Vulnerability Scanning & Backported Security Fixes
Overview
Virtually all network-based security auditing services (Hacker Safe, Control Scan, etc.) and some vulnerability scanning tools work by detecting the version numbers of the software being run on your server. Those version numbers are then queried against a database of known, security vulnerabilities.
(mt) Media Temple, like many other hosting providers, applies back-ported security fixes to all Linux based operating systems within our network.
Unfortunately, most network vulnerability scanners are unable to identify systems that have been updated using back-ported security fixes as the version numbers of the updated software does not change when back-ports are applied. In many cases, the only way to externally test whether a service is vulnerable to a specific exploit is to actually test the exploit (not recommended on production servers) as this can directly cause service crashes and other unwanted side-effects.
NOTE:
Please be aware the results these tools report when scanning (mt) Media Temple servers will show inaccurate results as they would against any servers using Enterprise Linux distributions with back-ported security fixes to maintain their security and version integrity.
Resources
For more details on back-port security fixes, please take the time to read Red Hat's official statement on this topic.
To view the Changelog of backports applied to your (dv) Dedicated-Virtual server, run the following command via SSH:
rpm -q --changelog RPMNAME | more
Just change RPMNAME to mysql, apache, etc.