Update to the latest available stable release for your scan environment. Please check the references for more information. If you’re using packages provided by your Linux distribution please contact the maintainer of the used distribution / repository and request updated packages.
Of course the other scanning results were extremely poor -actually far less than the usual of the same IP.
Is it something I can do to fix this, or should I wait for a vendorfix?
Please contact the Kali Team to update the packaging, there is nothing WE can do here. If you are going with unsupported version they need to provide help to their users.
We only support only GCE and this version is actual and supported by this community.
I’m getting the same messages on both a Debian VM that only has OpenVas installed as well as a ParretOS Security Edition. I have ran updated them all to the latest using apt and am still getting this when I run scans. Any thoughts?
This scan result always means you are using an outdated version of our software which will likely contain issues already fixed in newer versions and the community feed may not be compatible anymore with this version. Greenbone is not in charge for your version of our software. Therefore you should contact the provider of your packages (most likely your distribution) and create a request for updated packages. How this request should be made really depends on the provider of the packages. If you don’t know how to do that you are always welcome to use our Greenbone Community Edition Virtual Machine.
OpenVAS is packaged in the pkg-security team in Debian (we are involved in that team). Some OpenVAS components changed a lot and are hard to package properly. We don’t have any ETA currently.
If you need more information you might need to contact the Kali Team and/or Debian team.
There is a reason why this warning is given. A outdated scan engine brings the risk of false negative and important security and bug fixes are missing.
Hi everyone,
To all those interested in the initial problem (Kali users): https://bugs.kali.org/view.php?id=5797 is now solved with the following comment:
“new package gvm version 11.0.1~kali6 is in kali-rolling.
it replaces openvas”
It appears that we are well on the way to solving the problem!
I did these changes as mentioned abouve. #expected_gce_ver = “6.0.7”;
expected_gce_ver = “5.1.3”; #expected_libs_ver1 = “10.0.2”;
expected_libs_ver1 = “9.0.3”; #expected_libs_ver2 = “11.0.1”;
expected_libs_ver2 = “9.0.3”;
I observed that the important announcement vulnerability is not coming for some of the reports (scanned machine) but in another report (scanned machine), I can still see the
“important announcement vulnerability”. Any workaround for these.
Hi I try the same as I use the APT packets from Mohammad Razavi in Launchpad.
Unfortunately, he has not built a new version yet.
But the change of the file does not bring the desired success when you use the Updater Cronjob greenbone-feed-sync --type GVMD_DATA run every day:
So I just attached to the Cronjob an SED and now that’s just a score of 2.0 sed -e 's/value:"10.0"/value:"2.0"/g' /var/lib/openvas/plugins/gb_outdated_scan_engine.nasl
That does not solve the update problem, but it does not let the reports do not look like the hell on earth