FreeBSD OpenVAS Configuration

Brooks Davis brooks at freebsd.org
Thu Sep 24 16:41:53 UTC 2020


It appears that OpenVAS is complaining about itself in a confusing and
unhelpful way.  According to the following page, GVM is new branding for
OpenVAS.

https://wiki.gentoo.org/wiki/Greenbone_Vulnerability_Management

-- Brooks

On Thu, Sep 24, 2020 at 01:42:41PM +0300, Yigithan Bilge (Student) wrote:
> Hey,
> 
> I currently work on a project to scan a network and find vulnerabilities
> which has to be on FreeBSD. So, as a first step, I installed packages of
> openvas9 and scanned the network by using the web interface. There is also
> a server on ubuntu to see what openvas will find.
> 
> On the report, there is a vulnerability called ???Report outdated /
> end-of-life Scan Engine / Environment (local)??? which makes me think the
> system isn???t working quite well since the server has apache2 and open port
> 80 HTTP but couldn???t tell any of these as a vulnerability.
> 
> There is also a part on the report as:
> 
> Vulnerability Detection Result:
> Installed GVM Libraries (gvm-libs) version: 9.0.1
> Latest available GVM Libraries (gvm-libs) version: 10.0.2
> 
> I couldn???t update this gvm library, and I couldn???t even find this library
> to update in the list of packages. All conversations and videos are on Kali
> or etc. I have got in touch with the greenbone community and got thia
> reply *"Greenbone
> is not in charge for your version of our software. Therefore you should
> contact the provider of your packages (most likely your distribution) and
> create a request for updated packages."*
> 
> I also add the report, I hope someone can help me to solve the errors I
> mentioned in the upper text. Sorry if I wrote something unnecessary or
> irrelevant with this page, I am a student and quite new in this field.
> 
> Thank you

> I Summary
> =========
> 
> This document reports on the results of an automatic security scan.
> The report first summarises the results found.
> Then, for each host, the report describes every issue found.
> Please consider the advice given in each description, in order to rectify
> the issue.
> 
> All dates are displayed using the timezone "Coordinated Universal Time",
> which is abbreviated "UTC".
> 
> Vendor security updates are not trusted.
> 
> Overrides are on.  When a result has an override, this report uses the
> threat of the override.
> 
> Notes are included in the report.Information on overrides is included in the report.
> 
> This report might not show details of all issues that were found.
> It only lists hosts that produced issues.
> Issues with the threat level "Log" are not shown.
> Issues with the threat level "Debug" are not shown.
> Issues with the threat level "False Positive" are not shown.
> Only results with a minimum QoD of 70 are shown.
> 
> This report contains all 12 results selected by the
> filtering described above.  Before filtering there were 293 results.
> 
> Scan started: 
> Scan ended:   
> Task:         Server Scanning - Apache2
> 
> Host Summary
> ************
> 
> Host            High  Medium  Low  Log  False Positive
> 172.20.10.2        2       0    0    0               0
> 172.20.10.4        2       0    0    0               0
> 172.20.10.12       2       0    0    0               0
> 172.20.10.11       2       0    0    0               0
> 172.20.10.8        2       0    0    0               0
> 172.20.10.1        2       0    0    0               0
> Total: 6          12       0    0    0               0
> 
> 
> II Results per Host
> ===================
> 
> Host 172.20.10.2
> ****************
> 
> Scanning of this host started at: 
> Number of results: 2
> 
> Port Summary for Host 172.20.10.2
> ---------------------------------
> 
> Service (Port)          Threat Level
> general/tcp             High
> general/tcp             High
> general/tcp             High
> general/tcp             High
> general/tcp             High
> general/tcp             High
> 
> Security Issues for Host 172.20.10.2
> ------------------------------------
> 
> Issue
> -----
> NVT:    Report outdated / end-of-life Scan Engine / Environment (local)
> OID:    1.3.6.1.4.1.25623.1.0.108560
> Threat: High (CVSS: 10.0)
> Port:   general/tcp
> 
> Summary:
> This script checks and reports an outdated or end-of-life scan engine
>   for the following environments:
>   - Greenbone Source Edition (GSE)
>   - Greenbone Community Edition (GCE)
>   used for this scan.
>   NOTE: While this is not, in and of itself, a security vulnerability, a severit!
> y is reported to make you aware
>   of a possible decreased scan coverage or missing detection of vulnerabilities !
> on the target due to e.g.:
>   - missing functionalities
>   - missing bugfixes
>   - incompatibilities within the feed.
> 
> Vulnerability Detection Result:
> Installed GVM Libraries (gvm-libs) version:        9.0.1
> Latest available GVM Libraries (gvm-libs) version: 10.0.2
> Reference URL(s) for the latest available version: https://community.greenbone.n!
> et/t/gvm-11-stable-initial-release-2019-10-14/3674 / https://community.greenbone!
> .net/t/gvm-10-old-stable-initial-release-2019-04-05/208
> 
> Solution:
> Solution type: VendorFix
> Update to the latest available stable release for your scan environment. Please !
> check the
>   references for more information. If you're using packages provided by your Lin!
> ux distribution please contact the maintainer
>   of the used distribution / repository and request updated packages.
>   If you want to accept the risk of a possible decreased scan coverage or missin!
> g detection of vulnerabilities on the target you
>   can set a global override for this script as described in the linked manuals.
> 
> Vulnerability Detection Method:
> Details:
> Report outdated / end-of-life Scan Engine / Environment (local)
> (OID: 1.3.6.1.4.1.25623.1.0.108560)
> Version used: 2020-06-10T13:24:20+0000
> 
> References:
> Other:
>     https://www.greenbone.net/en/install_use_gce/
>     https://community.greenbone.net/t/gvm-9-end-of-life-initial-release-2017-03-07/211
>     https://community.greenbone.net/t/gvm-10-old-stable-initial-release-2019-04-05/208
>     https://community.greenbone.net/t/gvm-11-stable-initial-release-2019-10-14/3674
>     https://docs.greenbone.net/GSM-Manual/gos-4/en/reports.html#creating-an-override
>     https://docs.greenbone.net/GSM-Manual/gos-5/en/reports.html#creating-an-override
>     https://docs.greenbone.net/GSM-Manual/gos-6/en/reports.html#creating-an-override
> 
> 
> Issue
> -----
> NVT:    Important Announcement
> OID:    1.3.6.1.4.1.25623.1.0.999998
> Threat: High (CVSS: 10.0)
> Port:   general/tcp
> 
> Summary:
> ATTENTION:
> Your vulnerability tests are out of maintenance and not updated since September !
