18 Dec
2012
18 Dec
'12
4:55 p.m.
Terry wrote:
Hello,
We are running CentOS 5.5 on a server that is not reporting any security updates:
<snip>
However, Nexpose, our vulnerability scanner detected otherwise. Upon digging deeper, I noticed that we are on a kernel version that has a known issue fixed in a later version:
[root@server01 ~]# rpm -q kernel kernel-2.6.18-194.el5 kernel-2.6.18-194.8.1.el5
<snip> As someone else just pointed out, current release is 5.8. For that matter, and I'm just pulling this vaguely out of my memory, .el5 with no sub-numbers suggests to me that this has *never* been updated since the install/update to the initial 5.5. This is *NOT* a good idea. There have been many security fixes since then.
mark