FreeBSD OpenVAS Configuration
Brooks Davis
brooks at freebsd.org
Thu Sep 24 16:41:53 UTC 2020
It appears that OpenVAS is complaining about itself in a confusing and
unhelpful way. According to the following page, GVM is new branding for
OpenVAS.
https://wiki.gentoo.org/wiki/Greenbone_Vulnerability_Management
-- Brooks
On Thu, Sep 24, 2020 at 01:42:41PM +0300, Yigithan Bilge (Student) wrote:
> Hey,
>
> I currently work on a project to scan a network and find vulnerabilities
> which has to be on FreeBSD. So, as a first step, I installed packages of
> openvas9 and scanned the network by using the web interface. There is also
> a server on ubuntu to see what openvas will find.
>
> On the report, there is a vulnerability called ???Report outdated /
> end-of-life Scan Engine / Environment (local)??? which makes me think the
> system isn???t working quite well since the server has apache2 and open port
> 80 HTTP but couldn???t tell any of these as a vulnerability.
>
> There is also a part on the report as:
>
> Vulnerability Detection Result:
> Installed GVM Libraries (gvm-libs) version: 9.0.1
> Latest available GVM Libraries (gvm-libs) version: 10.0.2
>
> I couldn???t update this gvm library, and I couldn???t even find this library
> to update in the list of packages. All conversations and videos are on Kali
> or etc. I have got in touch with the greenbone community and got thia
> reply *"Greenbone
> is not in charge for your version of our software. Therefore you should
> contact the provider of your packages (most likely your distribution) and
> create a request for updated packages."*
>
> I also add the report, I hope someone can help me to solve the errors I
> mentioned in the upper text. Sorry if I wrote something unnecessary or
> irrelevant with this page, I am a student and quite new in this field.
>
> Thank you
> I Summary
> =========
>
> This document reports on the results of an automatic security scan.
> The report first summarises the results found.
> Then, for each host, the report describes every issue found.
> Please consider the advice given in each description, in order to rectify
> the issue.
>
> All dates are displayed using the timezone "Coordinated Universal Time",
> which is abbreviated "UTC".
>
> Vendor security updates are not trusted.
>
> Overrides are on. When a result has an override, this report uses the
> threat of the override.
>
> Notes are included in the report.Information on overrides is included in the report.
>
> This report might not show details of all issues that were found.
> It only lists hosts that produced issues.
> Issues with the threat level "Log" are not shown.
> Issues with the threat level "Debug" are not shown.
> Issues with the threat level "False Positive" are not shown.
> Only results with a minimum QoD of 70 are shown.
>
> This report contains all 12 results selected by the
> filtering described above. Before filtering there were 293 results.
>
> Scan started:
> Scan ended:
> Task: Server Scanning - Apache2
>
> Host Summary
> ************
>
> Host High Medium Low Log False Positive
> 172.20.10.2 2 0 0 0 0
> 172.20.10.4 2 0 0 0 0
> 172.20.10.12 2 0 0 0 0
> 172.20.10.11 2 0 0 0 0
> 172.20.10.8 2 0 0 0 0
> 172.20.10.1 2 0 0 0 0
> Total: 6 12 0 0 0 0
>
>
> II Results per Host
> ===================
>
> Host 172.20.10.2
> ****************
>
> Scanning of this host started at:
> Number of results: 2
>
> Port Summary for Host 172.20.10.2
> ---------------------------------
>
> Service (Port) Threat Level
> general/tcp High
> general/tcp High
> general/tcp High
> general/tcp High
> general/tcp High
> general/tcp High
>
> Security Issues for Host 172.20.10.2
> ------------------------------------
>
> Issue
> -----
> NVT: Report outdated / end-of-life Scan Engine / Environment (local)
> OID: 1.3.6.1.4.1.25623.1.0.108560
> Threat: High (CVSS: 10.0)
> Port: general/tcp
>
> Summary:
> This script checks and reports an outdated or end-of-life scan engine
> for the following environments:
> - Greenbone Source Edition (GSE)
> - Greenbone Community Edition (GCE)
> used for this scan.
> NOTE: While this is not, in and of itself, a security vulnerability, a severit!
> y is reported to make you aware
> of a possible decreased scan coverage or missing detection of vulnerabilities !
> on the target due to e.g.:
> - missing functionalities
> - missing bugfixes
> - incompatibilities within the feed.
>
> Vulnerability Detection Result:
> Installed GVM Libraries (gvm-libs) version: 9.0.1
> Latest available GVM Libraries (gvm-libs) version: 10.0.2
> Reference URL(s) for the latest available version: https://community.greenbone.n!
> et/t/gvm-11-stable-initial-release-2019-10-14/3674 / https://community.greenbone!
> .net/t/gvm-10-old-stable-initial-release-2019-04-05/208
>
> Solution:
> Solution type: VendorFix
> Update to the latest available stable release for your scan environment. Please !
> check the
> references for more information. If you're using packages provided by your Lin!
> ux distribution please contact the maintainer
> of the used distribution / repository and request updated packages.
> If you want to accept the risk of a possible decreased scan coverage or missin!
> g detection of vulnerabilities on the target you
> can set a global override for this script as described in the linked manuals.
>
> Vulnerability Detection Method:
> Details:
> Report outdated / end-of-life Scan Engine / Environment (local)
> (OID: 1.3.6.1.4.1.25623.1.0.108560)
> Version used: 2020-06-10T13:24:20+0000
>
> References:
> Other:
> https://www.greenbone.net/en/install_use_gce/
> https://community.greenbone.net/t/gvm-9-end-of-life-initial-release-2017-03-07/211
> https://community.greenbone.net/t/gvm-10-old-stable-initial-release-2019-04-05/208
> https://community.greenbone.net/t/gvm-11-stable-initial-release-2019-10-14/3674
> https://docs.greenbone.net/GSM-Manual/gos-4/en/reports.html#creating-an-override
> https://docs.greenbone.net/GSM-Manual/gos-5/en/reports.html#creating-an-override
> https://docs.greenbone.net/GSM-Manual/gos-6/en/reports.html#creating-an-override
>
>
> Issue
> -----
> NVT: Important Announcement
> OID: 1.3.6.1.4.1.25623.1.0.999998
> Threat: High (CVSS: 10.0)
> Port: general/tcp
>
> Summary:
> ATTENTION:
> Your vulnerability tests are out of maintenance and not updated since September !