> 1st 2020. Your setup of Greenbone Source Edition will not report about any new t!
> hreats in your scanned environment since this date!
> REASON:
> Your Greenbone setup is connected to a discontinued download server of the Green!
> bone Community Feed. The Greenbone Community Feed is still available via a new d!
> ownload server. The discontinuation announcement was posted on May 13th at the G!
> reenbone Community Portal.
> SOLUTION:
> You can consider to upgrade your setup to a Greenbone enterprise product which a!
> lso provides you the full scan coverage via Greenbone Security Feed (see PROFESS!
> IONAL SOLUTION). Alternatively you can continue with the Greenbone Community Fee!
> d (see FREE COMMUNITY SOLUTION).
> PROFESSIONAL SOLUTION (Upgrading to full coverage scanning)
> We are happy that our technology already today helps you to reduce the attack su!
> rface of your corporate IT infrastructure. Our enterprise products close blind s!
> pots of the community feed and give access to Greenbone service desk.
> Please contact
> upgrade at greenbone.net
> and provide the following details (use copy&paste). Please understand that we wi!
> ll not reply to you if you do not provide all the details.
>   - Company name:
>   - Company homepage:
>   - Your name:
>   - Your position in the company:
>   - The number of IP addresses you are scanning with Greenbone (ca.):
>   - The number of scanner instances you are using to scan:
>   - Are you using a master-sensor configuration: yes/no
> Feel free to add any additional information you regard helpful to understand you!
> r setup.
> Our team will recommend to you a suitable commercial option. We are happy to dis!
> cuss larger setups in direct communication.
> You can inform yourself about our standard products here:
> https://www.greenbone.net/en/products-solutions/
> FREE COMMUNITY SOLUTION: Continue scanning with community feed
> The Greenbone Community Feed is still available and updated daily. You may have !
> just missed the technical notes and announcement here:
> https://community.greenbone.net/t/community-feed-url-consolidation/5338
> 
> Vulnerability Detection Result:
> ATTENTION:
> Your vulnerability tests are out of maintenance and not updated since September !
> 1st 2020. Your setup of Greenbone Source Edition will not report about any new t!
> hreats in your scanned environment since this date!
> REASON:
> Your Greenbone setup is connected to a discontinued download server of the Green!
> bone Community Feed. The Greenbone Community Feed is still available via a new d!
> ownload server. The discontinuation announcement was posted on May 13th at the G!
> reenbone Community Portal.
> SOLUTION:
> You can consider to upgrade your setup to a Greenbone enterprise product which a!
> lso provides you the full scan coverage via Greenbone Security Feed (see PROFESS!
> IONAL SOLUTION). Alternatively you can continue with the Greenbone Community Fee!
> d (see FREE COMMUNITY SOLUTION).
> PROFESSIONAL SOLUTION (Upgrading to full coverage scanning)
> We are happy that our technology already today helps you to reduce the attack su!
> rface of your corporate IT infrastructure. Our enterprise products close blind s!
> pots of the community feed and give access to Greenbone service desk.
> Please contact
> upgrade at greenbone.net
> and provide the following details (use copy&paste). Please understand that we wi!
> ll not reply to you if you do not provide all the details.
>   - Company name:
>   - Company homepage:
>   - Your name:
>   - Your position in the company:
>   - The number of IP addresses you are scanning with Greenbone (ca.):
>   - The number of scanner instances you are using to scan:
>   - Are you using a master-sensor configuration: yes/no
> Feel free to add any additional information you regard helpful to understand you!
> r setup.
> Our team will recommend to you a suitable commercial option. We are happy to dis!
> cuss larger setups in direct communication.
> You can inform yourself about our standard products here:
> https://www.greenbone.net/en/products-solutions/
> FREE COMMUNITY SOLUTION: Continue scanning with community feed
> The Greenbone Community Feed is still available and updated daily. You may have !
> just missed the technical notes and announcement here:
> https://community.greenbone.net/t/community-feed-url-consolidation/5338
> 
> Vulnerability Detection Method:
> Details:
> Important Announcement
> (OID: 1.3.6.1.4.1.25623.1.0.999998)
> Version used: 2020-07-14T11:31:48+0000
> 
> References:
> Other:
>     https://community.greenbone.net/t/community-feed-url-consolidation/5338
> 
> 
> Host 172.20.10.4
> ****************
> 
> Scanning of this host started at: 
> Number of results: 2
> 
> Port Summary for Host 172.20.10.4
> ---------------------------------
> 
> Service (Port)          Threat Level
> general/tcp             High
> general/tcp             High
> general/tcp             High
> general/tcp             High
> general/tcp             High
> general/tcp             High
> 
> Security Issues for Host 172.20.10.4
> ------------------------------------
> 
> Issue
> -----
> NVT:    Report outdated / end-of-life Scan Engine / Environment (local)
> OID:    1.3.6.1.4.1.25623.1.0.108560
> Threat: High (CVSS: 10.0)
> Port:   general/tcp
> 
> Summary:
> This script checks and reports an outdated or end-of-life scan engine
>   for the following environments:
>   - Greenbone Source Edition (GSE)
>   - Greenbone Community Edition (GCE)
>   used for this scan.
>   NOTE: While this is not, in and of itself, a security vulnerability, a severit!
> y is reported to make you aware
>   of a possible decreased scan coverage or missing detection of vulnerabilities !
> on the target due to e.g.:
>   - missing functionalities
>   - missing bugfixes
>   - incompatibilities within the feed.
> 
> Vulnerability Detection Result:
> Installed GVM Libraries (gvm-libs) version:        9.0.1
> Latest available GVM Libraries (gvm-libs) version: 10.0.2
> Reference URL(s) for the latest available version: https://community.greenbone.n!
