 www.centos.org Forum Index CentOS 6 - Security Support  Workstations remotely vulnerable, servers exposed to DOS attacks
|
 Bottom  Previous Topic  Next Topic |
|
|
|
|---|
Topic options
Flat
Newest First| Poster | Thread |
|---|
|
Workstations remotely vulnerable, servers exposed to DOS attacks | #1 |
|
|---|---|---|---|
|
Jr Board Member
 
Joined: 2011/3/29
From Slovenia
Posts: 43
|
I don't see any special warnings on the CentOS web page or in the forum so I thought I'd post this here for the sake of the less experienced users.
I hope everybody is aware that CentOS 6.0 is not receiving any security updates. The situation is ongoing ever since RHEL 6.1 came out, May 19, 2011. This ie. leaves all C6 workstations which use stock Firefox 3.6.x open to several remote vulnerabilities, leading to Firefox crash or arbitrary code execution. Upstream security advisory here, published 2011-06-21 and here, published 2011-08-16. And as of yestarday, all C6 servers running Apache aren't getting a crucial security fix. Latest Apache available in C6 is vulnerable to a DOS attack, an attack tool is circulating in the wild. Upstream security advisory here, published 2011-08-31. Just a head's up to everybody. In my opinion, CentOS 6.0 without custom updates should not be used in any kind of live environment at the moment. Act now if you haven't already. |
||
Posted on: 2011/9/1 20:59
  |
 |
||
lightdot
 Top Previous Topic Next Topic |
 |
|
You cannot start a new topic.