> 1st 2020. Your setup of Greenbone Source Edition will not report about any new t!
> hreats in your scanned environment since this date!
> REASON:
> Your Greenbone setup is connected to a discontinued download server of the Green!
> bone Community Feed. The Greenbone Community Feed is still available via a new d!
> ownload server. The discontinuation announcement was posted on May 13th at the G!
> reenbone Community Portal.
> SOLUTION:
> You can consider to upgrade your setup to a Greenbone enterprise product which a!
> lso provides you the full scan coverage via Greenbone Security Feed (see PROFESS!
> IONAL SOLUTION). Alternatively you can continue with the Greenbone Community Fee!
> d (see FREE COMMUNITY SOLUTION).
> PROFESSIONAL SOLUTION (Upgrading to full coverage scanning)
> We are happy that our technology already today helps you to reduce the attack su!
> rface of your corporate IT infrastructure. Our enterprise products close blind s!
> pots of the community feed and give access to Greenbone service desk.
> Please contact
> upgrade at greenbone.net
> and provide the following details (use copy&paste). Please understand that we wi!
> ll not reply to you if you do not provide all the details.
> - Company name:
> - Company homepage:
> - Your name:
> - Your position in the company:
> - The number of IP addresses you are scanning with Greenbone (ca.):
> - The number of scanner instances you are using to scan:
> - Are you using a master-sensor configuration: yes/no
> Feel free to add any additional information you regard helpful to understand you!
> r setup.
> Our team will recommend to you a suitable commercial option. We are happy to dis!
> cuss larger setups in direct communication.
> You can inform yourself about our standard products here:
> https://www.greenbone.net/en/products-solutions/
> FREE COMMUNITY SOLUTION: Continue scanning with community feed
> The Greenbone Community Feed is still available and updated daily. You may have !
> just missed the technical notes and announcement here:
> https://community.greenbone.net/t/community-feed-url-consolidation/5338
>
> Vulnerability Detection Result:
> ATTENTION:
> Your vulnerability tests are out of maintenance and not updated since September !
> 1st 2020. Your setup of Greenbone Source Edition will not report about any new t!
> hreats in your scanned environment since this date!
> REASON:
> Your Greenbone setup is connected to a discontinued download server of the Green!
> bone Community Feed. The Greenbone Community Feed is still available via a new d!
> ownload server. The discontinuation announcement was posted on May 13th at the G!
> reenbone Community Portal.
> SOLUTION:
> You can consider to upgrade your setup to a Greenbone enterprise product which a!
> lso provides you the full scan coverage via Greenbone Security Feed (see PROFESS!
> IONAL SOLUTION). Alternatively you can continue with the Greenbone Community Fee!
> d (see FREE COMMUNITY SOLUTION).
> PROFESSIONAL SOLUTION (Upgrading to full coverage scanning)
> We are happy that our technology already today helps you to reduce the attack su!
> rface of your corporate IT infrastructure. Our enterprise products close blind s!
> pots of the community feed and give access to Greenbone service desk.
> Please contact
> upgrade at greenbone.net
> and provide the following details (use copy&paste). Please understand that we wi!
> ll not reply to you if you do not provide all the details.
> - Company name:
> - Company homepage:
> - Your name:
> - Your position in the company:
> - The number of IP addresses you are scanning with Greenbone (ca.):
> - The number of scanner instances you are using to scan:
> - Are you using a master-sensor configuration: yes/no
> Feel free to add any additional information you regard helpful to understand you!
> r setup.
> Our team will recommend to you a suitable commercial option. We are happy to dis!
> cuss larger setups in direct communication.
> You can inform yourself about our standard products here:
> https://www.greenbone.net/en/products-solutions/
> FREE COMMUNITY SOLUTION: Continue scanning with community feed
> The Greenbone Community Feed is still available and updated daily. You may have !
> just missed the technical notes and announcement here:
> https://community.greenbone.net/t/community-feed-url-consolidation/5338
>
> Vulnerability Detection Method:
> Details:
> Important Announcement
> (OID: 1.3.6.1.4.1.25623.1.0.999998)
> Version used: 2020-07-14T11:31:48+0000
>
> References:
> Other:
> https://community.greenbone.net/t/community-feed-url-consolidation/5338
>
>
> Host 172.20.10.4
> ****************
>
> Scanning of this host started at:
> Number of results: 2
>
> Port Summary for Host 172.20.10.4
> ---------------------------------
>
> Service (Port) Threat Level
> general/tcp High
> general/tcp High
> general/tcp High
> general/tcp High
> general/tcp High
> general/tcp High
>
> Security Issues for Host 172.20.10.4
> ------------------------------------
>
> Issue
> -----
> NVT: Report outdated / end-of-life Scan Engine / Environment (local)
> OID: 1.3.6.1.4.1.25623.1.0.108560
> Threat: High (CVSS: 10.0)
> Port: general/tcp
>
> Summary:
> This script checks and reports an outdated or end-of-life scan engine
> for the following environments:
> - Greenbone Source Edition (GSE)
> - Greenbone Community Edition (GCE)
> used for this scan.
> NOTE: While this is not, in and of itself, a security vulnerability, a severit!
> y is reported to make you aware
> of a possible decreased scan coverage or missing detection of vulnerabilities !
> on the target due to e.g.:
> - missing functionalities
> - missing bugfixes
> - incompatibilities within the feed.
>
> Vulnerability Detection Result:
> Installed GVM Libraries (gvm-libs) version: 9.0.1
> Latest available GVM Libraries (gvm-libs) version: 10.0.2
> Reference URL(s) for the latest available version: https://community.greenbone.n!
