runcmd:
# Get the Greenbone CE docker-compose file and scripts
- curl -f -L https://raw.githubusercontent.com/greenbone/docs/v23.6.1/src/_static/docker-compose-22.4.yml -o /home/greenbone/docker-compose.yml
- mkdir -p /home/greenbone/scripts /home/greenbone/reports
- mv /var/lib/cloud/duffel-data/* /home/greenbone/scripts
- chown -R greenbone:greenbone /home/greenbone/scripts
- chown -R greenbone:greenbone /home/greenbone/reports
- chmod -R 775 /home/greenbone/reports # Allow writing of reports from the mounted docker volume
# Pull the Greenbone images and start Greenbone
- runuser -u greenbone -- docker-compose -f /home/greenbone/docker-compose.yml -p greenbone-community-edition pull
- runuser -u greenbone -- docker-compose -f /home/greenbone/docker-compose.yml -p greenbone-community-edition up -d
I provisioned some new instances and ran some successful scans with this setup yesterday.
A newly provisioned instance today (using the same cloud-init script) has started reporting:
NVT: Report outdated / end-of-life Scan Engine / Environment (local)
Version of installed component: 22.4.1 (Installed component: openvas-libraries on OpenVAS <= 9, openvas-scanner on Greenbone Community Edition >= 10)
Latest available openvas-scanner version: 22.7.2
Reference URL(s) for the latest available version: Greenbone Community Edition 22.4 (stable, initial release 2022-07-25)
I’ve deleted and recreated the instance a few times, to ensure it is freshly provisioned. I’ve also run through Updating the Greenbone Community Containers and Performing a Feed Synchronization, neither of which had any effect.
Here are the images I have:
REPOSITORY TAG IMAGE ID CREATED SIZE
greenbone/notus-data latest eaa275e9f27c 10 hours ago 322MB
greenbone/vulnerability-tests latest 2de34abe277d 12 hours ago 868MB
greenbone/scap-data latest c55ef5616cff 13 hours ago 1.6GB
greenbone/data-objects latest 0f5311977866 13 hours ago 16.4MB
greenbone/report-formats latest e4daf0ca7687 13 hours ago 4.91MB
greenbone/dfn-cert-data latest 6751e2b3a66e 14 hours ago 42.5MB
greenbone/cert-bund-data latest 81d16a58f786 14 hours ago 71.7MB
greenbone/gvm-tools latest 4c89aa885cea 30 hours ago 191MB
greenbone/gpg-data latest 472c7950a73d 2 days ago 4.27MB
greenbone/redis-server latest b96ecb2c88b1 2 days ago 107MB
greenbone/mqtt-broker latest 0abe39497634 2 days ago 104MB
greenbone/gsa stable 2d454742460a 4 days ago 155MB
greenbone/gvmd stable d49a640a8fdf 8 days ago 587MB
greenbone/pg-gvm stable 1056fc518b45 2 weeks ago 476MB
greenbone/ospd-openvas stable 604bb308c5d7 8 weeks ago 561MB
greenbone/notus-scanner stable 59ec67ddc438 3 months ago 313MB
Is this a mismatch between the vulnerability definition and the released image that’s available?
Created an account just to say i’m having the same issue.
Newly re-created docker compose container stack, same errors/warnings.
It’s weird, i’ve run these containers, auto updating every week for a few months, and have had no issues, but the last 2 weeks, i’ve had some issues. Requiring destroying volumes to get itt o work, and now this. Weird.
Warning in report is:
Version of installed component: 22.4.1 (Installed component: openvas-libraries on OpenVAS <= 9, openvas-scanner on Greenbone Community Edition >= 10)
Latest available openvas-scanner version: 22.7.2
Reference URL(s) for the latest available version: Greenbone Community Edition 22.4 (stable, initial release 2022-07-25)
Update to the latest available stable release for your scan environment. Please check the references for more information. If you’re using packages provided by your Linux distribution please contact the maintainer of the used distribution / repository and request updated packages. If you want to accept the risk of a possible decreased scan coverage or missing detection of vulnerabilities on the target you can set a global override for this script as described in the linked GSM manual.
would be nice if you can post the feed versions from the Administration → Feed Status page and paste the digest of the vulnerabilities-tests container image via docker image inspect greenbone/vulnerability-tests:latest --format "{{ index .RepoDigests 0 }}". Currently I can’t find an image with the 2de34abe277d digest.
I don’t have web UI access so I’m controlling greenbone via python-gvm.
Side note: The instance is in Google, and is accessible by IAP SSH. The reason I don’t have web UI access is that I can’t use IAP TCP Forwarding becuase I can’t get past the login page, I think due to this.
