After running vulnerability for one of our RHEL5 server we see the below vulnerabilities detected from the report.
The suggest solution for the version is to upgrade the open ssh package to 4.4 or latest version. But for the RHEl5.9 version we see only 4.3 version package is available in rhn respository.
Could you please let us know whether above CVE ID'are backported in openssh 4.3 current version.
[root@server ~]# rpm -qa | grep openssh
Red Hat Enterprise Linux 5.9
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.