> et/t/gvm-11-stable-initial-release-2019-10-14/3674 / https://community.greenbone!
> .net/t/gvm-10-old-stable-initial-release-2019-04-05/208
>
> Solution:
> Solution type: VendorFix
> Update to the latest available stable release for your scan environment. Please !
> check the
> references for more information. If you're using packages provided by your Lin!
> ux distribution please contact the maintainer
> of the used distribution / repository and request updated packages.
> If you want to accept the risk of a possible decreased scan coverage or missin!
> g detection of vulnerabilities on the target you
> can set a global override for this script as described in the linked manuals.
>
> Vulnerability Detection Method:
> Details:
> Report outdated / end-of-life Scan Engine / Environment (local)
> (OID: 1.3.6.1.4.1.25623.1.0.108560)
> Version used: 2020-06-10T13:24:20+0000
>
> References:
> Other:
> https://www.greenbone.net/en/install_use_gce/
> https://community.greenbone.net/t/gvm-9-end-of-life-initial-release-2017-03-07/211
> https://community.greenbone.net/t/gvm-10-old-stable-initial-release-2019-04-05/208
> https://community.greenbone.net/t/gvm-11-stable-initial-release-2019-10-14/3674
> https://docs.greenbone.net/GSM-Manual/gos-4/en/reports.html#creating-an-override
> https://docs.greenbone.net/GSM-Manual/gos-5/en/reports.html#creating-an-override
> https://docs.greenbone.net/GSM-Manual/gos-6/en/reports.html#creating-an-override
>
>
> Issue
> -----
> NVT: Important Announcement
> OID: 1.3.6.1.4.1.25623.1.0.999998
> Threat: High (CVSS: 10.0)
> Port: general/tcp
>
> Summary:
> ATTENTION:
> Your vulnerability tests are out of maintenance and not updated since September !
> 1st 2020. Your setup of Greenbone Source Edition will not report about any new t!
> hreats in your scanned environment since this date!
> REASON:
> Your Greenbone setup is connected to a discontinued download server of the Green!
> bone Community Feed. The Greenbone Community Feed is still available via a new d!
> ownload server. The discontinuation announcement was posted on May 13th at the G!
> reenbone Community Portal.
> SOLUTION:
> You can consider to upgrade your setup to a Greenbone enterprise product which a!
> lso provides you the full scan coverage via Greenbone Security Feed (see PROFESS!
> IONAL SOLUTION). Alternatively you can continue with the Greenbone Community Fee!
> d (see FREE COMMUNITY SOLUTION).
> PROFESSIONAL SOLUTION (Upgrading to full coverage scanning)
> We are happy that our technology already today helps you to reduce the attack su!
> rface of your corporate IT infrastructure. Our enterprise products close blind s!
> pots of the community feed and give access to Greenbone service desk.
> Please contact
> upgrade at greenbone.net
> and provide the following details (use copy&paste). Please understand that we wi!
> ll not reply to you if you do not provide all the details.
> - Company name:
> - Company homepage:
> - Your name:
> - Your position in the company:
> - The number of IP addresses you are scanning with Greenbone (ca.):
> - The number of scanner instances you are using to scan:
> - Are you using a master-sensor configuration: yes/no
> Feel free to add any additional information you regard helpful to understand you!
> r setup.
> Our team will recommend to you a suitable commercial option. We are happy to dis!
> cuss larger setups in direct communication.
> You can inform yourself about our standard products here:
> https://www.greenbone.net/en/products-solutions/
> FREE COMMUNITY SOLUTION: Continue scanning with community feed
> The Greenbone Community Feed is still available and updated daily. You may have !
> just missed the technical notes and announcement here:
> https://community.greenbone.net/t/community-feed-url-consolidation/5338
>
> Vulnerability Detection Result:
> ATTENTION:
> Your vulnerability tests are out of maintenance and not updated since September !
> 1st 2020. Your setup of Greenbone Source Edition will not report about any new t!
> hreats in your scanned environment since this date!
> REASON:
> Your Greenbone setup is connected to a discontinued download server of the Green!
> bone Community Feed. The Greenbone Community Feed is still available via a new d!
> ownload server. The discontinuation announcement was posted on May 13th at the G!
> reenbone Community Portal.
> SOLUTION:
> You can consider to upgrade your setup to a Greenbone enterprise product which a!
> lso provides you the full scan coverage via Greenbone Security Feed (see PROFESS!
> IONAL SOLUTION). Alternatively you can continue with the Greenbone Community Fee!
> d (see FREE COMMUNITY SOLUTION).
> PROFESSIONAL SOLUTION (Upgrading to full coverage scanning)
> We are happy that our technology already today helps you to reduce the attack su!
> rface of your corporate IT infrastructure. Our enterprise products close blind s!
> pots of the community feed and give access to Greenbone service desk.
> Please contact
> upgrade at greenbone.net
> and provide the following details (use copy&paste). Please understand that we wi!
> ll not reply to you if you do not provide all the details.
> - Company name:
> - Company homepage:
> - Your name:
> - Your position in the company:
> - The number of IP addresses you are scanning with Greenbone (ca.):
> - The number of scanner instances you are using to scan:
> - Are you using a master-sensor configuration: yes/no
> Feel free to add any additional information you regard helpful to understand you!
> r setup.
> Our team will recommend to you a suitable commercial option. We are happy to dis!
> cuss larger setups in direct communication.
> You can inform yourself about our standard products here:
> https://www.greenbone.net/en/products-solutions/
> FREE COMMUNITY SOLUTION: Continue scanning with community feed
> The Greenbone Community Feed is still available and updated daily. You may have !
