Re: Vulnerability and Patch-Management in Linux (and other Unix)

Rainer, good day.

Thu, Jun 19, 2008 at 02:58:31PM +0200, Rainer Duffner wrote:
But what about CentOS? If you have an array of CentOS servers - how do you
track which vulnerabilities each one has?

Try Pakiti, http://pakiti.sourceforge.net/, it may be of some
interest to the users of RedHat-compatible systems and Ubuntu.
--
Eygene

Relevant Pages

  • [USN-30-1] Linux kernel vulnerabilities
    ... Ubuntu 4.10 ... several vulnerabilities were discovered ranging from out of bounds ... To exploit any of these vulnerabilities, an attacker needs control ... possible buffer overflows for arbitrary code execution in kernel ...
    (Bugtraq)
  • [USN-30-1] Linux kernel vulnerabilities
    ... Ubuntu 4.10 ... several vulnerabilities were discovered ranging from out of bounds ... To exploit any of these vulnerabilities, an attacker needs control ... possible buffer overflows for arbitrary code execution in kernel ...
    (Full-Disclosure)
  • [Full-Disclosure] [USN-30-1] Linux kernel vulnerabilities
    ... Ubuntu 4.10 ... several vulnerabilities were discovered ranging from out of bounds ... To exploit any of these vulnerabilities, an attacker needs control ... possible buffer overflows for arbitrary code execution in kernel ...
    (Full-Disclosure)
  • [Full-disclosure] [USN-288-2] PostgreSQL server/client vulnerabilities
    ... A security issue affects the following Ubuntu releases: ... Ubuntu 6.06 LTS ... USN-288-1 fixed two vulnerabilities in Ubuntu 5.04 and Ubuntu 5.10. ... invalidly-encoded multibyte text data. ...
    (Full-Disclosure)
  • [Full-disclosure] [USN-246-1] imagemagick vulnerabilities
    ... Ubuntu 4.10 ... The following packages are affected: ... file with a specially crafted file name, these two vulnerabilities ... powerpc architecture ...
    (Full-Disclosure)