Hey,
I currently work on a project to scan a network and find vulnerabilities which has to be on FreeBSD. So, as a first step, I installed packages of openvas9 and scanned the network by using web interface. There is also a server on ubuntu to see what openvas will find.
On the report, there is a vulnerability called “Report outdated / end-of-life Scan Engine / Environment (local)” which makes me think the system isn’t working quite well since server has apache2 and open port 80 HTTP but couldn’t tell any of these as a vulnerability.
There is also a part on the report as:
Vulnerability Detection Result:
Installed GVM Libraries (gvm-libs) version: 9.0.1
Latest available GVM Libraries (gvm-libs) version: 10.0.2
I couldn’t update this gvm library, and I couldn’t even find this library to update in the list of packages. All conversations and videos are on Kali or etc.
I add a piece of the report, I hope someone can help me to solve the errors I mentioned in the upper text. Sorry if I wrote something unnecessary or irrelevant with this page, I am a student and quite new on this field.
Thank you
II Results per Host
Host 192.168.1.1
Scanning of this host started at:
Number of results: 2
Port Summary for Host 192.168.1.1
Service (Port) Threat Level
general/tcp High
general/tcp High
general/tcp High
general/tcp High
general/tcp High
Security Issues for Host 192.168.1.1
Issue
NVT: Report outdated / end-of-life Scan Engine / Environment (local)
OID: 1.3.6.1.4.1.25623.1.0.108560
Threat: High (CVSS: 10.0)
Port: general/tcp
Summary:
This script checks and reports an outdated or end-of-life scan engine
for the following environments:
- Greenbone Source Edition (GSE)
- Greenbone Community Edition (GCE)
used for this scan.
NOTE: While this is not, in and of itself, a security vulnerability, a severit!
y is reported to make you aware
of a possible decreased scan coverage or missing detection of vulnerabilities !
on the target due to e.g.: - missing functionalities
- missing bugfixes
- incompatibilities within the feed.
Vulnerability Detection Result:
Installed GVM Libraries (gvm-libs) version: 9.0.1
Latest available GVM Libraries (gvm-libs) version: 10.0.2
Reference URL(s) for the latest available version: https://community.greenbone.n!
et/t/gvm-11-stable-initial-release-2019-10-14/3674 / https://community.greenbone!
.net/t/gvm-10-old-stable-initial-release-2019-04-05/208
Solution:
Solution type: VendorFix
Update to the latest available stable release for your scan environment. Please !
check the
references for more information. If you’re using packages provided by your Lin!
ux distribution please contact the maintainer
of the used distribution / repository and request updated packages.
If you want to accept the risk of a possible decreased scan coverage or missin!
g detection of vulnerabilities on the target you
can set a global override for this script as described in the linked manuals.
Vulnerability Detection Method:
Details:
Report outdated / end-of-life Scan Engine / Environment (local)
(OID: 1.3.6.1.4.1.25623.1.0.108560)
Version used: 2020-06-10T13:24:20+0000