Date: Thu, 24 Sep 2020 16:41:46 +0000 From: Brooks Davis <brooks@freebsd.org> To: "Yigithan Bilge (Student)" <yigithanbilge@sabanciuniv.edu> Cc: freebsd-pkg@freebsd.org Subject: Re: FreeBSD OpenVAS Configuration Message-ID: <20200924164146.GA64154@spindle.one-eyed-alien.net> In-Reply-To: <CAE1-y3b=JUmxbq75zKF2r1H6od-pqGpH8TjS3eu6%2BS4AwQyEow@mail.gmail.com> References: <CAE1-y3b=JUmxbq75zKF2r1H6od-pqGpH8TjS3eu6%2BS4AwQyEow@mail.gmail.com>
index | next in thread | previous in thread | raw e-mail
[-- Attachment #1 --] It appears that OpenVAS is complaining about itself in a confusing and unhelpful way. According to the following page, GVM is new branding for OpenVAS. https://wiki.gentoo.org/wiki/Greenbone_Vulnerability_Management -- Brooks On Thu, Sep 24, 2020 at 01:42:41PM +0300, Yigithan Bilge (Student) wrote: > Hey, > > I currently work on a project to scan a network and find vulnerabilities > which has to be on FreeBSD. So, as a first step, I installed packages of > openvas9 and scanned the network by using the web interface. There is also > a server on ubuntu to see what openvas will find. > > On the report, there is a vulnerability called ???Report outdated / > end-of-life Scan Engine / Environment (local)??? which makes me think the > system isn???t working quite well since the server has apache2 and open port > 80 HTTP but couldn???t tell any of these as a vulnerability. > > There is also a part on the report as: > > Vulnerability Detection Result: > Installed GVM Libraries (gvm-libs) version: 9.0.1 > Latest available GVM Libraries (gvm-libs) version: 10.0.2 > > I couldn???t update this gvm library, and I couldn???t even find this library > to update in the list of packages. All conversations and videos are on Kali > or etc. I have got in touch with the greenbone community and got thia > reply *"Greenbone > is not in charge for your version of our software. Therefore you should > contact the provider of your packages (most likely your distribution) and > create a request for updated packages."* > > I also add the report, I hope someone can help me to solve the errors I > mentioned in the upper text. Sorry if I wrote something unnecessary or > irrelevant with this page, I am a student and quite new in this field. > > Thank you > I Summary > ========= > > This document reports on the results of an automatic security scan. > The report first summarises the results found. > Then, for each host, the report describes every issue found. > Please consider the advice given in each description, in order to rectify > the issue. > > All dates are displayed using the timezone "Coordinated Universal Time", > which is abbreviated "UTC". > > Vendor security updates are not trusted. > > Overrides are on. When a result has an override, this report uses the > threat of the override. > > Notes are included in the report.Information on overrides is included in the report. > > This report might not show details of all issues that were found. > It only lists hosts that produced issues. > Issues with the threat level "Log" are not shown. > Issues with the threat level "Debug" are not shown. > Issues with the threat level "False Positive" are not shown. > Only results with a minimum QoD of 70 are shown. > > This report contains all 12 results selected by the > filtering described above. Before filtering there were 293 results. > > Scan started: > Scan ended: > Task: Server Scanning - Apache2 > > Host Summary > ************ > > Host High Medium Low Log False Positive > 172.20.10.2 2 0 0 0 0 > 172.20.10.4 2 0 0 0 0 > 172.20.10.12 2 0 0 0 0 > 172.20.10.11 2 0 0 0 0 > 172.20.10.8 2 0 0 0 0 > 172.20.10.1 2 0 0 0 0 > Total: 6 12 0 0 0 0 > > > II Results per Host > =================== > > Host 172.20.10.2 > **************** > > Scanning of this host started at: > Number of results: 2 > > Port Summary for Host 172.20.10.2 > --------------------------------- > > Service (Port) Threat Level > general/tcp High > general/tcp High > general/tcp High > general/tcp High > general/tcp High > general/tcp High > > Security Issues for Host 172.20.10.2 > ------------------------------------ > > Issue > ----- > NVT: Report outdated / end-of-life Scan Engine / Environment (local) > OID: 1.3.6.1.4.1.25623.1.0.108560 > Threat: High (CVSS: 10.0) > Port: general/tcp > > Summary: > This script checks and reports an outdated or end-of-life scan engine > for the following environments: > - Greenbone Source Edition (GSE) > - Greenbone Community Edition (GCE) > used for this scan. > NOTE: While this is not, in and of itself, a security vulnerability, a severit! > y is reported to make you aware > of a possible decreased scan coverage or missing detection of vulnerabilities ! > on the target due to e.g.: > - missing functionalities > - missing bugfixes > - incompatibilities