> just missed the technical notes and announcement here:
> https://community.greenbone.net/t/community-feed-url-consolidation/5338
>
> Vulnerability Detection Method:
> Details:
> Important Announcement
> (OID: 1.3.6.1.4.1.25623.1.0.999998)
> Version used: 2020-07-14T11:31:48+0000
>
> References:
> Other:
> https://community.greenbone.net/t/community-feed-url-consolidation/5338
>
>
> Host 172.20.10.12
> *****************
>
> Scanning of this host started at:
> Number of results: 2
>
> Port Summary for Host 172.20.10.12
> ----------------------------------
>
> Service (Port) Threat Level
> general/tcp High
> general/tcp High
> general/tcp High
> general/tcp High
> general/tcp High
> general/tcp High
>
> Security Issues for Host 172.20.10.12
> -------------------------------------
>
> Issue
> -----
> NVT: Report outdated / end-of-life Scan Engine / Environment (local)
> OID: 1.3.6.1.4.1.25623.1.0.108560
> Threat: High (CVSS: 10.0)
> Port: general/tcp
>
> Summary:
> This script checks and reports an outdated or end-of-life scan engine
> for the following environments:
> - Greenbone Source Edition (GSE)
> - Greenbone Community Edition (GCE)
> used for this scan.
> NOTE: While this is not, in and of itself, a security vulnerability, a severit!
> y is reported to make you aware
> of a possible decreased scan coverage or missing detection of vulnerabilities !
> on the target due to e.g.:
> - missing functionalities
> - missing bugfixes
> - incompatibilities within the feed.
>
> Vulnerability Detection Result:
> Installed GVM Libraries (gvm-libs) version: 9.0.1
> Latest available GVM Libraries (gvm-libs) version: 10.0.2
> Reference URL(s) for the latest available version: https://community.greenbone.n!
> et/t/gvm-11-stable-initial-release-2019-10-14/3674 / https://community.greenbone!
> .net/t/gvm-10-old-stable-initial-release-2019-04-05/208
>
> Solution:
> Solution type: VendorFix
> Update to the latest available stable release for your scan environment. Please !
> check the
> references for more information. If you're using packages provided by your Lin!
> ux distribution please contact the maintainer
> of the used distribution / repository and request updated packages.
> If you want to accept the risk of a possible decreased scan coverage or missin!
> g detection of vulnerabilities on the target you
> can set a global override for this script as described in the linked manuals.
>
> Vulnerability Detection Method:
> Details:
> Report outdated / end-of-life Scan Engine / Environment (local)
> (OID: 1.3.6.1.4.1.25623.1.0.108560)
> Version used: 2020-06-10T13:24:20+0000
>
> References:
> Other:
> https://www.greenbone.net/en/install_use_gce/
> https://community.greenbone.net/t/gvm-9-end-of-life-initial-release-2017-03-07/211
> https://community.greenbone.net/t/gvm-10-old-stable-initial-release-2019-04-05/208
> https://community.greenbone.net/t/gvm-11-stable-initial-release-2019-10-14/3674
> https://docs.greenbone.net/GSM-Manual/gos-4/en/reports.html#creating-an-override
> https://docs.greenbone.net/GSM-Manual/gos-5/en/reports.html#creating-an-override
> https://docs.greenbone.net/GSM-Manual/gos-6/en/reports.html#creating-an-override
>
>
> Issue
> -----
> NVT: Important Announcement
> OID: 1.3.6.1.4.1.25623.1.0.999998
> Threat: High (CVSS: 10.0)
> Port: general/tcp
>
> Summary:
> ATTENTION:
> Your vulnerability tests are out of maintenance and not updated since September !
> 1st 2020. Your setup of Greenbone Source Edition will not report about any new t!
> hreats in your scanned environment since this date!
> REASON:
> Your Greenbone setup is connected to a discontinued download server of the Green!
> bone Community Feed. The Greenbone Community Feed is still available via a new d!
> ownload server. The discontinuation announcement was posted on May 13th at the G!
> reenbone Community Portal.
> SOLUTION:
> You can consider to upgrade your setup to a Greenbone enterprise product which a!
> lso provides you the full scan coverage via Greenbone Security Feed (see PROFESS!
> IONAL SOLUTION). Alternatively you can continue with the Greenbone Community Fee!
> d (see FREE COMMUNITY SOLUTION).
> PROFESSIONAL SOLUTION (Upgrading to full coverage scanning)
> We are happy that our technology already today helps you to reduce the attack su!
> rface of your corporate IT infrastructure. Our enterprise products close blind s!
> pots of the community feed and give access to Greenbone service desk.
> Please contact
> upgrade at greenbone.net
> and provide the following details (use copy&paste). Please understand that we wi!
> ll not reply to you if you do not provide all the details.
> - Company name:
> - Company homepage:
> - Your name:
> - Your position in the company:
> - The number of IP addresses you are scanning with Greenbone (ca.):
> - The number of scanner instances you are using to scan:
> - Are you using a master-sensor configuration: yes/no
> Feel free to add any additional information you regard helpful to understand you!
> r setup.
> Our team will recommend to you a suitable commercial option. We are happy to dis!
> cuss larger setups in direct communication.
> You can inform yourself about our standard products here:
> https://www.greenbone.net/en/products-solutions/
> FREE COMMUNITY SOLUTION: Continue scanning with community feed
> The Greenbone Community Feed is still available and updated daily. You may have !
> just missed the technical notes and announcement here:
> https://community.greenbone.net/t/community-feed-url-consolidation/5338
>
> Vulnerability Detection Result:
> ATTENTION:
> Your vulnerability tests are out of maintenance and not updated since September !
> 1st 2020. Your setup of Greenbone Source Edition will not report about any new t!
> hreats in your scanned environment since this date!
> REASON:
> Your Greenbone setup is connected to a discontinued download server of the Green!
> bone Community Feed. The Greenbone Community Feed is still available via a new d!
> ownload server. The discontinuation announcement was posted on May 13th at the G!
> reenbone Community Portal.
> SOLUTION:
> You can consider to upgrade your setup to a Greenbone enterprise product which a!
> lso provides you the full scan coverage via Greenbone Security Feed (see PROFESS!
> IONAL SOLUTION). Alternatively you can continue with the Greenbone Community Fee!
> d (see FREE COMMUNITY SOLUTION).
