FreeBSD OpenVAS Configuration
Yigithan Bilge (Student)
yigithanbilge at sabanciuniv.edu
Thu Sep 24 10:42:32 UTC 2020
Hey,
I currently work on a project to scan a network and find vulnerabilities
which has to be on FreeBSD. So, as a first step, I installed packages of
openvas9 and scanned the network by using the web interface. There is also
a server on ubuntu to see what openvas will find.
On the report, there is a vulnerability called “Report outdated /
end-of-life Scan Engine / Environment (local)” which makes me think the
system isn’t working quite well since the server has apache2 and open port
80 HTTP but couldn’t tell any of these as a vulnerability.
There is also a part on the report as:
Vulnerability Detection Result:
Installed GVM Libraries (gvm-libs) version: 9.0.1
Latest available GVM Libraries (gvm-libs) version: 10.0.2
I couldn’t update this gvm library, and I couldn’t even find this library
to update in the list of packages. All conversations and videos are on Kali
or etc. I have got in touch with the greenbone community and got thia
reply *"Greenbone
is not in charge for your version of our software. Therefore you should
contact the provider of your packages (most likely your distribution) and
create a request for updated packages."*
I also add the report, I hope someone can help me to solve the errors I
mentioned in the upper text. Sorry if I wrote something unnecessary or
irrelevant with this page, I am a student and quite new in this field.
Thank you
-------------- next part --------------
I Summary
=========
This document reports on the results of an automatic security scan.
The report first summarises the results found.
Then, for each host, the report describes every issue found.
Please consider the advice given in each description, in order to rectify
the issue.
All dates are displayed using the timezone "Coordinated Universal Time",
which is abbreviated "UTC".
Vendor security updates are not trusted.
Overrides are on. When a result has an override, this report uses the
threat of the override.
Notes are included in the report.Information on overrides is included in the report.
This report might not show details of all issues that were found.
It only lists hosts that produced issues.
Issues with the threat level "Log" are not shown.
Issues with the threat level "Debug" are not shown.
Issues with the threat level "False Positive" are not shown.
Only results with a minimum QoD of 70 are shown.
This report contains all 12 results selected by the
filtering described above. Before filtering there were 293 results.
Scan started:
Scan ended:
Task: Server Scanning - Apache2
Host Summary
************
Host High Medium Low Log False Positive
172.20.10.2 2 0 0 0 0
172.20.10.4 2 0 0 0 0
172.20.10.12 2 0 0 0 0
172.20.10.11 2 0 0 0 0
172.20.10.8 2 0 0 0 0
172.20.10.1 2 0 0 0 0
Total: 6 12 0 0 0 0
II Results per Host
===================
Host 172.20.10.2
****************
Scanning of this host started at:
Number of results: 2
Port Summary for Host 172.20.10.2
---------------------------------
Service (Port) Threat Level
general/tcp High
general/tcp High
general/tcp High
general/tcp High
general/tcp High
general/tcp High
Security Issues for Host 172.20.10.2
------------------------------------
Issue
-----
NVT: Report outdated / end-of-life Scan Engine / Environment (local)
OID: 1.3.6.1.4.1.25623.1.0.108560
Threat: High (CVSS: 10.0)
Port: general/tcp
Summary:
This script checks and reports an outdated or end-of-life scan engine
for the following environments:
- Greenbone Source Edition (GSE)
- Greenbone Community Edition (GCE)
used for this scan.
NOTE: While this is not, in and of itself, a security vulnerability, a severit!
y is reported to make you aware
of a possible decreased scan coverage or missing detection of vulnerabilities !
on the target due to e.g.:
- missing functionalities
- missing bugfixes
- incompatibilities within the feed.
Vulnerability Detection Result:
Installed GVM Libraries (gvm-libs) version: 9.0.1
Latest available GVM Libraries (gvm-libs) version: 10.0.2
Reference URL(s) for the latest available version: https://community.greenbone.n!
et/t/gvm-11-stable-initial-release-2019-10-14/3674 / https://community.greenbone!
.net/t/gvm-10-old-stable-initial-release-2019-04-05/208
Solution:
Solution type: VendorFix
Update to the latest available stable release for your scan environment. Please !
check the
references for more information. If you're using packages provided by your Lin!
ux distribution please contact the maintainer
of the used distribution / repository and request updated packages.
If you want to accept the risk of a possible decreased scan coverage or missin!
g detection of vulnerabilities on the target you
can set a global override for this script as described in the linked manuals.
Vulnerability Detection Method:
Details:
Report outdated / end-of-life Scan Engine / Environment (local)
(OID: 1.3.6.1.4.1.25623.1.0.108560)
Version used: 2020-06-10T13:24:20+0000
References:
Other:
https://www.greenbone.net/en/install_use_gce/
https://community.greenbone.net/t/gvm-9-end-of-life-initial-release-2017-03-07/211
https://community.greenbone.net/t/gvm-10-old-stable-initial-release-2019-04-05/208
https://community.greenbone.net/t/gvm-11-stable-initial-release-2019-10-14/3674
https://docs.greenbone.net/GSM-Manual/gos-4/en/reports.html#creating-an-override
https://docs.greenbone.net/GSM-Manual/gos-5/en/reports.html#creating-an-override
https://docs.greenbone.net/GSM-Manual/gos-6/en/reports.html#creating-an-override
Issue
-----
NVT: Important Announcement
OID: 1.3.6.1.4.1.25623.1.0.999998
Threat: High (CVSS: 10.0)
Port: general/tcp
Summary:
ATTENTION:
Your vulnerability tests are out of maintenance and not updated since September !