> et/t/gvm-11-stable-initial-release-2019-10-14/3674 / https://community.greenbone!
> .net/t/gvm-10-old-stable-initial-release-2019-04-05/208
> 
> Solution:
> Solution type: VendorFix
> Update to the latest available stable release for your scan environment. Please !
> check the
>   references for more information. If you're using packages provided by your Lin!
> ux distribution please contact the maintainer
>   of the used distribution / repository and request updated packages.
>   If you want to accept the risk of a possible decreased scan coverage or missin!
> g detection of vulnerabilities on the target you
>   can set a global override for this script as described in the linked manuals.
> 
> Vulnerability Detection Method:
> Details:
> Report outdated / end-of-life Scan Engine / Environment (local)
> (OID: 1.3.6.1.4.1.25623.1.0.108560)
> Version used: 2020-06-10T13:24:20+0000
> 
> References:
> Other:
>     https://www.greenbone.net/en/install_use_gce/
>     https://community.greenbone.net/t/gvm-9-end-of-life-initial-release-2017-03-07/211
>     https://community.greenbone.net/t/gvm-10-old-stable-initial-release-2019-04-05/208
>     https://community.greenbone.net/t/gvm-11-stable-initial-release-2019-10-14/3674
>     https://docs.greenbone.net/GSM-Manual/gos-4/en/reports.html#creating-an-override
>     https://docs.greenbone.net/GSM-Manual/gos-5/en/reports.html#creating-an-override
>     https://docs.greenbone.net/GSM-Manual/gos-6/en/reports.html#creating-an-override
> 
> 
> Issue
> -----
> NVT:    Important Announcement
> OID:    1.3.6.1.4.1.25623.1.0.999998
> Threat: High (CVSS: 10.0)
> Port:   general/tcp
> 
> Summary:
> ATTENTION:
> Your vulnerability tests are out of maintenance and not updated since September !
> 1st 2020. Your setup of Greenbone Source Edition will not report about any new t!
> hreats in your scanned environment since this date!
> REASON:
> Your Greenbone setup is connected to a discontinued download server of the Green!
> bone Community Feed. The Greenbone Community Feed is still available via a new d!
> ownload server. The discontinuation announcement was posted on May 13th at the G!
> reenbone Community Portal.
> SOLUTION:
> You can consider to upgrade your setup to a Greenbone enterprise product which a!
> lso provides you the full scan coverage via Greenbone Security Feed (see PROFESS!
> IONAL SOLUTION). Alternatively you can continue with the Greenbone Community Fee!
> d (see FREE COMMUNITY SOLUTION).
> PROFESSIONAL SOLUTION (Upgrading to full coverage scanning)
> We are happy that our technology already today helps you to reduce the attack su!
> rface of your corporate IT infrastructure. Our enterprise products close blind s!
> pots of the community feed and give access to Greenbone service desk.
> Please contact
> upgrade at greenbone.net
> and provide the following details (use copy&paste). Please understand that we wi!
> ll not reply to you if you do not provide all the details.
>   - Company name:
>   - Company homepage:
>   - Your name:
>   - Your position in the company:
>   - The number of IP addresses you are scanning with Greenbone (ca.):
>   - The number of scanner instances you are using to scan:
>   - Are you using a master-sensor configuration: yes/no
> Feel free to add any additional information you regard helpful to understand you!
> r setup.
> Our team will recommend to you a suitable commercial option. We are happy to dis!
> cuss larger setups in direct communication.
> You can inform yourself about our standard products here:
> https://www.greenbone.net/en/products-solutions/
> FREE COMMUNITY SOLUTION: Continue scanning with community feed
> The Greenbone Community Feed is still available and updated daily. You may have !
> just missed the technical notes and announcement here:
> https://community.greenbone.net/t/community-feed-url-consolidation/5338
> 
> Vulnerability Detection Result:
> ATTENTION:
> Your vulnerability tests are out of maintenance and not updated since September !
> 1st 2020. Your setup of Greenbone Source Edition will not report about any new t!
> hreats in your scanned environment since this date!
> REASON:
> Your Greenbone setup is connected to a discontinued download server of the Green!
> bone Community Feed. The Greenbone Community Feed is still available via a new d!
> ownload server. The discontinuation announcement was posted on May 13th at the G!
> reenbone Community Portal.
> SOLUTION:
> You can consider to upgrade your setup to a Greenbone enterprise product which a!
> lso provides you the full scan coverage via Greenbone Security Feed (see PROFESS!
> IONAL SOLUTION). Alternatively you can continue with the Greenbone Community Fee!
> d (see FREE COMMUNITY SOLUTION).
> PROFESSIONAL SOLUTION (Upgrading to full coverage scanning)
> We are happy that our technology already today helps you to reduce the attack su!
> rface of your corporate IT infrastructure. Our enterprise products close blind s!
> pots of the community feed and give access to Greenbone service desk.
> Please contact
> upgrade at greenbone.net
> and provide the following details (use copy&paste). Please understand that we wi!
> ll not reply to you if you do not provide all the details.
>   - Company name:
>   - Company homepage:
>   - Your name:
>   - Your position in the company:
>   - The number of IP addresses you are scanning with Greenbone (ca.):
>   - The number of scanner instances you are using to scan:
>   - Are you using a master-sensor configuration: yes/no
> Feel free to add any additional information you regard helpful to understand you!
> r setup.
> Our team will recommend to you a suitable commercial option. We are happy to dis!
> cuss larger setups in direct communication.
> You can inform yourself about our standard products here:
> https://www.greenbone.net/en/products-solutions/
> FREE COMMUNITY SOLUTION: Continue scanning with community feed
> The Greenbone Community Feed is still available and updated daily. You may have !