> PROFESSIONAL SOLUTION (Upgrading to full coverage scanning)
> We are happy that our technology already today helps you to reduce the attack su!
> rface of your corporate IT infrastructure. Our enterprise products close blind s!
> pots of the community feed and give access to Greenbone service desk.
> Please contact
> upgrade at greenbone.net
> and provide the following details (use copy&paste). Please understand that we wi!
> ll not reply to you if you do not provide all the details.
> - Company name:
> - Company homepage:
> - Your name:
> - Your position in the company:
> - The number of IP addresses you are scanning with Greenbone (ca.):
> - The number of scanner instances you are using to scan:
> - Are you using a master-sensor configuration: yes/no
> Feel free to add any additional information you regard helpful to understand you!
> r setup.
> Our team will recommend to you a suitable commercial option. We are happy to dis!
> cuss larger setups in direct communication.
> You can inform yourself about our standard products here:
> https://www.greenbone.net/en/products-solutions/
> FREE COMMUNITY SOLUTION: Continue scanning with community feed
> The Greenbone Community Feed is still available and updated daily. You may have !
> just missed the technical notes and announcement here:
> https://community.greenbone.net/t/community-feed-url-consolidation/5338
>
> Vulnerability Detection Method:
> Details:
> Important Announcement
> (OID: 1.3.6.1.4.1.25623.1.0.999998)
> Version used: 2020-07-14T11:31:48+0000
>
> References:
> Other:
> https://community.greenbone.net/t/community-feed-url-consolidation/5338
>
>
> Host 172.20.10.11
> *****************
>
> Scanning of this host started at:
> Number of results: 2
>
> Port Summary for Host 172.20.10.11
> ----------------------------------
>
> Service (Port) Threat Level
> general/tcp High
> general/tcp High
> general/tcp High
> general/tcp High
> general/tcp High
> general/tcp High
>
> Security Issues for Host 172.20.10.11
> -------------------------------------
>
> Issue
> -----
> NVT: Report outdated / end-of-life Scan Engine / Environment (local)
> OID: 1.3.6.1.4.1.25623.1.0.108560
> Threat: High (CVSS: 10.0)
> Port: general/tcp
>
> Summary:
> This script checks and reports an outdated or end-of-life scan engine
> for the following environments:
> - Greenbone Source Edition (GSE)
> - Greenbone Community Edition (GCE)
> used for this scan.
> NOTE: While this is not, in and of itself, a security vulnerability, a severit!
> y is reported to make you aware
> of a possible decreased scan coverage or missing detection of vulnerabilities !
> on the target due to e.g.:
> - missing functionalities
> - missing bugfixes
> - incompatibilities within the feed.
>
> Vulnerability Detection Result:
> Installed GVM Libraries (gvm-libs) version: 9.0.1
> Latest available GVM Libraries (gvm-libs) version: 10.0.2
> Reference URL(s) for the latest available version: https://community.greenbone.n!
> et/t/gvm-11-stable-initial-release-2019-10-14/3674 / https://community.greenbone!
> .net/t/gvm-10-old-stable-initial-release-2019-04-05/208
>
> Solution:
> Solution type: VendorFix
> Update to the latest available stable release for your scan environment. Please !
> check the
> references for more information. If you're using packages provided by your Lin!
> ux distribution please contact the maintainer
> of the used distribution / repository and request updated packages.
> If you want to accept the risk of a possible decreased scan coverage or missin!
> g detection of vulnerabilities on the target you
> can set a global override for this script as described in the linked manuals.
>
> Vulnerability Detection Method:
> Details:
> Report outdated / end-of-life Scan Engine / Environment (local)
> (OID: 1.3.6.1.4.1.25623.1.0.108560)
> Version used: 2020-06-10T13:24:20+0000
>
> References:
> Other:
> https://www.greenbone.net/en/install_use_gce/
> https://community.greenbone.net/t/gvm-9-end-of-life-initial-release-2017-03-07/211
> https://community.greenbone.net/t/gvm-10-old-stable-initial-release-2019-04-05/208
> https://community.greenbone.net/t/gvm-11-stable-initial-release-2019-10-14/3674
> https://docs.greenbone.net/GSM-Manual/gos-4/en/reports.html#creating-an-override
> https://docs.greenbone.net/GSM-Manual/gos-5/en/reports.html#creating-an-override
> https://docs.greenbone.net/GSM-Manual/gos-6/en/reports.html#creating-an-override
>
>
> Issue
> -----
> NVT: Important Announcement
> OID: 1.3.6.1.4.1.25623.1.0.999998
> Threat: High (CVSS: 10.0)
> Port: general/tcp
>
> Summary:
> ATTENTION:
> Your vulnerability tests are out of maintenance and not updated since September !
> 1st 2020. Your setup of Greenbone Source Edition will not report about any new t!
> hreats in your scanned environment since this date!
> REASON:
> Your Greenbone setup is connected to a discontinued download server of the Green!
> bone Community Feed. The Greenbone Community Feed is still available via a new d!
> ownload server. The discontinuation announcement was posted on May 13th at the G!
> reenbone Community Portal.
> SOLUTION:
> You can consider to upgrade your setup to a Greenbone enterprise product which a!
> lso provides you the full scan coverage via Greenbone Security Feed (see PROFESS!
> IONAL SOLUTION). Alternatively you can continue with the Greenbone Community Fee!
> d (see FREE COMMUNITY SOLUTION).
> PROFESSIONAL SOLUTION (Upgrading to full coverage scanning)
> We are happy that our technology already today helps you to reduce the attack su!
> rface of your corporate IT infrastructure. Our enterprise products close blind s!
> pots of the community feed and give access to Greenbone service desk.
> Please contact
> upgrade at greenbone.net
> and provide the following details (use copy&paste). Please understand that we wi!
> ll not reply to you if you do not provide all the details.
> - Company name:
> - Company homepage:
> - Your name:
> - Your position in the company:
> - The number of IP addresses you are scanning with Greenbone (ca.):
> - The number of scanner instances you are using to scan:
> - Are you using a master-sensor configuration: yes/no
> Feel free to add any additional information you regard helpful to understand you!