I hope this is what you’re looking for?
>>> from gvm.xml import pretty_print
>>> pretty_print(gmp.get_feeds())
<get_feeds_response status="200" status_text="OK">
<feed>
<type>NVT</type>
<name>Greenbone Community Feed</name>
<version>202307040551</version>
<description>This script synchronizes an NVT collection with the 'Greenbone Community Feed'.
The 'Greenbone Community Feed' is provided by 'Greenbone AG'.
Online information about this feed: 'https://www.greenbone.net/en/feed-comparison/'.
</description>
</feed>
<feed>
<type>SCAP</type>
<name>Greenbone SCAP Data Feed</name>
<version>202307040513</version>
<description>Provided via feed-automation</description>
</feed>
<feed>
<type>CERT</type>
<name>Greenbone CERT Data Feed</name>
<version>202307040407</version>
<description>Provided via feed-automation</description>
</feed>
<feed>
<type>GVMD_DATA</type>
<name>Greenbone Data Objects Feed</name>
<version>202307040505</version>
<description>Provided via feed-automation</description>
</feed>
</get_feeds_response>
Yes I believe so, the scan completes successfully otherwise, with no errors, and I can produce the PDF report which contains other findings.
This is a finding in the produced report, here’s the relevant <result> from the report.
<result id="74554f53-76d3-4b63-827b-923a09920426">
<name>Report outdated / end-of-life Scan Engine / Environment (local)</name>
<owner>
<name>admin</name>
</owner>
<modification_time>2023-07-04T17:16:01Z</modification_time>
<comment />
<creation_time>2023-07-04T17:16:01Z</creation_time>
<host>REDACTED<asset asset_id="6c409bef-ecff-4c59-8a03-b1b0e501c5fe" />
<hostname>REDACTED</hostname></host>
<port>general/tcp</port>
<nvt oid="1.3.6.1.4.1.25623.1.0.108560">
<type>nvt</type>
<name>Report outdated / end-of-life Scan Engine / Environment (local)</name>
<family>General</family>
<cvss_base>10.0</cvss_base>
<severities score="10.0">
<severity type="cvss_base_v2">
<origin />
<date>2019-03-16T07:57:17Z</date>
<score>10.0</score>
<value>AV:N/AC:L/Au:N/C:C/I:C/A:C</value>
</severity>
</severities>
<tags>cvss_base_vector=AV:N/AC:L/Au:N/C:C/I:C/A:C|summary=This script checks and reports an
outdated or end-of-life scan
engine for the following environments:
- Greenbone Community Edition
- Greenbone Enterprise TRIAL (formerly Greenbone Security Manager TRIAL / Greenbone Community
Edition VM)
used for this scan.
NOTE: While this is not, in and of itself, a security vulnerability, a severity is reported to
make you aware of a possible decreased scan coverage or missing detection of vulnerabilities
on
the target due to e.g.:
- missing functionalities
- missing bugfixes
- incompatibilities within the feed|insight=|affected=|impact=|solution=Update to the latest
available stable release for your scan
environment. Please check the references for more information. If you're using packages
provided
by your Linux distribution please contact the maintainer of the used distribution / repository
and
request updated packages.
If you want to accept the risk of a possible decreased scan coverage or missing detection of
vulnerabilities on the target you can set a global override for this script as described in
the
linked GSM manual.|vuldetect=|solution_type=VendorFix</tags>
<solution type="VendorFix">Update to the latest available stable release for your scan
environment. Please check the references for more information. If you're using packages
provided
by your Linux distribution please contact the maintainer of the used distribution / repository
and
request updated packages.