1st 2020. Your setup of Greenbone Source Edition will not report about any new t!
hreats in your scanned environment since this date!
REASON:
Your Greenbone setup is connected to a discontinued download server of the Green!
bone Community Feed. The Greenbone Community Feed is still available via a new d!
ownload server. The discontinuation announcement was posted on May 13th at the G!
reenbone Community Portal.
SOLUTION:
You can consider to upgrade your setup to a Greenbone enterprise product which a!
lso provides you the full scan coverage via Greenbone Security Feed (see PROFESS!
IONAL SOLUTION). Alternatively you can continue with the Greenbone Community Fee!
d (see FREE COMMUNITY SOLUTION).
PROFESSIONAL SOLUTION (Upgrading to full coverage scanning)
We are happy that our technology already today helps you to reduce the attack su!
rface of your corporate IT infrastructure. Our enterprise products close blind s!
pots of the community feed and give access to Greenbone service desk.
Please contact
upgrade at greenbone.net
and provide the following details (use copy&paste). Please understand that we wi!
ll not reply to you if you do not provide all the details.
- Company name:
- Company homepage:
- Your name:
- Your position in the company:
- The number of IP addresses you are scanning with Greenbone (ca.):
- The number of scanner instances you are using to scan:
- Are you using a master-sensor configuration: yes/no
Feel free to add any additional information you regard helpful to understand you!
r setup.
Our team will recommend to you a suitable commercial option. We are happy to dis!
cuss larger setups in direct communication.
You can inform yourself about our standard products here:
https://www.greenbone.net/en/products-solutions/
FREE COMMUNITY SOLUTION: Continue scanning with community feed
The Greenbone Community Feed is still available and updated daily. You may have !
just missed the technical notes and announcement here:
https://community.greenbone.net/t/community-feed-url-consolidation/5338
Vulnerability Detection Result:
ATTENTION:
Your vulnerability tests are out of maintenance and not updated since September !
1st 2020. Your setup of Greenbone Source Edition will not report about any new t!
hreats in your scanned environment since this date!
REASON:
Your Greenbone setup is connected to a discontinued download server of the Green!
bone Community Feed. The Greenbone Community Feed is still available via a new d!
ownload server. The discontinuation announcement was posted on May 13th at the G!
reenbone Community Portal.
SOLUTION:
You can consider to upgrade your setup to a Greenbone enterprise product which a!
lso provides you the full scan coverage via Greenbone Security Feed (see PROFESS!
IONAL SOLUTION). Alternatively you can continue with the Greenbone Community Fee!
d (see FREE COMMUNITY SOLUTION).
PROFESSIONAL SOLUTION (Upgrading to full coverage scanning)
We are happy that our technology already today helps you to reduce the attack su!
rface of your corporate IT infrastructure. Our enterprise products close blind s!
pots of the community feed and give access to Greenbone service desk.
Please contact
upgrade at greenbone.net
and provide the following details (use copy&paste). Please understand that we wi!
ll not reply to you if you do not provide all the details.
- Company name:
- Company homepage:
- Your name:
- Your position in the company:
- The number of IP addresses you are scanning with Greenbone (ca.):
- The number of scanner instances you are using to scan:
- Are you using a master-sensor configuration: yes/no
Feel free to add any additional information you regard helpful to understand you!
r setup.
Our team will recommend to you a suitable commercial option. We are happy to dis!
cuss larger setups in direct communication.
You can inform yourself about our standard products here:
https://www.greenbone.net/en/products-solutions/
FREE COMMUNITY SOLUTION: Continue scanning with community feed
The Greenbone Community Feed is still available and updated daily. You may have !
just missed the technical notes and announcement here:
https://community.greenbone.net/t/community-feed-url-consolidation/5338
Vulnerability Detection Method:
Details:
Important Announcement
(OID: 1.3.6.1.4.1.25623.1.0.999998)
Version used: 2020-07-14T11:31:48+0000
References:
Other:
https://community.greenbone.net/t/community-feed-url-consolidation/5338
Host 172.20.10.4
****************
Scanning of this host started at:
Number of results: 2
Port Summary for Host 172.20.10.4
---------------------------------
Service (Port) Threat Level
general/tcp High
general/tcp High
general/tcp High
general/tcp High
general/tcp High
general/tcp High
Security Issues for Host 172.20.10.4
------------------------------------
Issue
-----
NVT: Report outdated / end-of-life Scan Engine / Environment (local)
OID: 1.3.6.1.4.1.25623.1.0.108560
Threat: High (CVSS: 10.0)
Port: general/tcp
Summary:
This script checks and reports an outdated or end-of-life scan engine
for the following environments:
- Greenbone Source Edition (GSE)
- Greenbone Community Edition (GCE)
used for this scan.
NOTE: While this is not, in and of itself, a security vulnerability, a severit!
y is reported to make you aware
of a possible decreased scan coverage or missing detection of vulnerabilities !
on the target due to e.g.:
- missing functionalities
- missing bugfixes
- incompatibilities within the feed.
Vulnerability Detection Result:
Installed GVM Libraries (gvm-libs) version: 9.0.1
Latest available GVM Libraries (gvm-libs) version: 10.0.2
Reference URL(s) for the latest available version: https://community.greenbone.n!
et/t/gvm-11-stable-initial-release-2019-10-14/3674 / https://community.greenbone!