> r setup.
> Our team will recommend to you a suitable commercial option. We are happy to dis!
> cuss larger setups in direct communication.
> You can inform yourself about our standard products here:
> https://www.greenbone.net/en/products-solutions/
> FREE COMMUNITY SOLUTION: Continue scanning with community feed
> The Greenbone Community Feed is still available and updated daily. You may have !
> just missed the technical notes and announcement here:
> https://community.greenbone.net/t/community-feed-url-consolidation/5338
>
> Vulnerability Detection Result:
> ATTENTION:
> Your vulnerability tests are out of maintenance and not updated since September !
> 1st 2020. Your setup of Greenbone Source Edition will not report about any new t!
> hreats in your scanned environment since this date!
> REASON:
> Your Greenbone setup is connected to a discontinued download server of the Green!
> bone Community Feed. The Greenbone Community Feed is still available via a new d!
> ownload server. The discontinuation announcement was posted on May 13th at the G!
> reenbone Community Portal.
> SOLUTION:
> You can consider to upgrade your setup to a Greenbone enterprise product which a!
> lso provides you the full scan coverage via Greenbone Security Feed (see PROFESS!
> IONAL SOLUTION). Alternatively you can continue with the Greenbone Community Fee!
> d (see FREE COMMUNITY SOLUTION).
> PROFESSIONAL SOLUTION (Upgrading to full coverage scanning)
> We are happy that our technology already today helps you to reduce the attack su!
> rface of your corporate IT infrastructure. Our enterprise products close blind s!
> pots of the community feed and give access to Greenbone service desk.
> Please contact
> upgrade at greenbone.net
> and provide the following details (use copy&paste). Please understand that we wi!
> ll not reply to you if you do not provide all the details.
> - Company name:
> - Company homepage:
> - Your name:
> - Your position in the company:
> - The number of IP addresses you are scanning with Greenbone (ca.):
> - The number of scanner instances you are using to scan:
> - Are you using a master-sensor configuration: yes/no
> Feel free to add any additional information you regard helpful to understand you!
> r setup.
> Our team will recommend to you a suitable commercial option. We are happy to dis!
> cuss larger setups in direct communication.
> You can inform yourself about our standard products here:
> https://www.greenbone.net/en/products-solutions/
> FREE COMMUNITY SOLUTION: Continue scanning with community feed
> The Greenbone Community Feed is still available and updated daily. You may have !
> just missed the technical notes and announcement here:
> https://community.greenbone.net/t/community-feed-url-consolidation/5338
>
> Vulnerability Detection Method:
> Details:
> Important Announcement
> (OID: 1.3.6.1.4.1.25623.1.0.999998)
> Version used: 2020-07-14T11:31:48+0000
>
> References:
> Other:
> https://community.greenbone.net/t/community-feed-url-consolidation/5338
>
>
> Host 172.20.10.8
> ****************
>
> Scanning of this host started at:
> Number of results: 2
>
> Port Summary for Host 172.20.10.8
> ---------------------------------
>
> Service (Port) Threat Level
> general/tcp High
> general/tcp High
> general/tcp High
> general/tcp High
> general/tcp High
> general/tcp High
>
> Security Issues for Host 172.20.10.8
> ------------------------------------
>
> Issue
> -----
> NVT: Report outdated / end-of-life Scan Engine / Environment (local)
> OID: 1.3.6.1.4.1.25623.1.0.108560
> Threat: High (CVSS: 10.0)
> Port: general/tcp
>
> Summary:
> This script checks and reports an outdated or end-of-life scan engine
> for the following environments:
> - Greenbone Source Edition (GSE)
> - Greenbone Community Edition (GCE)
> used for this scan.
> NOTE: While this is not, in and of itself, a security vulnerability, a severit!
> y is reported to make you aware
> of a possible decreased scan coverage or missing detection of vulnerabilities !
> on the target due to e.g.:
> - missing functionalities
> - missing bugfixes
> - incompatibilities within the feed.
>
> Vulnerability Detection Result:
> Installed GVM Libraries (gvm-libs) version: 9.0.1
> Latest available GVM Libraries (gvm-libs) version: 10.0.2
> Reference URL(s) for the latest available version: https://community.greenbone.n!
> et/t/gvm-11-stable-initial-release-2019-10-14/3674 / https://community.greenbone!
> .net/t/gvm-10-old-stable-initial-release-2019-04-05/208
>
> Solution:
> Solution type: VendorFix
> Update to the latest available stable release for your scan environment. Please !
> check the
> references for more information. If you're using packages provided by your Lin!
> ux distribution please contact the maintainer
> of the used distribution / repository and request updated packages.
> If you want to accept the risk of a possible decreased scan coverage or missin!
> g detection of vulnerabilities on the target you
> can set a global override for this script as described in the linked manuals.
>
> Vulnerability Detection Method:
> Details:
> Report outdated / end-of-life Scan Engine / Environment (local)
> (OID: 1.3.6.1.4.1.25623.1.0.108560)
> Version used: 2020-06-10T13:24:20+0000
>
> References:
> Other:
> https://www.greenbone.net/en/install_use_gce/
> https://community.greenbone.net/t/gvm-9-end-of-life-initial-release-2017-03-07/211
> https://community.greenbone.net/t/gvm-10-old-stable-initial-release-2019-04-05/208
> https://community.greenbone.net/t/gvm-11-stable-initial-release-2019-10-14/3674
> https://docs.greenbone.net/GSM-Manual/gos-4/en/reports.html#creating-an-override
> https://docs.greenbone.net/GSM-Manual/gos-5/en/reports.html#creating-an-override
> https://docs.greenbone.net/GSM-Manual/gos-6/en/reports.html#creating-an-override
>
>
> Issue
> -----
> NVT: Important Announcement
> OID: 1.3.6.1.4.1.25623.1.0.999998
> Threat: High (CVSS: 10.0)
> Port: general/tcp
>
> Summary:
> ATTENTION:
> Your vulnerability tests are out of maintenance and not updated since September !
