I am currently running a production server on an Ubuntu 7.10 server. I make sure that the server automatically updates all security related areas, and I periodically do manual aptitude safe-upgrades. However, I ran an automated N-Stalker pen-test, and got back several "critical" issues relating to old versions of apache2, php5, etc. Is this just an artifact of using the standard Ubuntu distributions of php5 and apache2, or are there real security threats if I am not on an LTS version such as 8.04?
Bookmarks