.net/t/gvm-10-old-stable-initial-release-2019-04-05/208
Solution:
Solution type: VendorFix
Update to the latest available stable release for your scan environment. Please !
check the
references for more information. If you're using packages provided by your Lin!
ux distribution please contact the maintainer
of the used distribution / repository and request updated packages.
If you want to accept the risk of a possible decreased scan coverage or missin!
g detection of vulnerabilities on the target you
can set a global override for this script as described in the linked manuals.
Vulnerability Detection Method:
Details:
Report outdated / end-of-life Scan Engine / Environment (local)
(OID: 1.3.6.1.4.1.25623.1.0.108560)
Version used: 2020-06-10T13:24:20+0000
References:
Other:
https://www.greenbone.net/en/install_use_gce/
https://community.greenbone.net/t/gvm-9-end-of-life-initial-release-2017-03-07/211
https://community.greenbone.net/t/gvm-10-old-stable-initial-release-2019-04-05/208
https://community.greenbone.net/t/gvm-11-stable-initial-release-2019-10-14/3674
https://docs.greenbone.net/GSM-Manual/gos-4/en/reports.html#creating-an-override
https://docs.greenbone.net/GSM-Manual/gos-5/en/reports.html#creating-an-override
https://docs.greenbone.net/GSM-Manual/gos-6/en/reports.html#creating-an-override
Issue
-----
NVT: Important Announcement
OID: 1.3.6.1.4.1.25623.1.0.999998
Threat: High (CVSS: 10.0)
Port: general/tcp
Summary:
ATTENTION:
Your vulnerability tests are out of maintenance and not updated since September !
1st 2020. Your setup of Greenbone Source Edition will not report about any new t!
hreats in your scanned environment since this date!
REASON:
Your Greenbone setup is connected to a discontinued download server of the Green!
bone Community Feed. The Greenbone Community Feed is still available via a new d!
ownload server. The discontinuation announcement was posted on May 13th at the G!
reenbone Community Portal.
SOLUTION:
You can consider to upgrade your setup to a Greenbone enterprise product which a!
lso provides you the full scan coverage via Greenbone Security Feed (see PROFESS!
IONAL SOLUTION). Alternatively you can continue with the Greenbone Community Fee!
d (see FREE COMMUNITY SOLUTION).
PROFESSIONAL SOLUTION (Upgrading to full coverage scanning)
We are happy that our technology already today helps you to reduce the attack su!
rface of your corporate IT infrastructure. Our enterprise products close blind s!
pots of the community feed and give access to Greenbone service desk.
Please contact
upgrade at greenbone.net
and provide the following details (use copy&paste). Please understand that we wi!
ll not reply to you if you do not provide all the details.
- Company name:
- Company homepage:
- Your name:
- Your position in the company:
- The number of IP addresses you are scanning with Greenbone (ca.):
- The number of scanner instances you are using to scan:
- Are you using a master-sensor configuration: yes/no
Feel free to add any additional information you regard helpful to understand you!
r setup.
Our team will recommend to you a suitable commercial option. We are happy to dis!
cuss larger setups in direct communication.
You can inform yourself about our standard products here:
https://www.greenbone.net/en/products-solutions/
FREE COMMUNITY SOLUTION: Continue scanning with community feed
The Greenbone Community Feed is still available and updated daily. You may have !
just missed the technical notes and announcement here:
https://community.greenbone.net/t/community-feed-url-consolidation/5338
Vulnerability Detection Result:
ATTENTION:
Your vulnerability tests are out of maintenance and not updated since September !
1st 2020. Your setup of Greenbone Source Edition will not report about any new t!
hreats in your scanned environment since this date!
REASON:
Your Greenbone setup is connected to a discontinued download server of the Green!
bone Community Feed. The Greenbone Community Feed is still available via a new d!
ownload server. The discontinuation announcement was posted on May 13th at the G!
reenbone Community Portal.
SOLUTION:
You can consider to upgrade your setup to a Greenbone enterprise product which a!
lso provides you the full scan coverage via Greenbone Security Feed (see PROFESS!
IONAL SOLUTION). Alternatively you can continue with the Greenbone Community Fee!
d (see FREE COMMUNITY SOLUTION).
PROFESSIONAL SOLUTION (Upgrading to full coverage scanning)
We are happy that our technology already today helps you to reduce the attack su!
rface of your corporate IT infrastructure. Our enterprise products close blind s!
pots of the community feed and give access to Greenbone service desk.
Please contact
upgrade at greenbone.net
and provide the following details (use copy&paste). Please understand that we wi!
ll not reply to you if you do not provide all the details.
- Company name:
- Company homepage:
- Your name:
- Your position in the company:
- The number of IP addresses you are scanning with Greenbone (ca.):
- The number of scanner instances you are using to scan:
- Are you using a master-sensor configuration: yes/no
Feel free to add any additional information you regard helpful to understand you!
r setup.
Our team will recommend to you a suitable commercial option. We are happy to dis!
cuss larger setups in direct communication.
You can inform yourself about our standard products here:
https://www.greenbone.net/en/products-solutions/
FREE COMMUNITY SOLUTION: Continue scanning with community feed
The Greenbone Community Feed is still available and updated daily. You may have !
just missed the technical notes and announcement here:
https://community.greenbone.net/t/community-feed-url-consolidation/5338
Vulnerability Detection Method:
Details:
Important Announcement
(OID: 1.3.6.1.4.1.25623.1.0.999998)
Version used: 2020-07-14T11:31:48+0000
References:
Other:
https://community.greenbone.net/t/community-feed-url-consolidation/5338
Host 172.20.10.12
*****************
Scanning of this host started at:
Number of results: 2
Port Summary for Host 172.20.10.12
----------------------------------
Service (Port) Threat Level
general/tcp High
general/tcp High
general/tcp High
general/tcp High
general/tcp High
general/tcp High
Security Issues for Host 172.20.10.12
-------------------------------------
Issue
-----
NVT: Report outdated / end-of-life Scan Engine / Environment (local)
OID: 1.3.6.1.4.1.25623.1.0.108560
Threat: High (CVSS: 10.0)
Port: general/tcp
Summary:
This script checks and reports an outdated or end-of-life scan engine
for the following environments:
- Greenbone Source Edition (GSE)
- Greenbone Community Edition (GCE)
used for this scan.