> just missed the technical notes and announcement here:
> https://community.greenbone.net/t/community-feed-url-consolidation/5338
> 
> Vulnerability Detection Method:
> Details:
> Important Announcement
> (OID: 1.3.6.1.4.1.25623.1.0.999998)
> Version used: 2020-07-14T11:31:48+0000
> 
> References:
> Other:
>     https://community.greenbone.net/t/community-feed-url-consolidation/5338
> 
> 
> Host 172.20.10.12
> *****************
> 
> Scanning of this host started at: 
> Number of results: 2
> 
> Port Summary for Host 172.20.10.12
> ----------------------------------
> 
> Service (Port)          Threat Level
> general/tcp             High
> general/tcp             High
> general/tcp             High
> general/tcp             High
> general/tcp             High
> general/tcp             High
> 
> Security Issues for Host 172.20.10.12
> -------------------------------------
> 
> Issue
> -----
> NVT:    Report outdated / end-of-life Scan Engine / Environment (local)
> OID:    1.3.6.1.4.1.25623.1.0.108560
> Threat: High (CVSS: 10.0)
> Port:   general/tcp
> 
> Summary:
> This script checks and reports an outdated or end-of-life scan engine
>   for the following environments:
>   - Greenbone Source Edition (GSE)
>   - Greenbone Community Edition (GCE)
>   used for this scan.
>   NOTE: While this is not, in and of itself, a security vulnerability, a severit!
> y is reported to make you aware
>   of a possible decreased scan coverage or missing detection of vulnerabilities !
> on the target due to e.g.:
>   - missing functionalities
>   - missing bugfixes
>   - incompatibilities within the feed.
> 
> Vulnerability Detection Result:
> Installed GVM Libraries (gvm-libs) version:        9.0.1
> Latest available GVM Libraries (gvm-libs) version: 10.0.2
> Reference URL(s) for the latest available version: https://community.greenbone.n!
> et/t/gvm-11-stable-initial-release-2019-10-14/3674 / https://community.greenbone!
> .net/t/gvm-10-old-stable-initial-release-2019-04-05/208
> 
> Solution:
> Solution type: VendorFix
> Update to the latest available stable release for your scan environment. Please !
> check the
>   references for more information. If you're using packages provided by your Lin!
> ux distribution please contact the maintainer
>   of the used distribution / repository and request updated packages.
>   If you want to accept the risk of a possible decreased scan coverage or missin!
> g detection of vulnerabilities on the target you
>   can set a global override for this script as described in the linked manuals.
> 
> Vulnerability Detection Method:
> Details:
> Report outdated / end-of-life Scan Engine / Environment (local)
> (OID: 1.3.6.1.4.1.25623.1.0.108560)
> Version used: 2020-06-10T13:24:20+0000
> 
> References:
> Other:
>     https://www.greenbone.net/en/install_use_gce/
>     https://community.greenbone.net/t/gvm-9-end-of-life-initial-release-2017-03-07/211
>     https://community.greenbone.net/t/gvm-10-old-stable-initial-release-2019-04-05/208
>     https://community.greenbone.net/t/gvm-11-stable-initial-release-2019-10-14/3674
>     https://docs.greenbone.net/GSM-Manual/gos-4/en/reports.html#creating-an-override
>     https://docs.greenbone.net/GSM-Manual/gos-5/en/reports.html#creating-an-override
>     https://docs.greenbone.net/GSM-Manual/gos-6/en/reports.html#creating-an-override
> 
> 
> Issue
> -----
> NVT:    Important Announcement
> OID:    1.3.6.1.4.1.25623.1.0.999998
> Threat: High (CVSS: 10.0)
> Port:   general/tcp
> 
> Summary:
> ATTENTION:
> Your vulnerability tests are out of maintenance and not updated since September !
> 1st 2020. Your setup of Greenbone Source Edition will not report about any new t!
> hreats in your scanned environment since this date!
> REASON:
> Your Greenbone setup is connected to a discontinued download server of the Green!
> bone Community Feed. The Greenbone Community Feed is still available via a new d!
> ownload server. The discontinuation announcement was posted on May 13th at the G!
> reenbone Community Portal.
> SOLUTION:
> You can consider to upgrade your setup to a Greenbone enterprise product which a!
> lso provides you the full scan coverage via Greenbone Security Feed (see PROFESS!
> IONAL SOLUTION). Alternatively you can continue with the Greenbone Community Fee!
> d (see FREE COMMUNITY SOLUTION).
> PROFESSIONAL SOLUTION (Upgrading to full coverage scanning)
> We are happy that our technology already today helps you to reduce the attack su!
> rface of your corporate IT infrastructure. Our enterprise products close blind s!
> pots of the community feed and give access to Greenbone service desk.
> Please contact
> upgrade at greenbone.net
> and provide the following details (use copy&paste). Please understand that we wi!
> ll not reply to you if you do not provide all the details.
>   - Company name:
>   - Company homepage:
>   - Your name:
>   - Your position in the company:
>   - The number of IP addresses you are scanning with Greenbone (ca.):
>   - The number of scanner instances you are using to scan:
>   - Are you using a master-sensor configuration: yes/no
> Feel free to add any additional information you regard helpful to understand you!
> r setup.
> Our team will recommend to you a suitable commercial option. We are happy to dis!
> cuss larger setups in direct communication.
> You can inform yourself about our standard products here:
> https://www.greenbone.net/en/products-solutions/
> FREE COMMUNITY SOLUTION: Continue scanning with community feed
> The Greenbone Community Feed is still available and updated daily. You may have !
> just missed the technical notes and announcement here:
> https://community.greenbone.net/t/community-feed-url-consolidation/5338
> 
> Vulnerability Detection Result:
> ATTENTION:
> Your vulnerability tests are out of maintenance and not updated since September !
> 1st 2020. Your setup of Greenbone Source Edition will not report about any new t!
> hreats in your scanned environment since this date!
> REASON:
> Your Greenbone setup is connected to a discontinued download server of the Green!
> bone Community Feed. The Greenbone Community Feed is still available via a new d!
> ownload server. The discontinuation announcement was posted on May 13th at the G!
> reenbone Community Portal.
> SOLUTION:
> You can consider to upgrade your setup to a Greenbone enterprise product which a!
> lso provides you the full scan coverage via Greenbone Security Feed (see PROFESS!
> IONAL SOLUTION). Alternatively you can continue with the Greenbone Community Fee!
> d (see FREE COMMUNITY SOLUTION).