within the feed. > > Vulnerability Detection Result: > Installed GVM Libraries (gvm-libs) version: 9.0.1 > Latest available GVM Libraries (gvm-libs) version: 10.0.2 > Reference URL(s) for the latest available version: https://community.greenbone.n! > et/t/gvm-11-stable-initial-release-2019-10-14/3674 / https://community.greenbone! > .net/t/gvm-10-old-stable-initial-release-2019-04-05/208 > > Solution: > Solution type: VendorFix > Update to the latest available stable release for your scan environment. Please ! > check the > references for more information. If you're using packages provided by your Lin! > ux distribution please contact the maintainer > of the used distribution / repository and request updated packages. > If you want to accept the risk of a possible decreased scan coverage or missin! > g detection of vulnerabilities on the target you > can set a global override for this script as described in the linked manuals. > > Vulnerability Detection Method: > Details: > Report outdated / end-of-life Scan Engine / Environment (local) > (OID: 1.3.6.1.4.1.25623.1.0.108560) > Version used: 2020-06-10T13:24:20+0000 > > References: > Other: > https://www.greenbone.net/en/install_use_gce/ > https://community.greenbone.net/t/gvm-9-end-of-life-initial-release-2017-03-07/211 > https://community.greenbone.net/t/gvm-10-old-stable-initial-release-2019-04-05/208 > https://community.greenbone.net/t/gvm-11-stable-initial-release-2019-10-14/3674 > https://docs.greenbone.net/GSM-Manual/gos-4/en/reports.html#creating-an-override > https://docs.greenbone.net/GSM-Manual/gos-5/en/reports.html#creating-an-override > https://docs.greenbone.net/GSM-Manual/gos-6/en/reports.html#creating-an-override > > > Issue > ----- > NVT: Important Announcement > OID: 1.3.6.1.4.1.25623.1.0.999998 > Threat: High (CVSS: 10.0) > Port: general/tcp > > Summary: > ATTENTION: > Your vulnerability tests are out of maintenance and not updated since September ! > 1st 2020. Your setup of Greenbone Source Edition will not report about any new t! > hreats in your scanned environment since this date! > REASON: > Your Greenbone setup is connected to a discontinued download server of the Green! > bone Community Feed. The Greenbone Community Feed is still available via a new d! > ownload server. The discontinuation announcement was posted on May 13th at the G! > reenbone Community Portal. > SOLUTION: > You can consider to upgrade your setup to a Greenbone enterprise product which a! > lso provides you the full scan coverage via Greenbone Security Feed (see PROFESS! > IONAL SOLUTION). Alternatively you can continue with the Greenbone Community Fee! > d (see FREE COMMUNITY SOLUTION). > PROFESSIONAL SOLUTION (Upgrading to full coverage scanning) > We are happy that our technology already today helps you to reduce the attack su! > rface of your corporate IT infrastructure. Our enterprise products close blind s! > pots of the community feed and give access to Greenbone service desk. > Please contact > upgrade@greenbone.net > and provide the following details (use copy&paste). Please understand that we wi! > ll not reply to you if you do not provide all the details. > - Company name: > - Company homepage: > - Your name: > - Your position in the company: > - The number of IP addresses you are scanning with Greenbone (ca.): > - The number of scanner instances you are using to scan: > - Are you using a master-sensor configuration: yes/no > Feel free to add any additional information you regard helpful to understand you! > r setup. > Our team will recommend to you a suitable commercial option. We are happy to dis! > cuss larger setups in direct communication. > You can inform yourself about our standard products here: > https://www.greenbone.net/en/products-solutions/ > FREE COMMUNITY SOLUTION: Continue scanning with community feed > The Greenbone Community Feed is still available and updated daily. You may have ! > just missed the technical notes and announcement here: > https://community.greenbone.net/t/community-feed-url-consolidation/5338 > > Vulnerability Detection Result: > ATTENTION: > Your vulnerability tests are out of maintenance and not updated since September ! > 1st 2020. Your setup of Greenbone Source Edition will not report about any new t! > hreats in your scanned environment since this date! > REASON: > Your Greenbone setup is connected to a discontinued download server of the Green! > bone Community Feed. The Greenbone Community Feed is still available via a new d! > ownload server. The discontinuation announcement was posted on May 13th at the G! > reenbone Community Portal. > SOLUTION: > You can consider to upgrade your setup to a Greenbone enterprise product which a! > lso provides you the full scan coverage via Greenbone Security Feed (see