> 1st 2020. Your setup of Greenbone Source Edition will not report about any new t!
> hreats in your scanned environment since this date!
> REASON:
> Your Greenbone setup is connected to a discontinued download server of the Green!
> bone Community Feed. The Greenbone Community Feed is still available via a new d!
> ownload server. The discontinuation announcement was posted on May 13th at the G!
> reenbone Community Portal.
> SOLUTION:
> You can consider to upgrade your setup to a Greenbone enterprise product which a!
> lso provides you the full scan coverage via Greenbone Security Feed (see PROFESS!
> IONAL SOLUTION). Alternatively you can continue with the Greenbone Community Fee!
> d (see FREE COMMUNITY SOLUTION).
> PROFESSIONAL SOLUTION (Upgrading to full coverage scanning)
> We are happy that our technology already today helps you to reduce the attack su!
> rface of your corporate IT infrastructure. Our enterprise products close blind s!
> pots of the community feed and give access to Greenbone service desk.
> Please contact
> upgrade at greenbone.net
> and provide the following details (use copy&paste). Please understand that we wi!
> ll not reply to you if you do not provide all the details.
> - Company name:
> - Company homepage:
> - Your name:
> - Your position in the company:
> - The number of IP addresses you are scanning with Greenbone (ca.):
> - The number of scanner instances you are using to scan:
> - Are you using a master-sensor configuration: yes/no
> Feel free to add any additional information you regard helpful to understand you!
> r setup.
> Our team will recommend to you a suitable commercial option. We are happy to dis!
> cuss larger setups in direct communication.
> You can inform yourself about our standard products here:
> https://www.greenbone.net/en/products-solutions/
> FREE COMMUNITY SOLUTION: Continue scanning with community feed
> The Greenbone Community Feed is still available and updated daily. You may have !
> just missed the technical notes and announcement here:
> https://community.greenbone.net/t/community-feed-url-consolidation/5338
>
> Vulnerability Detection Result:
> ATTENTION:
> Your vulnerability tests are out of maintenance and not updated since September !
> 1st 2020. Your setup of Greenbone Source Edition will not report about any new t!
> hreats in your scanned environment since this date!
> REASON:
> Your Greenbone setup is connected to a discontinued download server of the Green!
> bone Community Feed. The Greenbone Community Feed is still available via a new d!
> ownload server. The discontinuation announcement was posted on May 13th at the G!
> reenbone Community Portal.
> SOLUTION:
> You can consider to upgrade your setup to a Greenbone enterprise product which a!
> lso provides you the full scan coverage via Greenbone Security Feed (see PROFESS!
> IONAL SOLUTION). Alternatively you can continue with the Greenbone Community Fee!
> d (see FREE COMMUNITY SOLUTION).
> PROFESSIONAL SOLUTION (Upgrading to full coverage scanning)
> We are happy that our technology already today helps you to reduce the attack su!
> rface of your corporate IT infrastructure. Our enterprise products close blind s!
> pots of the community feed and give access to Greenbone service desk.
> Please contact
> upgrade at greenbone.net
> and provide the following details (use copy&paste). Please understand that we wi!
> ll not reply to you if you do not provide all the details.
> - Company name:
> - Company homepage:
> - Your name:
> - Your position in the company:
> - The number of IP addresses you are scanning with Greenbone (ca.):
> - The number of scanner instances you are using to scan:
> - Are you using a master-sensor configuration: yes/no
> Feel free to add any additional information you regard helpful to understand you!
> r setup.
> Our team will recommend to you a suitable commercial option. We are happy to dis!
> cuss larger setups in direct communication.
> You can inform yourself about our standard products here:
> https://www.greenbone.net/en/products-solutions/
> FREE COMMUNITY SOLUTION: Continue scanning with community feed
> The Greenbone Community Feed is still available and updated daily. You may have !
> just missed the technical notes and announcement here:
> https://community.greenbone.net/t/community-feed-url-consolidation/5338
>
> Vulnerability Detection Method:
> Details:
> Important Announcement
> (OID: 1.3.6.1.4.1.25623.1.0.999998)
> Version used: 2020-07-14T11:31:48+0000
>
> References:
> Other:
> https://community.greenbone.net/t/community-feed-url-consolidation/5338
>
>
> Host 172.20.10.1
> ****************
>
> Scanning of this host started at:
> Number of results: 2
>
> Port Summary for Host 172.20.10.1
> ---------------------------------
>
> Service (Port) Threat Level
> general/tcp High
> general/tcp High
> general/tcp High
> general/tcp High
> general/tcp High
> general/tcp High
>
> Security Issues for Host 172.20.10.1
> ------------------------------------
>
> Issue
> -----
> NVT: Report outdated / end-of-life Scan Engine / Environment (local)
> OID: 1.3.6.1.4.1.25623.1.0.108560
> Threat: High (CVSS: 10.0)
> Port: general/tcp
>
> Summary:
> This script checks and reports an outdated or end-of-life scan engine
> for the following environments:
> - Greenbone Source Edition (GSE)
> - Greenbone Community Edition (GCE)
> used for this scan.
> NOTE: While this is not, in and of itself, a security vulnerability, a severit!
> y is reported to make you aware
> of a possible decreased scan coverage or missing detection of vulnerabilities !
> on the target due to e.g.:
> - missing functionalities
> - missing bugfixes
> - incompatibilities within the feed.
>
> Vulnerability Detection Result:
> Installed GVM Libraries (gvm-libs) version: 9.0.1
> Latest available GVM Libraries (gvm-libs) version: 10.0.2
> Reference URL(s) for the latest available version: https://community.greenbone.n!
> et/t/gvm-11-stable-initial-release-2019-10-14/3674 / https://community.greenbone!
> .net/t/gvm-10-old-stable-initial-release-2019-04-05/208
>
> Solution:
> Solution type: VendorFix
> Update to the latest available stable release for your scan environment. Please !
> check the
> references for more information. If you're using packages provided by your Lin!