> PROFESSIONAL SOLUTION (Upgrading to full coverage scanning)
> We are happy that our technology already today helps you to reduce the attack su!
> rface of your corporate IT infrastructure. Our enterprise products close blind s!
> pots of the community feed and give access to Greenbone service desk.
> Please contact
> upgrade at greenbone.net
> and provide the following details (use copy&paste). Please understand that we wi!
> ll not reply to you if you do not provide all the details.
>   - Company name:
>   - Company homepage:
>   - Your name:
>   - Your position in the company:
>   - The number of IP addresses you are scanning with Greenbone (ca.):
>   - The number of scanner instances you are using to scan:
>   - Are you using a master-sensor configuration: yes/no
> Feel free to add any additional information you regard helpful to understand you!
> r setup.
> Our team will recommend to you a suitable commercial option. We are happy to dis!
> cuss larger setups in direct communication.
> You can inform yourself about our standard products here:
> https://www.greenbone.net/en/products-solutions/
> FREE COMMUNITY SOLUTION: Continue scanning with community feed
> The Greenbone Community Feed is still available and updated daily. You may have !
> just missed the technical notes and announcement here:
> https://community.greenbone.net/t/community-feed-url-consolidation/5338
> 
> Vulnerability Detection Method:
> Details:
> Important Announcement
> (OID: 1.3.6.1.4.1.25623.1.0.999998)
> Version used: 2020-07-14T11:31:48+0000
> 
> References:
> Other:
>     https://community.greenbone.net/t/community-feed-url-consolidation/5338
> 
> 
> Host 172.20.10.11
> *****************
> 
> Scanning of this host started at: 
> Number of results: 2
> 
> Port Summary for Host 172.20.10.11
> ----------------------------------
> 
> Service (Port)          Threat Level
> general/tcp             High
> general/tcp             High
> general/tcp             High
> general/tcp             High
> general/tcp             High
> general/tcp             High
> 
> Security Issues for Host 172.20.10.11
> -------------------------------------
> 
> Issue
> -----
> NVT:    Report outdated / end-of-life Scan Engine / Environment (local)
> OID:    1.3.6.1.4.1.25623.1.0.108560
> Threat: High (CVSS: 10.0)
> Port:   general/tcp
> 
> Summary:
> This script checks and reports an outdated or end-of-life scan engine
>   for the following environments:
>   - Greenbone Source Edition (GSE)
>   - Greenbone Community Edition (GCE)
>   used for this scan.
>   NOTE: While this is not, in and of itself, a security vulnerability, a severit!
> y is reported to make you aware
>   of a possible decreased scan coverage or missing detection of vulnerabilities !
> on the target due to e.g.:
>   - missing functionalities
>   - missing bugfixes
>   - incompatibilities within the feed.
> 
> Vulnerability Detection Result:
> Installed GVM Libraries (gvm-libs) version:        9.0.1
> Latest available GVM Libraries (gvm-libs) version: 10.0.2
> Reference URL(s) for the latest available version: https://community.greenbone.n!
> et/t/gvm-11-stable-initial-release-2019-10-14/3674 / https://community.greenbone!
> .net/t/gvm-10-old-stable-initial-release-2019-04-05/208
> 
> Solution:
> Solution type: VendorFix
> Update to the latest available stable release for your scan environment. Please !
> check the
>   references for more information. If you're using packages provided by your Lin!
> ux distribution please contact the maintainer
>   of the used distribution / repository and request updated packages.
>   If you want to accept the risk of a possible decreased scan coverage or missin!
> g detection of vulnerabilities on the target you
>   can set a global override for this script as described in the linked manuals.
> 
> Vulnerability Detection Method:
> Details:
> Report outdated / end-of-life Scan Engine / Environment (local)
> (OID: 1.3.6.1.4.1.25623.1.0.108560)
> Version used: 2020-06-10T13:24:20+0000
> 
> References:
> Other:
>     https://www.greenbone.net/en/install_use_gce/
>     https://community.greenbone.net/t/gvm-9-end-of-life-initial-release-2017-03-07/211
>     https://community.greenbone.net/t/gvm-10-old-stable-initial-release-2019-04-05/208
>     https://community.greenbone.net/t/gvm-11-stable-initial-release-2019-10-14/3674
>     https://docs.greenbone.net/GSM-Manual/gos-4/en/reports.html#creating-an-override
>     https://docs.greenbone.net/GSM-Manual/gos-5/en/reports.html#creating-an-override
>     https://docs.greenbone.net/GSM-Manual/gos-6/en/reports.html#creating-an-override
> 
> 
> Issue
> -----
> NVT:    Important Announcement
> OID:    1.3.6.1.4.1.25623.1.0.999998
> Threat: High (CVSS: 10.0)
> Port:   general/tcp
> 
> Summary:
> ATTENTION:
> Your vulnerability tests are out of maintenance and not updated since September !
> 1st 2020. Your setup of Greenbone Source Edition will not report about any new t!
> hreats in your scanned environment since this date!
> REASON:
> Your Greenbone setup is connected to a discontinued download server of the Green!
> bone Community Feed. The Greenbone Community Feed is still available via a new d!
> ownload server. The discontinuation announcement was posted on May 13th at the G!
> reenbone Community Portal.
> SOLUTION:
> You can consider to upgrade your setup to a Greenbone enterprise product which a!
> lso provides you the full scan coverage via Greenbone Security Feed (see PROFESS!
> IONAL SOLUTION). Alternatively you can continue with the Greenbone Community Fee!
> d (see FREE COMMUNITY SOLUTION).
> PROFESSIONAL SOLUTION (Upgrading to full coverage scanning)
> We are happy that our technology already today helps you to reduce the attack su!
> rface of your corporate IT infrastructure. Our enterprise products close blind s!
> pots of the community feed and give access to Greenbone service desk.
> Please contact
> upgrade at greenbone.net
> and provide the following details (use copy&paste). Please understand that we wi!
> ll not reply to you if you do not provide all the details.
>   - Company name:
>   - Company homepage:
>   - Your name:
>   - Your position in the company:
>   - The number of IP addresses you are scanning with Greenbone (ca.):
>   - The number of scanner instances you are using to scan:
>   - Are you using a master-sensor configuration: yes/no
> Feel free to add any additional information you regard helpful to understand you!