NOTE: While this is not, in and of itself, a security vulnerability, a severit!
y is reported to make you aware
of a possible decreased scan coverage or missing detection of vulnerabilities !
on the target due to e.g.:
- missing functionalities
- missing bugfixes
- incompatibilities within the feed.
Vulnerability Detection Result:
Installed GVM Libraries (gvm-libs) version: 9.0.1
Latest available GVM Libraries (gvm-libs) version: 10.0.2
Reference URL(s) for the latest available version: https://community.greenbone.n!
et/t/gvm-11-stable-initial-release-2019-10-14/3674 / https://community.greenbone!
.net/t/gvm-10-old-stable-initial-release-2019-04-05/208
Solution:
Solution type: VendorFix
Update to the latest available stable release for your scan environment. Please !
check the
references for more information. If you're using packages provided by your Lin!
ux distribution please contact the maintainer
of the used distribution / repository and request updated packages.
If you want to accept the risk of a possible decreased scan coverage or missin!
g detection of vulnerabilities on the target you
can set a global override for this script as described in the linked manuals.
Vulnerability Detection Method:
Details:
Report outdated / end-of-life Scan Engine / Environment (local)
(OID: 1.3.6.1.4.1.25623.1.0.108560)
Version used: 2020-06-10T13:24:20+0000
References:
Other:
https://www.greenbone.net/en/install_use_gce/
https://community.greenbone.net/t/gvm-9-end-of-life-initial-release-2017-03-07/211
https://community.greenbone.net/t/gvm-10-old-stable-initial-release-2019-04-05/208
https://community.greenbone.net/t/gvm-11-stable-initial-release-2019-10-14/3674
https://docs.greenbone.net/GSM-Manual/gos-4/en/reports.html#creating-an-override
https://docs.greenbone.net/GSM-Manual/gos-5/en/reports.html#creating-an-override
https://docs.greenbone.net/GSM-Manual/gos-6/en/reports.html#creating-an-override
Issue
-----
NVT: Important Announcement
OID: 1.3.6.1.4.1.25623.1.0.999998
Threat: High (CVSS: 10.0)
Port: general/tcp
Summary:
ATTENTION:
Your vulnerability tests are out of maintenance and not updated since September !
1st 2020. Your setup of Greenbone Source Edition will not report about any new t!
hreats in your scanned environment since this date!
REASON:
Your Greenbone setup is connected to a discontinued download server of the Green!
bone Community Feed. The Greenbone Community Feed is still available via a new d!
ownload server. The discontinuation announcement was posted on May 13th at the G!
reenbone Community Portal.
SOLUTION:
You can consider to upgrade your setup to a Greenbone enterprise product which a!
lso provides you the full scan coverage via Greenbone Security Feed (see PROFESS!
IONAL SOLUTION). Alternatively you can continue with the Greenbone Community Fee!
d (see FREE COMMUNITY SOLUTION).
PROFESSIONAL SOLUTION (Upgrading to full coverage scanning)
We are happy that our technology already today helps you to reduce the attack su!
rface of your corporate IT infrastructure. Our enterprise products close blind s!
pots of the community feed and give access to Greenbone service desk.
Please contact
upgrade at greenbone.net
and provide the following details (use copy&paste). Please understand that we wi!
ll not reply to you if you do not provide all the details.
- Company name:
- Company homepage:
- Your name:
- Your position in the company:
- The number of IP addresses you are scanning with Greenbone (ca.):
- The number of scanner instances you are using to scan:
- Are you using a master-sensor configuration: yes/no
Feel free to add any additional information you regard helpful to understand you!
r setup.
Our team will recommend to you a suitable commercial option. We are happy to dis!
cuss larger setups in direct communication.
You can inform yourself about our standard products here:
https://www.greenbone.net/en/products-solutions/
FREE COMMUNITY SOLUTION: Continue scanning with community feed
The Greenbone Community Feed is still available and updated daily. You may have !
just missed the technical notes and announcement here:
https://community.greenbone.net/t/community-feed-url-consolidation/5338
Vulnerability Detection Result:
ATTENTION:
Your vulnerability tests are out of maintenance and not updated since September !
1st 2020. Your setup of Greenbone Source Edition will not report about any new t!
hreats in your scanned environment since this date!
REASON:
Your Greenbone setup is connected to a discontinued download server of the Green!
bone Community Feed. The Greenbone Community Feed is still available via a new d!
ownload server. The discontinuation announcement was posted on May 13th at the G!
reenbone Community Portal.
SOLUTION:
You can consider to upgrade your setup to a Greenbone enterprise product which a!
lso provides you the full scan coverage via Greenbone Security Feed (see PROFESS!
IONAL SOLUTION). Alternatively you can continue with the Greenbone Community Fee!
d (see FREE COMMUNITY SOLUTION).