> ux distribution please contact the maintainer
> of the used distribution / repository and request updated packages.
> If you want to accept the risk of a possible decreased scan coverage or missin!
> g detection of vulnerabilities on the target you
> can set a global override for this script as described in the linked manuals.
>
> Vulnerability Detection Method:
> Details:
> Report outdated / end-of-life Scan Engine / Environment (local)
> (OID: 1.3.6.1.4.1.25623.1.0.108560)
> Version used: 2020-06-10T13:24:20+0000
>
> References:
> Other:
> https://www.greenbone.net/en/install_use_gce/
> https://community.greenbone.net/t/gvm-9-end-of-life-initial-release-2017-03-07/211
> https://community.greenbone.net/t/gvm-10-old-stable-initial-release-2019-04-05/208
> https://community.greenbone.net/t/gvm-11-stable-initial-release-2019-10-14/3674
> https://docs.greenbone.net/GSM-Manual/gos-4/en/reports.html#creating-an-override
> https://docs.greenbone.net/GSM-Manual/gos-5/en/reports.html#creating-an-override
> https://docs.greenbone.net/GSM-Manual/gos-6/en/reports.html#creating-an-override
>
>
> Issue
> -----
> NVT: Important Announcement
> OID: 1.3.6.1.4.1.25623.1.0.999998
> Threat: High (CVSS: 10.0)
> Port: general/tcp
>
> Summary:
> ATTENTION:
> Your vulnerability tests are out of maintenance and not updated since September !
> 1st 2020. Your setup of Greenbone Source Edition will not report about any new t!
> hreats in your scanned environment since this date!
> REASON:
> Your Greenbone setup is connected to a discontinued download server of the Green!
> bone Community Feed. The Greenbone Community Feed is still available via a new d!
> ownload server. The discontinuation announcement was posted on May 13th at the G!
> reenbone Community Portal.
> SOLUTION:
> You can consider to upgrade your setup to a Greenbone enterprise product which a!
> lso provides you the full scan coverage via Greenbone Security Feed (see PROFESS!
> IONAL SOLUTION). Alternatively you can continue with the Greenbone Community Fee!
> d (see FREE COMMUNITY SOLUTION).
> PROFESSIONAL SOLUTION (Upgrading to full coverage scanning)
> We are happy that our technology already today helps you to reduce the attack su!
> rface of your corporate IT infrastructure. Our enterprise products close blind s!
> pots of the community feed and give access to Greenbone service desk.
> Please contact
> upgrade at greenbone.net
> and provide the following details (use copy&paste). Please understand that we wi!
> ll not reply to you if you do not provide all the details.
> - Company name:
> - Company homepage:
> - Your name:
> - Your position in the company:
> - The number of IP addresses you are scanning with Greenbone (ca.):
> - The number of scanner instances you are using to scan:
> - Are you using a master-sensor configuration: yes/no
> Feel free to add any additional information you regard helpful to understand you!
> r setup.
> Our team will recommend to you a suitable commercial option. We are happy to dis!
> cuss larger setups in direct communication.
> You can inform yourself about our standard products here:
> https://www.greenbone.net/en/products-solutions/
> FREE COMMUNITY SOLUTION: Continue scanning with community feed
> The Greenbone Community Feed is still available and updated daily. You may have !
> just missed the technical notes and announcement here:
> https://community.greenbone.net/t/community-feed-url-consolidation/5338
>
> Vulnerability Detection Result:
> ATTENTION:
> Your vulnerability tests are out of maintenance and not updated since September !
> 1st 2020. Your setup of Greenbone Source Edition will not report about any new t!
> hreats in your scanned environment since this date!
> REASON:
> Your Greenbone setup is connected to a discontinued download server of the Green!
> bone Community Feed. The Greenbone Community Feed is still available via a new d!
> ownload server. The discontinuation announcement was posted on May 13th at the G!
> reenbone Community Portal.
> SOLUTION:
> You can consider to upgrade your setup to a Greenbone enterprise product which a!
> lso provides you the full scan coverage via Greenbone Security Feed (see PROFESS!
> IONAL SOLUTION). Alternatively you can continue with the Greenbone Community Fee!
> d (see FREE COMMUNITY SOLUTION).
> PROFESSIONAL SOLUTION (Upgrading to full coverage scanning)
> We are happy that our technology already today helps you to reduce the attack su!
> rface of your corporate IT infrastructure. Our enterprise products close blind s!
> pots of the community feed and give access to Greenbone service desk.
> Please contact
> upgrade at greenbone.net
> and provide the following details (use copy&paste). Please understand that we wi!
> ll not reply to you if you do not provide all the details.
> - Company name:
> - Company homepage:
> - Your name:
> - Your position in the company:
> - The number of IP addresses you are scanning with Greenbone (ca.):
> - The number of scanner instances you are using to scan:
> - Are you using a master-sensor configuration: yes/no
> Feel free to add any additional information you regard helpful to understand you!
> r setup.
> Our team will recommend to you a suitable commercial option. We are happy to dis!
> cuss larger setups in direct communication.
> You can inform yourself about our standard products here:
> https://www.greenbone.net/en/products-solutions/
> FREE COMMUNITY SOLUTION: Continue scanning with community feed
> The Greenbone Community Feed is still available and updated daily. You may have !
> just missed the technical notes and announcement here:
> https://community.greenbone.net/t/community-feed-url-consolidation/5338
>
> Vulnerability Detection Method:
> Details:
> Important Announcement
> (OID: 1.3.6.1.4.1.25623.1.0.999998)
> Version used: 2020-07-14T11:31:48+0000
>
> References:
> Other:
> https://community.greenbone.net/t/community-feed-url-consolidation/5338
>
>
> _______________________________________________
> freebsd-pkg at freebsd.org mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-pkg
> To unsubscribe, send any mail to "freebsd-pkg-unsubscribe at freebsd.org"
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 455 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/freebsd-pkg/attachments/20200924/cb9fcb81/attachment.sig>
More information about the freebsd-pkg
mailing list