> r setup.
> Our team will recommend to you a suitable commercial option. We are happy to dis!
> cuss larger setups in direct communication.
> You can inform yourself about our standard products here:
> https://www.greenbone.net/en/products-solutions/
> FREE COMMUNITY SOLUTION: Continue scanning with community feed
> The Greenbone Community Feed is still available and updated daily. You may have !
> just missed the technical notes and announcement here:
> https://community.greenbone.net/t/community-feed-url-consolidation/5338
> 
> Vulnerability Detection Result:
> ATTENTION:
> Your vulnerability tests are out of maintenance and not updated since September !
> 1st 2020. Your setup of Greenbone Source Edition will not report about any new t!
> hreats in your scanned environment since this date!
> REASON:
> Your Greenbone setup is connected to a discontinued download server of the Green!
> bone Community Feed. The Greenbone Community Feed is still available via a new d!
> ownload server. The discontinuation announcement was posted on May 13th at the G!
> reenbone Community Portal.
> SOLUTION:
> You can consider to upgrade your setup to a Greenbone enterprise product which a!
> lso provides you the full scan coverage via Greenbone Security Feed (see PROFESS!
> IONAL SOLUTION). Alternatively you can continue with the Greenbone Community Fee!
> d (see FREE COMMUNITY SOLUTION).
> PROFESSIONAL SOLUTION (Upgrading to full coverage scanning)
> We are happy that our technology already today helps you to reduce the attack su!
> rface of your corporate IT infrastructure. Our enterprise products close blind s!
> pots of the community feed and give access to Greenbone service desk.
> Please contact
> upgrade at greenbone.net
> and provide the following details (use copy&paste). Please understand that we wi!
> ll not reply to you if you do not provide all the details.
>   - Company name:
>   - Company homepage:
>   - Your name:
>   - Your position in the company:
>   - The number of IP addresses you are scanning with Greenbone (ca.):
>   - The number of scanner instances you are using to scan:
>   - Are you using a master-sensor configuration: yes/no
> Feel free to add any additional information you regard helpful to understand you!
> r setup.
> Our team will recommend to you a suitable commercial option. We are happy to dis!
> cuss larger setups in direct communication.
> You can inform yourself about our standard products here:
> https://www.greenbone.net/en/products-solutions/
> FREE COMMUNITY SOLUTION: Continue scanning with community feed
> The Greenbone Community Feed is still available and updated daily. You may have !
> just missed the technical notes and announcement here:
> https://community.greenbone.net/t/community-feed-url-consolidation/5338
> 
> Vulnerability Detection Method:
> Details:
> Important Announcement
> (OID: 1.3.6.1.4.1.25623.1.0.999998)
> Version used: 2020-07-14T11:31:48+0000
> 
> References:
> Other:
>     https://community.greenbone.net/t/community-feed-url-consolidation/5338
> 
> 
> Host 172.20.10.8
> ****************
> 
> Scanning of this host started at: 
> Number of results: 2
> 
> Port Summary for Host 172.20.10.8
> ---------------------------------
> 
> Service (Port)          Threat Level
> general/tcp             High
> general/tcp             High
> general/tcp             High
> general/tcp             High
> general/tcp             High
> general/tcp             High
> 
> Security Issues for Host 172.20.10.8
> ------------------------------------
> 
> Issue
> -----
> NVT:    Report outdated / end-of-life Scan Engine / Environment (local)
> OID:    1.3.6.1.4.1.25623.1.0.108560
> Threat: High (CVSS: 10.0)
> Port:   general/tcp
> 
> Summary:
> This script checks and reports an outdated or end-of-life scan engine
>   for the following environments:
>   - Greenbone Source Edition (GSE)
>   - Greenbone Community Edition (GCE)
>   used for this scan.
>   NOTE: While this is not, in and of itself, a security vulnerability, a severit!
> y is reported to make you aware
>   of a possible decreased scan coverage or missing detection of vulnerabilities !
> on the target due to e.g.:
>   - missing functionalities
>   - missing bugfixes
>   - incompatibilities within the feed.
> 
> Vulnerability Detection Result:
> Installed GVM Libraries (gvm-libs) version:        9.0.1
> Latest available GVM Libraries (gvm-libs) version: 10.0.2
> Reference URL(s) for the latest available version: https://community.greenbone.n!
> et/t/gvm-11-stable-initial-release-2019-10-14/3674 / https://community.greenbone!
> .net/t/gvm-10-old-stable-initial-release-2019-04-05/208
> 
> Solution:
> Solution type: VendorFix
> Update to the latest available stable release for your scan environment. Please !
> check the
>   references for more information. If you're using packages provided by your Lin!
> ux distribution please contact the maintainer
>   of the used distribution / repository and request updated packages.
>   If you want to accept the risk of a possible decreased scan coverage or missin!
> g detection of vulnerabilities on the target you
>   can set a global override for this script as described in the linked manuals.
> 
> Vulnerability Detection Method:
> Details:
> Report outdated / end-of-life Scan Engine / Environment (local)
> (OID: 1.3.6.1.4.1.25623.1.0.108560)
> Version used: 2020-06-10T13:24:20+0000
> 
> References:
> Other:
>     https://www.greenbone.net/en/install_use_gce/
>     https://community.greenbone.net/t/gvm-9-end-of-life-initial-release-2017-03-07/211
>     https://community.greenbone.net/t/gvm-10-old-stable-initial-release-2019-04-05/208
>     https://community.greenbone.net/t/gvm-11-stable-initial-release-2019-10-14/3674
>     https://docs.greenbone.net/GSM-Manual/gos-4/en/reports.html#creating-an-override
>     https://docs.greenbone.net/GSM-Manual/gos-5/en/reports.html#creating-an-override
>     https://docs.greenbone.net/GSM-Manual/gos-6/en/reports.html#creating-an-override
> 
> 
> Issue
> -----
> NVT:    Important Announcement
> OID:    1.3.6.1.4.1.25623.1.0.999998
> Threat: High (CVSS: 10.0)
> Port:   general/tcp
> 
> Summary:
> ATTENTION:
> Your vulnerability tests are out of maintenance and not updated since September !