PROFESSIONAL SOLUTION (Upgrading to full coverage scanning)
We are happy that our technology already today helps you to reduce the attack su!
rface of your corporate IT infrastructure. Our enterprise products close blind s!
pots of the community feed and give access to Greenbone service desk.
Please contact
upgrade at greenbone.net
and provide the following details (use copy&paste). Please understand that we wi!
ll not reply to you if you do not provide all the details.
- Company name:
- Company homepage:
- Your name:
- Your position in the company:
- The number of IP addresses you are scanning with Greenbone (ca.):
- The number of scanner instances you are using to scan:
- Are you using a master-sensor configuration: yes/no
Feel free to add any additional information you regard helpful to understand you!
r setup.
Our team will recommend to you a suitable commercial option. We are happy to dis!
cuss larger setups in direct communication.
You can inform yourself about our standard products here:
https://www.greenbone.net/en/products-solutions/
FREE COMMUNITY SOLUTION: Continue scanning with community feed
The Greenbone Community Feed is still available and updated daily. You may have !
just missed the technical notes and announcement here:
https://community.greenbone.net/t/community-feed-url-consolidation/5338
Vulnerability Detection Method:
Details:
Important Announcement
(OID: 1.3.6.1.4.1.25623.1.0.999998)
Version used: 2020-07-14T11:31:48+0000
References:
Other:
https://community.greenbone.net/t/community-feed-url-consolidation/5338
Host 172.20.10.11
*****************
Scanning of this host started at:
Number of results: 2
Port Summary for Host 172.20.10.11
----------------------------------
Service (Port) Threat Level
general/tcp High
general/tcp High
general/tcp High
general/tcp High
general/tcp High
general/tcp High
Security Issues for Host 172.20.10.11
-------------------------------------
Issue
-----
NVT: Report outdated / end-of-life Scan Engine / Environment (local)
OID: 1.3.6.1.4.1.25623.1.0.108560
Threat: High (CVSS: 10.0)
Port: general/tcp
Summary:
This script checks and reports an outdated or end-of-life scan engine
for the following environments:
- Greenbone Source Edition (GSE)
- Greenbone Community Edition (GCE)
used for this scan.
NOTE: While this is not, in and of itself, a security vulnerability, a severit!
y is reported to make you aware
of a possible decreased scan coverage or missing detection of vulnerabilities !
on the target due to e.g.:
- missing functionalities
- missing bugfixes
- incompatibilities within the feed.
Vulnerability Detection Result:
Installed GVM Libraries (gvm-libs) version: 9.0.1
Latest available GVM Libraries (gvm-libs) version: 10.0.2
Reference URL(s) for the latest available version: https://community.greenbone.n!
et/t/gvm-11-stable-initial-release-2019-10-14/3674 / https://community.greenbone!
.net/t/gvm-10-old-stable-initial-release-2019-04-05/208
Solution:
Solution type: VendorFix
Update to the latest available stable release for your scan environment. Please !
check the
references for more information. If you're using packages provided by your Lin!
ux distribution please contact the maintainer
of the used distribution / repository and request updated packages.
If you want to accept the risk of a possible decreased scan coverage or missin!
g detection of vulnerabilities on the target you
can set a global override for this script as described in the linked manuals.
Vulnerability Detection Method:
Details:
Report outdated / end-of-life Scan Engine / Environment (local)
(OID: 1.3.6.1.4.1.25623.1.0.108560)
Version used: 2020-06-10T13:24:20+0000
References:
Other:
https://www.greenbone.net/en/install_use_gce/
https://community.greenbone.net/t/gvm-9-end-of-life-initial-release-2017-03-07/211
https://community.greenbone.net/t/gvm-10-old-stable-initial-release-2019-04-05/208
https://community.greenbone.net/t/gvm-11-stable-initial-release-2019-10-14/3674
https://docs.greenbone.net/GSM-Manual/gos-4/en/reports.html#creating-an-override
https://docs.greenbone.net/GSM-Manual/gos-5/en/reports.html#creating-an-override
https://docs.greenbone.net/GSM-Manual/gos-6/en/reports.html#creating-an-override
Issue
-----
NVT: Important Announcement
OID: 1.3.6.1.4.1.25623.1.0.999998
Threat: High (CVSS: 10.0)
Port: general/tcp
Summary:
ATTENTION:
Your vulnerability tests are out of maintenance and not updated since September !
1st 2020. Your setup of Greenbone Source Edition will not report about any new t!
hreats in your scanned environment since this date!
REASON:
Your Greenbone setup is connected to a discontinued download server of the Green!
bone Community Feed. The Greenbone Community Feed is still available via a new d!
ownload server. The discontinuation announcement was posted on May 13th at the G!
reenbone Community Portal.
SOLUTION:
You can consider to upgrade your setup to a Greenbone enterprise product which a!
lso provides you the full scan coverage via Greenbone Security Feed (see PROFESS!
IONAL SOLUTION). Alternatively you can continue with the Greenbone Community Fee!
d (see FREE COMMUNITY SOLUTION).
PROFESSIONAL SOLUTION (Upgrading to full coverage scanning)
We are happy that our technology already today helps you to reduce the attack su!
rface of your corporate IT infrastructure. Our enterprise products close blind s!
pots of the community feed and give access to Greenbone service desk.
Please contact
upgrade at greenbone.net
and provide the following details (use copy&paste). Please understand that we wi!
ll not reply to you if you do not provide all the details.
- Company name:
- Company homepage:
- Your name:
- Your position in the company:
- The number of IP addresses you are scanning with Greenbone (ca.):
- The number of scanner instances you are using to scan:
- Are you using a master-sensor configuration: yes/no
Feel free to add any additional information you regard helpful to understand you!
r setup.
