Software version incorrectly detected

henkies · February 2, 2019, 11:02am

Hi all,

my two latest scan I’ve used SSH credentials on 2 fully updated Debian 9 server and although they succeed, the results are not correct in my opinion.

Server 1 reports this high security risk:
Result: Debian Security Advisory DSA 4346-1 (ghostscript - security update)
https://www.debian.org/security/2018/dsa-4346.html

But this server is 100% up to date and has the latest Ghostscript version that solved this problem:
GPL Ghostscript 9.26 (2018-11-20)

Server 2 reports this high security risk:
Result: Debian Security Advisory DSA 4308-1 (linux - security update)
https://www.debian.org/security/2018/dsa-4308.html

But again this server is also 100% up to date and has the latest Debian kernel version possible:
Debian 4.9.130-2 (2018-10-27)

How can I prevent these false reports? Many thanks in advance.

cfi · February 4, 2019, 7:44am

Thanks for your report.

This should be already resolved since a few days. Please update your feed to a recent one and try again.

The most common reason for this is that you have some older kernel packages left behind. The report should include the vulnerable package and the detected version which should help you to identify the packages to see if you need to remove some older ones.

henkies · February 4, 2019, 7:51am

Thanks for the answer!

I believe my feed is up-to-date but I will surely try again. Maybe I’m running the incorrect command? Which command(s) should I run exactly to update?

I’ll look into the older kernels.

cfi · February 4, 2019, 8:49am

The update to the DSA 4346-1 was done on 31/01/2019 to correct the seen behavior. I’m not sure how often and at which time the update of the GCF/GSF feeds are done so it might be possible that it didn’t arrived in the feed at the time of your scan.

cfi · February 4, 2019, 10:15am

A post was split to a new topic: How to update/keep the feed up to date?