update OpenSSL 0.9.7e and OpenSSH 3.6.1?

bigboy

Verified User
Joined
Nov 25, 2005
Messages
231
Location
USA
I need update OpenSSL 0.9.7e and OpenSSH 3.6.1 on freeBSD 5.4 ? OpenSSL 0.9.7e and OpenSSH 3.6.1 Vulnerable
how to update package OpenSSL 0.9.7e and
OpenSSH 3.6.1 Please...

#rkhunter -c



* Application version scan
- Exim MTA 4.53 [ OK ]
- Apache 1.3.34 [ OK ]
- Bind DNS 9.3.1 [ OK ]
- OpenSSL 0.9.7e [ Vulnerable ]
- PHP 4.4.2 [ OK ]
- ProFTPd 1.2.10 [ OK ]
- OpenSSH 3.8.1p1 [ OK ]
- OpenSSH 3.6.1 [ Vulnerable]
 
portaudit does not recognize this OpenSSL vulnerability.

It recognizes a minor proftpd bug and a per-webmin-usermin bug :

Affected package: perl-5.8.6_2
Type of problem: perl, webmin, usermin -- perl format string integer wrap vulnerability.
Reference: <http://www.FreeBSD.org/ports/portaudit/bb33981a-7ac6-11da-bf72-00123f589060.html>

Affected package: proftpd-1.2.10
Type of problem: proftpd -- format string vulnerabilities.
Reference: <http://www.FreeBSD.org/ports/portaudit/c28f4705-043f-11da-bc08-0001020eed82.html>

2 problem(s) in your installed packages found.

You also seem to have 2 versions of OpenSSH in your list , what is the purpose of that ?
 
He probably installed the ssh port so the 2nd version will be the base version.
 
Back
Top