If you want to accept the risk of a possible decreased scan coverage or missing detection of
vulnerabilities on the target you can set a global override for this script as described in
the
linked GSM manual.</solution>
<refs>
<ref type="url" id="https://www.greenbone.net/en/testnow/" />
<ref type="url"
id="https://forum.greenbone.net/t/greenbone-community-edition-22-4-stable-initial-release-2022-07-25/12638" />
<ref type="url"
id="https://forum.greenbone.net/t/greenbone-community-edition-21-04-end-of-life/13837" />
<ref type="url"
id="https://forum.greenbone.net/t/gvm-21-04-end-of-life-initial-release-2021-04-16/8942" />
<ref type="url"
id="https://forum.greenbone.net/t/gvm-20-08-end-of-life-initial-release-2020-08-12/6312" />
<ref type="url"
id="https://forum.greenbone.net/t/gvm-11-end-of-life-initial-release-2019-10-14/3674" />
<ref type="url"
id="https://forum.greenbone.net/t/gvm-10-end-of-life-initial-release-2019-04-05/208" />
<ref type="url"
id="https://forum.greenbone.net/t/gvm-9-end-of-life-initial-release-2017-03-07/211" />
<ref type="url"
id="https://docs.greenbone.net/GSM-Manual/gos-22.04/en/reports.html#creating-an-override" />
</refs>
</nvt>
<scan_nvt_version>2023-07-04T05:05:35Z</scan_nvt_version>
<threat>High</threat>
<severity>10.0</severity>
<qod>
<value>97</value>
<type />
</qod>
<description>
Version of installed component: 22.4.1 (Installed component: openvas-libraries on
OpenVAS <= 9, openvas-scanner on Greenbone Community Edition >= 10)
Latest available openvas-scanner version: 22.7.2
Reference URL(s) for the latest available version:
https://forum.greenbone.net/t/greenbone-community-edition-22-4-stable-initial-release-2022-07-25/12638
</description>
<original_threat>High</original_threat>
<original_severity>10</original_severity>
</result>
here is the feed status page: (Sorry for the formatting)
Also to note, i really only see the error when doing a compare with a previous scan.
The only reason i did this was because i noticed that the number of CVEs detected had increased, but when viewing the report on it’s own, it didn’t show. So comparing to another report, it did show them as new detentions. It was weird.
Containers are updated weekly, i even updated right before the scan.
Type
Content
Origin
Version
Status
NVT
NVTs
Greenbone Community Feed
20230704T0551
2 days old
SCAP
CVEs
CPEs
Greenbone SCAP Data Feed
20230704T0513
2 days old
CERT
CERT-Bund Advisories
DFN-CERT Advisories
Greenbone CERT Data Feed
20230704T0407
2 days old
GVMD_DATA
Compliance Policies
Port Lists
Report Formats
Scan Configs
Greenbone Data Objects Feed
20230704T0505
2 days old
Same issue here. Installed community containers following the description.
The message shows up for IP addresses that are not in use - so really not assigned to any device. I use the “Consider Alive” setting.
Scanning of existing IPs works fine - issues are reported.
Version of installed component: 22.4.1 (Installed component: openvas-libraries on OpenVAS <= 9, openvas-scanner on Greenbone Community Edition >= 10)
Latest available openvas-scanner version: 22.7.2
Reference URL(s) for the latest available version: https://forum.greenbone.net/t/greenbone-community-edition-22-4-stable-initial-release-2022-07-25/12638
There a temporary fix way to modify the docker-compose.yml file to pull from a previous version or tag rather than the image: greenbone/<service-name>:stable for each service? This would allows building of the docker containers to revert to the previous version that is functional.
Hi everyone, same issue here with a fresh new install of Greenbone Community Containers.
As zrcadlo7 noticed, I also think the problem is in the latest/stable container image of ospd-openvas (v22.5.1 May 8, 2023). This image has the old OpenVAS 22.4.1~dev1 inside it.
This issue should be fixed for the Greenbone Community Containers already. The ospd-openvas 22.5.3 release is used now and it’s image is coming with the newest openvas-scanner version.
Is there a minimum version of gvmd that we should be using to match ospd-openvas 22.5.3?
I’m getting some ‘Erroneous scan progress value’ and ‘scan interrupted’ errors popping up when using gvmd 22.5.1
I updated the openvas-scanner image to 22.5.3 and the problem is solved now. Thank you for the fix!
I updated the openvas-scanner image with the following steps
(1) stopped the container
(2) deleted the container
(3) deleted/pruned the image
(4) recreated the image/container with:
To update image i modified the docker-compose-22.4.yml and removed everything expect the block for openvas-scanner. Then i started docker-compose -f ~/greenbone-community-container/docker-compose-22.4-openvas.yml -p greenbone-community-edition up -d
This worked but may not be the best way to do the update
Still seeing alerts using “stable” clean install including gvmd 25.5.5. This looks like an SCM problem.
Detection Result
Version of installed component: 22.7.2 (Installed component: openvas-libraries on OpenVAS <= 9, openvas-scanner on Greenbone Community Edition >= 10)
Latest available openvas-scanner version: 22.7.3
Reference URL(s) for the latest available version: Greenbone Community Edition 22.4 (stable, initial release 2022-07-25)
Update to the latest available stable release for your scan environment. Please check the references for more information. If you’re using packages provided by your Linux distribution please contact the maintainer of the used distribution / repository and request updated packages. If you want to accept the risk of a possible decreased scan coverage or missing detection of vulnerabilities on the target you can set a global override for this script as described in the linked GSM manual.
