Microsoft SQL Server End Of Life not detected

Hi, I’m scanning a Microsoft SQL Server 2014 12.00.5000.00 SP2, according to this page:, the version is end of life from Jan 14, 2020, but this is not reported (OpenVAS was able to detect the version).

OpenVAS also not detected vulns for this version.

The MS SQL detection report was:

Detected Microsoft SQL Server 2014 SP2

Version: 12.0.5000.0
Location: 1433/tcp
CPE: cpe:/a:microsoft:sql_server_2014:sp2:12.0.5000.0

This is the code from gb_ms_kb4019093_remote.nasl:

CPE = "cpe:/a:microsoft:sql_server_2014:sp2";


if(!port = get_app_port(cpe:CPE))

if(!vers = get_app_version(cpe:CPE, port:port))

if(version_in_range(version:vers, test_version:"12.0.5000.0", test_version2:"12.0.5206.0")) {
  report = report_fixed_ver(installed_version:vers, vulnerable_range:"12.0.5000.0 - 12.0.5206.0");
  security_message(port:port, data:report);

The get_app_version() function call above returns vers = sp212.0.5223.0, which is the wrong format to compare.

Hi everyone, any update about this?


Just a short site node, do you use the Greenbone Enterprise Feed ?

If so please open a support ticket, if not that Enterprise Products seems no longer be supported on the GCF.

1 Like

No. I’m using Community Feed, the plugins I mentioned above are included in the feed.

I’m just reporting the problem. I think that whether it is Enterprise Products or not, the error exists and still needs to be fixed.


Thanks for the report. The version compared needs indeed an adjustment for ServicePacks. I’ve raised an internal ticket to address this.

EoL detection will now and then be updated with a low priority. Nonetheless we will have a look at it as well.

Note: As mentioned by Lukas more recent checks for MS SQL Server are only available in the Greenbone Enterprise Feed. However we will of course update existing VTs already in the Community Feed. So thanks for reaching out to us!


A short follow up. The MS SQL VTs got a rework and the EoL checks got updated now. This will arrive in one of the next feed updates. Please let us know if there are any additional problems.