> 1st 2020. Your setup of Greenbone Source Edition will not report about any new t!
> hreats in your scanned environment since this date!
> REASON:
> Your Greenbone setup is connected to a discontinued download server of the Green!
> bone Community Feed. The Greenbone Community Feed is still available via a new d!
> ownload server. The discontinuation announcement was posted on May 13th at the G!
> reenbone Community Portal.
> SOLUTION:
> You can consider to upgrade your setup to a Greenbone enterprise product which a!
> lso provides you the full scan coverage via Greenbone Security Feed (see PROFESS!
> IONAL SOLUTION). Alternatively you can continue with the Greenbone Community Fee!
> d (see FREE COMMUNITY SOLUTION).
> PROFESSIONAL SOLUTION (Upgrading to full coverage scanning)
> We are happy that our technology already today helps you to reduce the attack su!
> rface of your corporate IT infrastructure. Our enterprise products close blind s!
> pots of the community feed and give access to Greenbone service desk.
> Please contact
> upgrade at greenbone.net
> and provide the following details (use copy&paste). Please understand that we wi!
> ll not reply to you if you do not provide all the details.
>   - Company name:
>   - Company homepage:
>   - Your name:
>   - Your position in the company:
>   - The number of IP addresses you are scanning with Greenbone (ca.):
>   - The number of scanner instances you are using to scan:
>   - Are you using a master-sensor configuration: yes/no
> Feel free to add any additional information you regard helpful to understand you!
> r setup.
> Our team will recommend to you a suitable commercial option. We are happy to dis!
> cuss larger setups in direct communication.
> You can inform yourself about our standard products here:
> https://www.greenbone.net/en/products-solutions/
> FREE COMMUNITY SOLUTION: Continue scanning with community feed
> The Greenbone Community Feed is still available and updated daily. You may have !
> just missed the technical notes and announcement here:
> https://community.greenbone.net/t/community-feed-url-consolidation/5338
> 
> Vulnerability Detection Result:
> ATTENTION:
> Your vulnerability tests are out of maintenance and not updated since September !
> 1st 2020. Your setup of Greenbone Source Edition will not report about any new t!
> hreats in your scanned environment since this date!
> REASON:
> Your Greenbone setup is connected to a discontinued download server of the Green!
> bone Community Feed. The Greenbone Community Feed is still available via a new d!
> ownload server. The discontinuation announcement was posted on May 13th at the G!
> reenbone Community Portal.
> SOLUTION:
> You can consider to upgrade your setup to a Greenbone enterprise product which a!
> lso provides you the full scan coverage via Greenbone Security Feed (see PROFESS!
> IONAL SOLUTION). Alternatively you can continue with the Greenbone Community Fee!
> d (see FREE COMMUNITY SOLUTION).
> PROFESSIONAL SOLUTION (Upgrading to full coverage scanning)
> We are happy that our technology already today helps you to reduce the attack su!
> rface of your corporate IT infrastructure. Our enterprise products close blind s!
> pots of the community feed and give access to Greenbone service desk.
> Please contact
> upgrade at greenbone.net
> and provide the following details (use copy&paste). Please understand that we wi!
> ll not reply to you if you do not provide all the details.
>   - Company name:
>   - Company homepage:
>   - Your name:
>   - Your position in the company:
>   - The number of IP addresses you are scanning with Greenbone (ca.):
>   - The number of scanner instances you are using to scan:
>   - Are you using a master-sensor configuration: yes/no
> Feel free to add any additional information you regard helpful to understand you!
> r setup.
> Our team will recommend to you a suitable commercial option. We are happy to dis!
> cuss larger setups in direct communication.
> You can inform yourself about our standard products here:
> https://www.greenbone.net/en/products-solutions/
> FREE COMMUNITY SOLUTION: Continue scanning with community feed
> The Greenbone Community Feed is still available and updated daily. You may have !
> just missed the technical notes and announcement here:
> https://community.greenbone.net/t/community-feed-url-consolidation/5338
> 
> Vulnerability Detection Method:
> Details:
> Important Announcement
> (OID: 1.3.6.1.4.1.25623.1.0.999998)
> Version used: 2020-07-14T11:31:48+0000
> 
> References:
> Other:
>     https://community.greenbone.net/t/community-feed-url-consolidation/5338
> 
> 
> Host 172.20.10.1
> ****************
> 
> Scanning of this host started at: 
> Number of results: 2
> 
> Port Summary for Host 172.20.10.1
> ---------------------------------
> 
> Service (Port)          Threat Level
> general/tcp             High
> general/tcp             High
> general/tcp             High
> general/tcp             High
> general/tcp             High
> general/tcp             High
> 
> Security Issues for Host 172.20.10.1
> ------------------------------------
> 
> Issue
> -----
> NVT:    Report outdated / end-of-life Scan Engine / Environment (local)
> OID:    1.3.6.1.4.1.25623.1.0.108560
> Threat: High (CVSS: 10.0)
> Port:   general/tcp
> 
> Summary:
> This script checks and reports an outdated or end-of-life scan engine
>   for the following environments:
>   - Greenbone Source Edition (GSE)
>   - Greenbone Community Edition (GCE)
>   used for this scan.
>   NOTE: While this is not, in and of itself, a security vulnerability, a severit!
> y is reported to make you aware
>   of a possible decreased scan coverage or missing detection of vulnerabilities !
> on the target due to e.g.:
>   - missing functionalities
>   - missing bugfixes
>   - incompatibilities within the feed.
> 
> Vulnerability Detection Result:
> Installed GVM Libraries (gvm-libs) version:        9.0.1
> Latest available GVM Libraries (gvm-libs) version: 10.0.2
> Reference URL(s) for the latest available version: https://community.greenbone.n!
> et/t/gvm-11-stable-initial-release-2019-10-14/3674 / https://community.greenbone!
> .net/t/gvm-10-old-stable-initial-release-2019-04-05/208
> 
> Solution:
> Solution type: VendorFix
> Update to the latest available stable release for your scan environment. Please !