Our team will recommend to you a suitable commercial option. We are happy to dis!
cuss larger setups in direct communication.
You can inform yourself about our standard products here:
https://www.greenbone.net/en/products-solutions/
FREE COMMUNITY SOLUTION: Continue scanning with community feed
The Greenbone Community Feed is still available and updated daily. You may have !
just missed the technical notes and announcement here:
https://community.greenbone.net/t/community-feed-url-consolidation/5338
Vulnerability Detection Result:
ATTENTION:
Your vulnerability tests are out of maintenance and not updated since September !
1st 2020. Your setup of Greenbone Source Edition will not report about any new t!
hreats in your scanned environment since this date!
REASON:
Your Greenbone setup is connected to a discontinued download server of the Green!
bone Community Feed. The Greenbone Community Feed is still available via a new d!
ownload server. The discontinuation announcement was posted on May 13th at the G!
reenbone Community Portal.
SOLUTION:
You can consider to upgrade your setup to a Greenbone enterprise product which a!
lso provides you the full scan coverage via Greenbone Security Feed (see PROFESS!
IONAL SOLUTION). Alternatively you can continue with the Greenbone Community Fee!
d (see FREE COMMUNITY SOLUTION).
PROFESSIONAL SOLUTION (Upgrading to full coverage scanning)
We are happy that our technology already today helps you to reduce the attack su!
rface of your corporate IT infrastructure. Our enterprise products close blind s!
pots of the community feed and give access to Greenbone service desk.
Please contact
upgrade at greenbone.net
and provide the following details (use copy&paste). Please understand that we wi!
ll not reply to you if you do not provide all the details.
- Company name:
- Company homepage:
- Your name:
- Your position in the company:
- The number of IP addresses you are scanning with Greenbone (ca.):
- The number of scanner instances you are using to scan:
- Are you using a master-sensor configuration: yes/no
Feel free to add any additional information you regard helpful to understand you!
r setup.
Our team will recommend to you a suitable commercial option. We are happy to dis!
cuss larger setups in direct communication.
You can inform yourself about our standard products here:
https://www.greenbone.net/en/products-solutions/
FREE COMMUNITY SOLUTION: Continue scanning with community feed
The Greenbone Community Feed is still available and updated daily. You may have !
just missed the technical notes and announcement here:
https://community.greenbone.net/t/community-feed-url-consolidation/5338
Vulnerability Detection Method:
Details:
Important Announcement
(OID: 1.3.6.1.4.1.25623.1.0.999998)
Version used: 2020-07-14T11:31:48+0000
References:
Other:
https://community.greenbone.net/t/community-feed-url-consolidation/5338
Host 172.20.10.8
****************
Scanning of this host started at:
Number of results: 2
Port Summary for Host 172.20.10.8
---------------------------------
Service (Port) Threat Level
general/tcp High
general/tcp High
general/tcp High
general/tcp High
general/tcp High
general/tcp High
Security Issues for Host 172.20.10.8
------------------------------------
Issue
-----
NVT: Report outdated / end-of-life Scan Engine / Environment (local)
OID: 1.3.6.1.4.1.25623.1.0.108560
Threat: High (CVSS: 10.0)
Port: general/tcp
Summary:
This script checks and reports an outdated or end-of-life scan engine
for the following environments:
- Greenbone Source Edition (GSE)
- Greenbone Community Edition (GCE)
used for this scan.
NOTE: While this is not, in and of itself, a security vulnerability, a severit!
y is reported to make you aware
of a possible decreased scan coverage or missing detection of vulnerabilities !
on the target due to e.g.:
- missing functionalities
- missing bugfixes
- incompatibilities within the feed.
Vulnerability Detection Result:
Installed GVM Libraries (gvm-libs) version: 9.0.1
Latest available GVM Libraries (gvm-libs) version: 10.0.2
Reference URL(s) for the latest available version: https://community.greenbone.n!
et/t/gvm-11-stable-initial-release-2019-10-14/3674 / https://community.greenbone!
.net/t/gvm-10-old-stable-initial-release-2019-04-05/208
Solution:
Solution type: VendorFix
Update to the latest available stable release for your scan environment. Please !
check the
references for more information. If you're using packages provided by your Lin!
ux distribution please contact the maintainer
of the used distribution / repository and request updated packages.
If you want to accept the risk of a possible decreased scan coverage or missin!
g detection of vulnerabilities on the target you
can set a global override for this script as described in the linked manuals.
Vulnerability Detection Method:
Details:
Report outdated / end-of-life Scan Engine / Environment (local)
(OID: 1.3.6.1.4.1.25623.1.0.108560)
Version used: 2020-06-10T13:24:20+0000
References:
Other:
https://www.greenbone.net/en/install_use_gce/
https://community.greenbone.net/t/gvm-9-end-of-life-initial-release-2017-03-07/211
https://community.greenbone.net/t/gvm-10-old-stable-initial-release-2019-04-05/208
https://community.greenbone.net/t/gvm-11-stable-initial-release-2019-10-14/3674
https://docs.greenbone.net/GSM-Manual/gos-4/en/reports.html#creating-an-override
https://docs.greenbone.net/GSM-Manual/gos-5/en/reports.html#creating-an-override
https://docs.greenbone.net/GSM-Manual/gos-6/en/reports.html#creating-an-override
Issue
-----
NVT: Important Announcement
OID: 1.3.6.1.4.1.25623.1.0.999998
Threat: High (CVSS: 10.0)
Port: general/tcp
Summary:
ATTENTION:
Your vulnerability tests are out of maintenance and not updated since September !