PROFESS! > IONAL SOLUTION). Alternatively you can continue with the Greenbone Community Fee! > d (see FREE COMMUNITY SOLUTION). > PROFESSIONAL SOLUTION (Upgrading to full coverage scanning) > We are happy that our technology already today helps you to reduce the attack su! > rface of your corporate IT infrastructure. Our enterprise products close blind s! > pots of the community feed and give access to Greenbone service desk. > Please contact > upgrade@greenbone.net > and provide the following details (use copy&paste). Please understand that we wi! > ll not reply to you if you do not provide all the details. > - Company name: > - Company homepage: > - Your name: > - Your position in the company: > - The number of IP addresses you are scanning with Greenbone (ca.): > - The number of scanner instances you are using to scan: > - Are you using a master-sensor configuration: yes/no > Feel free to add any additional information you regard helpful to understand you! > r setup. > Our team will recommend to you a suitable commercial option. We are happy to dis! > cuss larger setups in direct communication. > You can inform yourself about our standard products here: > https://www.greenbone.net/en/products-solutions/ > FREE COMMUNITY SOLUTION: Continue scanning with community feed > The Greenbone Community Feed is still available and updated daily. You may have ! > just missed the technical notes and announcement here: > https://community.greenbone.net/t/community-feed-url-consolidation/5338 > > Vulnerability Detection Method: > Details: > Important Announcement > (OID: 1.3.6.1.4.1.25623.1.0.999998) > Version used: 2020-07-14T11:31:48+0000 > > References: > Other: > https://community.greenbone.net/t/community-feed-url-consolidation/5338 > > > Host 172.20.10.4 > **************** > > Scanning of this host started at: > Number of results: 2 > > Port Summary for Host 172.20.10.4 > --------------------------------- > > Service (Port) Threat Level > general/tcp High > general/tcp High > general/tcp High > general/tcp High > general/tcp High > general/tcp High > > Security Issues for Host 172.20.10.4 > ------------------------------------ > > Issue > ----- > NVT: Report outdated / end-of-life Scan Engine / Environment (local) > OID: 1.3.6.1.4.1.25623.1.0.108560 > Threat: High (CVSS: 10.0) > Port: general/tcp > > Summary: > This script checks and reports an outdated or end-of-life scan engine > for the following environments: > - Greenbone Source Edition (GSE) > - Greenbone Community Edition (GCE) > used for this scan. > NOTE: While this is not, in and of itself, a security vulnerability, a severit! > y is reported to make you aware > of a possible decreased scan coverage or missing detection of vulnerabilities ! > on the target due to e.g.: > - missing functionalities > - missing bugfixes > - incompatibilities within the feed. > > Vulnerability Detection Result: > Installed GVM Libraries (gvm-libs) version: 9.0.1 > Latest available GVM Libraries (gvm-libs) version: 10.0.2 > Reference URL(s) for the latest available version: https://community.greenbone.n! > et/t/gvm-11-stable-initial-release-2019-10-14/3674 / https://community.greenbone! > .net/t/gvm-10-old-stable-initial-release-2019-04-05/208 > > Solution: > Solution type: VendorFix > Update to the latest available stable release for your scan environment. Please ! > check the > references for more information. If you're using packages provided by your Lin! > ux distribution please contact the maintainer > of the used distribution / repository and request updated packages. > If you want to accept the risk of a possible decreased scan coverage or missin! > g detection of vulnerabilities on the target you > can set a global override for this script as described in the linked manuals. > > Vulnerability Detection Method: > Details: > Report outdated / end-of-life Scan Engine / Environment (local) > (OID: 1.3.6.1.4.1.25623.1.0.108560) > Version used: 2020-06-10T13:24:20+0000 > > References: > Other: > https://www.greenbone.net/en/install_use_gce/ > https://community.greenbone.net/t/gvm-9-end-of-life-initial-release-2017-03-07/211 > https://community.greenbone.net/t/gvm-10-old-stable-initial-release-2019-04-05/208 > https://community.greenbone.net/t/gvm-11-stable-initial-release-2019-10-14/3674 > https://docs.greenbone.net/GSM-Manual/gos-4/en/reports.html#creating-an-override > https://docs.greenbone.net/GSM-Manual/gos-5/en/reports.html#creating-an-override > https://docs.greenbone.net/GSM-Manual/gos-6/en/reports.html#creating-an-override > > > Issue > ----- > NVT: Important Announcement > OID: 1.3.6.1.4.1.25623.1.0.999998 > Threat: High (CVSS: 10.0) > Port: general/tcp > > Summary: > ATTENTION: > Your vulnerability tests are out of maintenance and not updated since September ! > 1st 2020. Your