Report outdated / end-of-life Scan Engine / Environment (local) in VM 6.0.7

Greenbone Professional Edition
1

Hello, this is my first post.
I just downloaded the virtual GCE appliance v. 6.0.7 (last available VM) and using the ISO in a VirtualBox envirnment.
The report highlights this issue: “NVT: Report outdated / end-of-life Scan Engine / Environment (local)”.

Summary
This script checks and reports an outdated or end-of-life scan engine for the following environ-
ments:

  • Greenbone Source Edition (GSE)
  • Greenbone Community Edition (GCE) used for this scan.
    NOTE: While this is not, in and of itself, a security vulnerability, a severity is reported to make
    you aware of a possible decreased scan coverage or missing detection of vulnerabilities on the
    target due to e.g.:
  • missing functionalities
  • missing bug fixes
  • incompatibilities within the feed.
    Vulnerability Detection Result
    Installed GVM Libraries (gvm-libs) version: 11.0.0
    Latest available GVM Libraries (gvm-libs) version: 11.0.1
    Reference URL(s) for the latest available version: GVM 11 (stable, initial release 2019-10-14)

Please note that I don’t use KALI or other Linux distributions, but the original ISO from Greenbone. How can I solve this issue? I cannot get any “root” shell to upgrade the GVM libraries as suggested.
Thank you.

2

Can you please check if the file /etc/openvas/openvas.conf contains the following string:

vendor_version = Greenbone OS 6.0.7

This helps to decide if this is a problem in the GCE not setting this string correctly or a problem of the scanner not extracting this version correctly.

3

The /etc/openvas/openvas.conf is empty (0 bytes).
I have no way to change this value because I cannot “sudo” the user and the file is readonly for non-root users.
How can I change this?

4

So this might be a problem in the GCE then because the file should contain various lines including the vendor_version = Greenbone OS 6.0.7.

You can’t and shouldn’t modify this file manually. I guess something went wrong during the installation, a fresh installation could fix that.

4 Likes
5

The problem is that this is a fresh installation directly from the iso file!

6

You could check the following log file if a task called " Generate openvas config has shown some error:

/var/log/gos-ansible.log

Some internal tests have been already conducted with multiple GCE 6.0.7 installations from the same ISO and it wasn’t reproducible yet but maybe this can give some hints why it failed for your installation.

But nevertheless from the above i got the info that the installation needs to be redone to fix this situation.

7

Finally, I deleted the VM and recreated it from scratch. Now the file is 172 byte long.
Thank you

1 Like