1st 2020. Your setup of Greenbone Source Edition will not report about any new t!
hreats in your scanned environment since this date!
REASON:
Your Greenbone setup is connected to a discontinued download server of the Green!
bone Community Feed. The Greenbone Community Feed is still available via a new d!
ownload server. The discontinuation announcement was posted on May 13th at the G!
reenbone Community Portal.
SOLUTION:
You can consider to upgrade your setup to a Greenbone enterprise product which a!
lso provides you the full scan coverage via Greenbone Security Feed (see PROFESS!
IONAL SOLUTION). Alternatively you can continue with the Greenbone Community Fee!
d (see FREE COMMUNITY SOLUTION).
PROFESSIONAL SOLUTION (Upgrading to full coverage scanning)
We are happy that our technology already today helps you to reduce the attack su!
rface of your corporate IT infrastructure. Our enterprise products close blind s!
pots of the community feed and give access to Greenbone service desk.
Please contact
upgrade at greenbone.net
and provide the following details (use copy&paste). Please understand that we wi!
ll not reply to you if you do not provide all the details.
- Company name:
- Company homepage:
- Your name:
- Your position in the company:
- The number of IP addresses you are scanning with Greenbone (ca.):
- The number of scanner instances you are using to scan:
- Are you using a master-sensor configuration: yes/no
Feel free to add any additional information you regard helpful to understand you!
r setup.
Our team will recommend to you a suitable commercial option. We are happy to dis!
cuss larger setups in direct communication.
You can inform yourself about our standard products here:
https://www.greenbone.net/en/products-solutions/
FREE COMMUNITY SOLUTION: Continue scanning with community feed
The Greenbone Community Feed is still available and updated daily. You may have !
just missed the technical notes and announcement here:
https://community.greenbone.net/t/community-feed-url-consolidation/5338
Vulnerability Detection Result:
ATTENTION:
Your vulnerability tests are out of maintenance and not updated since September !
1st 2020. Your setup of Greenbone Source Edition will not report about any new t!
hreats in your scanned environment since this date!
REASON:
Your Greenbone setup is connected to a discontinued download server of the Green!
bone Community Feed. The Greenbone Community Feed is still available via a new d!
ownload server. The discontinuation announcement was posted on May 13th at the G!
reenbone Community Portal.
SOLUTION:
You can consider to upgrade your setup to a Greenbone enterprise product which a!
lso provides you the full scan coverage via Greenbone Security Feed (see PROFESS!
IONAL SOLUTION). Alternatively you can continue with the Greenbone Community Fee!
d (see FREE COMMUNITY SOLUTION).
PROFESSIONAL SOLUTION (Upgrading to full coverage scanning)
We are happy that our technology already today helps you to reduce the attack su!
rface of your corporate IT infrastructure. Our enterprise products close blind s!
pots of the community feed and give access to Greenbone service desk.
Please contact
upgrade at greenbone.net
and provide the following details (use copy&paste). Please understand that we wi!
ll not reply to you if you do not provide all the details.
- Company name:
- Company homepage:
- Your name:
- Your position in the company:
- The number of IP addresses you are scanning with Greenbone (ca.):
- The number of scanner instances you are using to scan:
- Are you using a master-sensor configuration: yes/no
Feel free to add any additional information you regard helpful to understand you!
r setup.
Our team will recommend to you a suitable commercial option. We are happy to dis!
cuss larger setups in direct communication.
You can inform yourself about our standard products here:
https://www.greenbone.net/en/products-solutions/
FREE COMMUNITY SOLUTION: Continue scanning with community feed
The Greenbone Community Feed is still available and updated daily. You may have !
just missed the technical notes and announcement here:
https://community.greenbone.net/t/community-feed-url-consolidation/5338
Vulnerability Detection Method:
Details:
Important Announcement
(OID: 1.3.6.1.4.1.25623.1.0.999998)
Version used: 2020-07-14T11:31:48+0000
References:
Other:
https://community.greenbone.net/t/community-feed-url-consolidation/5338
Host 172.20.10.1
****************
Scanning of this host started at:
Number of results: 2
Port Summary for Host 172.20.10.1
---------------------------------
Service (Port) Threat Level
general/tcp High
general/tcp High
general/tcp High
general/tcp High
general/tcp High
general/tcp High
Security Issues for Host 172.20.10.1
------------------------------------
Issue
-----
NVT: Report outdated / end-of-life Scan Engine / Environment (local)
OID: 1.3.6.1.4.1.25623.1.0.108560
Threat: High (CVSS: 10.0)
Port: general/tcp
Summary:
This script checks and reports an outdated or end-of-life scan engine
for the following environments:
- Greenbone Source Edition (GSE)
- Greenbone Community Edition (GCE)
used for this scan.
NOTE: While this is not, in and of itself, a security vulnerability, a severit!
y is reported to make you aware
of a possible decreased scan coverage or missing detection of vulnerabilities !
on the target due to e.g.:
- missing functionalities
- missing bugfixes
- incompatibilities within the feed.
Vulnerability Detection Result:
Installed GVM Libraries (gvm-libs) version: 9.0.1
Latest available GVM Libraries (gvm-libs) version: 10.0.2
Reference URL(s) for the latest available version: https://community.greenbone.n!
et/t/gvm-11-stable-initial-release-2019-10-14/3674 / https://community.greenbone!
