, and when I ran it, it shows that php-4.3.4 in my system is seems to be vulnerable. But when I do yast online update, there' no available update for php. Here's part of my php*rpm in rpm -qa | grep php.

php4-4.3.4-43.22 php4-mysql-4.3.4-43.22 php4-gd-4.3.4-26 php4-mcrypt-4.3.4-26 php4-pear-4.3.4-26

regards,

-- Arie Reynaldi Zanahar reymanx at gmail.com http://www.reynaldi.or.id

Probably, rkhunter doesn't know if you have already patched a vulnerable release.