> check the
>   references for more information. If you're using packages provided by your Lin!
> ux distribution please contact the maintainer
>   of the used distribution / repository and request updated packages.
>   If you want to accept the risk of a possible decreased scan coverage or missin!
> g detection of vulnerabilities on the target you
>   can set a global override for this script as described in the linked manuals.
> 
> Vulnerability Detection Method:
> Details:
> Report outdated / end-of-life Scan Engine / Environment (local)
> (OID: 1.3.6.1.4.1.25623.1.0.108560)
> Version used: 2020-06-10T13:24:20+0000
> 
> References:
> Other:
>     https://www.greenbone.net/en/install_use_gce/
>     https://community.greenbone.net/t/gvm-9-end-of-life-initial-release-2017-03-07/211
>     https://community.greenbone.net/t/gvm-10-old-stable-initial-release-2019-04-05/208
>     https://community.greenbone.net/t/gvm-11-stable-initial-release-2019-10-14/3674
>     https://docs.greenbone.net/GSM-Manual/gos-4/en/reports.html#creating-an-override
>     https://docs.greenbone.net/GSM-Manual/gos-5/en/reports.html#creating-an-override
>     https://docs.greenbone.net/GSM-Manual/gos-6/en/reports.html#creating-an-override
> 
> 
> Issue
> -----
> NVT:    Important Announcement
> OID:    1.3.6.1.4.1.25623.1.0.999998
> Threat: High (CVSS: 10.0)
> Port:   general/tcp
> 
> Summary:
> ATTENTION:
> Your vulnerability tests are out of maintenance and not updated since September !
> 1st 2020. Your setup of Greenbone Source Edition will not report about any new t!
> hreats in your scanned environment since this date!
> REASON:
> Your Greenbone setup is connected to a discontinued download server of the Green!
> bone Community Feed. The Greenbone Community Feed is still available via a new d!
> ownload server. The discontinuation announcement was posted on May 13th at the G!
> reenbone Community Portal.
> SOLUTION:
> You can consider to upgrade your setup to a Greenbone enterprise product which a!
> lso provides you the full scan coverage via Greenbone Security Feed (see PROFESS!
> IONAL SOLUTION). Alternatively you can continue with the Greenbone Community Fee!
> d (see FREE COMMUNITY SOLUTION).
> PROFESSIONAL SOLUTION (Upgrading to full coverage scanning)
> We are happy that our technology already today helps you to reduce the attack su!
> rface of your corporate IT infrastructure. Our enterprise products close blind s!
> pots of the community feed and give access to Greenbone service desk.
> Please contact
> upgrade at greenbone.net
> and provide the following details (use copy&paste). Please understand that we wi!
> ll not reply to you if you do not provide all the details.
>   - Company name:
>   - Company homepage:
>   - Your name:
>   - Your position in the company:
>   - The number of IP addresses you are scanning with Greenbone (ca.):
>   - The number of scanner instances you are using to scan:
>   - Are you using a master-sensor configuration: yes/no
> Feel free to add any additional information you regard helpful to understand you!
> r setup.
> Our team will recommend to you a suitable commercial option. We are happy to dis!
> cuss larger setups in direct communication.
> You can inform yourself about our standard products here:
> https://www.greenbone.net/en/products-solutions/
> FREE COMMUNITY SOLUTION: Continue scanning with community feed
> The Greenbone Community Feed is still available and updated daily. You may have !
> just missed the technical notes and announcement here:
> https://community.greenbone.net/t/community-feed-url-consolidation/5338
> 
> Vulnerability Detection Result:
> ATTENTION:
> Your vulnerability tests are out of maintenance and not updated since September !
> 1st 2020. Your setup of Greenbone Source Edition will not report about any new t!
> hreats in your scanned environment since this date!
> REASON:
> Your Greenbone setup is connected to a discontinued download server of the Green!
> bone Community Feed. The Greenbone Community Feed is still available via a new d!
> ownload server. The discontinuation announcement was posted on May 13th at the G!
> reenbone Community Portal.
> SOLUTION:
> You can consider to upgrade your setup to a Greenbone enterprise product which a!
> lso provides you the full scan coverage via Greenbone Security Feed (see PROFESS!
> IONAL SOLUTION). Alternatively you can continue with the Greenbone Community Fee!
> d (see FREE COMMUNITY SOLUTION).
> PROFESSIONAL SOLUTION (Upgrading to full coverage scanning)
> We are happy that our technology already today helps you to reduce the attack su!
> rface of your corporate IT infrastructure. Our enterprise products close blind s!
> pots of the community feed and give access to Greenbone service desk.
> Please contact
> upgrade at greenbone.net
> and provide the following details (use copy&paste). Please understand that we wi!
> ll not reply to you if you do not provide all the details.
>   - Company name:
>   - Company homepage:
>   - Your name:
>   - Your position in the company:
>   - The number of IP addresses you are scanning with Greenbone (ca.):
>   - The number of scanner instances you are using to scan:
>   - Are you using a master-sensor configuration: yes/no
> Feel free to add any additional information you regard helpful to understand you!
> r setup.
> Our team will recommend to you a suitable commercial option. We are happy to dis!
> cuss larger setups in direct communication.
> You can inform yourself about our standard products here:
> https://www.greenbone.net/en/products-solutions/
> FREE COMMUNITY SOLUTION: Continue scanning with community feed
> The Greenbone Community Feed is still available and updated daily. You may have !
> just missed the technical notes and announcement here:
> https://community.greenbone.net/t/community-feed-url-consolidation/5338
> 
> Vulnerability Detection Method:
> Details:
> Important Announcement
> (OID: 1.3.6.1.4.1.25623.1.0.999998)
> Version used: 2020-07-14T11:31:48+0000
> 
> References:
> Other:
>     https://community.greenbone.net/t/community-feed-url-consolidation/5338
> 
> 

> _______________________________________________
> freebsd-pkg at freebsd.org mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-pkg
> To unsubscribe, send any mail to "freebsd-pkg-unsubscribe at freebsd.org"

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 455 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/freebsd-pkg/attachments/20200924/cb9fcb81/attachment.sig>


More information about the freebsd-pkg mailing list