.net/t/gvm-10-old-stable-initial-release-2019-04-05/208
Solution:
Solution type: VendorFix
Update to the latest available stable release for your scan environment. Please !
check the
references for more information. If you're using packages provided by your Lin!
ux distribution please contact the maintainer
of the used distribution / repository and request updated packages.
If you want to accept the risk of a possible decreased scan coverage or missin!
g detection of vulnerabilities on the target you
can set a global override for this script as described in the linked manuals.
Vulnerability Detection Method:
Details:
Report outdated / end-of-life Scan Engine / Environment (local)
(OID: 1.3.6.1.4.1.25623.1.0.108560)
Version used: 2020-06-10T13:24:20+0000
References:
Other:
https://www.greenbone.net/en/install_use_gce/
https://community.greenbone.net/t/gvm-9-end-of-life-initial-release-2017-03-07/211
https://community.greenbone.net/t/gvm-10-old-stable-initial-release-2019-04-05/208
https://community.greenbone.net/t/gvm-11-stable-initial-release-2019-10-14/3674
https://docs.greenbone.net/GSM-Manual/gos-4/en/reports.html#creating-an-override
https://docs.greenbone.net/GSM-Manual/gos-5/en/reports.html#creating-an-override
https://docs.greenbone.net/GSM-Manual/gos-6/en/reports.html#creating-an-override
Issue
-----
NVT: Important Announcement
OID: 1.3.6.1.4.1.25623.1.0.999998
Threat: High (CVSS: 10.0)
Port: general/tcp
Summary:
ATTENTION:
Your vulnerability tests are out of maintenance and not updated since September !
1st 2020. Your setup of Greenbone Source Edition will not report about any new t!
hreats in your scanned environment since this date!
REASON:
Your Greenbone setup is connected to a discontinued download server of the Green!
bone Community Feed. The Greenbone Community Feed is still available via a new d!
ownload server. The discontinuation announcement was posted on May 13th at the G!
reenbone Community Portal.
SOLUTION:
You can consider to upgrade your setup to a Greenbone enterprise product which a!
lso provides you the full scan coverage via Greenbone Security Feed (see PROFESS!
IONAL SOLUTION). Alternatively you can continue with the Greenbone Community Fee!
d (see FREE COMMUNITY SOLUTION).
PROFESSIONAL SOLUTION (Upgrading to full coverage scanning)
We are happy that our technology already today helps you to reduce the attack su!
rface of your corporate IT infrastructure. Our enterprise products close blind s!
pots of the community feed and give access to Greenbone service desk.
Please contact
upgrade at greenbone.net
and provide the following details (use copy&paste). Please understand that we wi!
ll not reply to you if you do not provide all the details.
- Company name:
- Company homepage:
- Your name:
- Your position in the company:
- The number of IP addresses you are scanning with Greenbone (ca.):
- The number of scanner instances you are using to scan:
- Are you using a master-sensor configuration: yes/no
Feel free to add any additional information you regard helpful to understand you!
r setup.
Our team will recommend to you a suitable commercial option. We are happy to dis!
cuss larger setups in direct communication.
You can inform yourself about our standard products here:
https://www.greenbone.net/en/products-solutions/
FREE COMMUNITY SOLUTION: Continue scanning with community feed
The Greenbone Community Feed is still available and updated daily. You may have !
just missed the technical notes and announcement here:
https://community.greenbone.net/t/community-feed-url-consolidation/5338
Vulnerability Detection Result:
ATTENTION:
Your vulnerability tests are out of maintenance and not updated since September !
1st 2020. Your setup of Greenbone Source Edition will not report about any new t!
hreats in your scanned environment since this date!
REASON:
Your Greenbone setup is connected to a discontinued download server of the Green!
bone Community Feed. The Greenbone Community Feed is still available via a new d!
ownload server. The discontinuation announcement was posted on May 13th at the G!
reenbone Community Portal.
SOLUTION:
You can consider to upgrade your setup to a Greenbone enterprise product which a!
lso provides you the full scan coverage via Greenbone Security Feed (see PROFESS!
IONAL SOLUTION). Alternatively you can continue with the Greenbone Community Fee!
d (see FREE COMMUNITY SOLUTION).
PROFESSIONAL SOLUTION (Upgrading to full coverage scanning)
We are happy that our technology already today helps you to reduce the attack su!
rface of your corporate IT infrastructure. Our enterprise products close blind s!
pots of the community feed and give access to Greenbone service desk.
Please contact
upgrade at greenbone.net
and provide the following details (use copy&paste). Please understand that we wi!
ll not reply to you if you do not provide all the details.
- Company name:
- Company homepage:
- Your name:
- Your position in the company:
- The number of IP addresses you are scanning with Greenbone (ca.):
- The number of scanner instances you are using to scan:
- Are you using a master-sensor configuration: yes/no
Feel free to add any additional information you regard helpful to understand you!
r setup.
Our team will recommend to you a suitable commercial option. We are happy to dis!
cuss larger setups in direct communication.
You can inform yourself about our standard products here:
https://www.greenbone.net/en/products-solutions/
FREE COMMUNITY SOLUTION: Continue scanning with community feed
The Greenbone Community Feed is still available and updated daily. You may have !
just missed the technical notes and announcement here:
https://community.greenbone.net/t/community-feed-url-consolidation/5338
Vulnerability Detection Method:
Details:
Important Announcement
(OID: 1.3.6.1.4.1.25623.1.0.999998)
Version used: 2020-07-14T11:31:48+0000
References:
Other:
https://community.greenbone.net/t/community-feed-url-consolidation/5338
More information about the freebsd-pkg
mailing list