setup of Greenbone Source Edition will not report about any new t! > hreats in your scanned environment since this date! > REASON: > Your Greenbone setup is connected to a discontinued download server of the Green! > bone Community Feed. The Greenbone Community Feed is still available via a new d! > ownload server. The discontinuation announcement was posted on May 13th at the G! > reenbone Community Portal. > SOLUTION: > You can consider to upgrade your setup to a Greenbone enterprise product which a! > lso provides you the full scan coverage via Greenbone Security Feed (see PROFESS! > IONAL SOLUTION). Alternatively you can continue with the Greenbone Community Fee! > d (see FREE COMMUNITY SOLUTION). > PROFESSIONAL SOLUTION (Upgrading to full coverage scanning) > We are happy that our technology already today helps you to reduce the attack su! > rface of your corporate IT infrastructure. Our enterprise products close blind s! > pots of the community feed and give access to Greenbone service desk. > Please contact > upgrade@greenbone.net > and provide the following details (use copy&paste). Please understand that we wi! > ll not reply to you if you do not provide all the details. > - Company name: > - Company homepage: > - Your name: > - Your position in the company: > - The number of IP addresses you are scanning with Greenbone (ca.): > - The number of scanner instances you are using to scan: > - Are you using a master-sensor configuration: yes/no > Feel free to add any additional information you regard helpful to understand you! > r setup. > Our team will recommend to you a suitable commercial option. We are happy to dis! > cuss larger setups in direct communication. > You can inform yourself about our standard products here: > https://www.greenbone.net/en/products-solutions/ > FREE COMMUNITY SOLUTION: Continue scanning with community feed > The Greenbone Community Feed is still available and updated daily. You may have ! > just missed the technical notes and announcement here: > https://community.greenbone.net/t/community-feed-url-consolidation/5338 > > Vulnerability Detection Result: > ATTENTION: > Your vulnerability tests are out of maintenance and not updated since September ! > 1st 2020. Your setup of Greenbone Source Edition will not report about any new t! > hreats in your scanned environment since this date! > REASON: > Your Greenbone setup is connected to a discontinued download server of the Green! > bone Community Feed. The Greenbone Community Feed is still available via a new d! > ownload server. The discontinuation announcement was posted on May 13th at the G! > reenbone Community Portal. > SOLUTION: > You can consider to upgrade your setup to a Greenbone enterprise product which a! > lso provides you the full scan coverage via Greenbone Security Feed (see PROFESS! > IONAL SOLUTION). Alternatively you can continue with the Greenbone Community Fee! > d (see FREE COMMUNITY SOLUTION). > PROFESSIONAL SOLUTION (Upgrading to full coverage scanning) > We are happy that our technology already today helps you to reduce the attack su! > rface of your corporate IT infrastructure. Our enterprise products close blind s! > pots of the community feed and give access to Greenbone service desk. > Please contact > upgrade@greenbone.net > and provide the following details (use copy&paste). Please understand that we wi! > ll not reply to you if you do not provide all the details. > - Company name: > - Company homepage: > - Your name: > - Your position in the company: > - The number of IP addresses you are scanning with Greenbone (ca.): > - The number of scanner instances you are using to scan: > - Are you using a master-sensor configuration: yes/no > Feel free to add any additional information you regard helpful to understand you! > r setup. > Our team will recommend to you a suitable commercial option. We are happy to dis! > cuss larger setups in direct communication. > You can inform yourself about our standard products here: > https://www.greenbone.net/en/products-solutions/ > FREE COMMUNITY SOLUTION: Continue scanning with community feed > The Greenbone Community Feed is still available and updated daily. You may have ! > just missed the technical notes and announcement here: > https://community.greenbone.net/t/community-feed-url-consolidation/5338 > > Vulnerability Detection Method: > Details: > Important Announcement > (OID: 1.3.6.1.4.1.25623.1.0.999998) > Version used: 2020-07-14T11:31:48+0000 > > References: > Other: > https://community.greenbone.net/t/community-feed-url-consolidation/5338 > > > Host 172.20.10.12 > ***************** > > Scanning of this host started at: > Number of results: 2 > > Port Summary for Host 172.20.10.12 > ---------------------------------- > > Service (Port) Threat Level > general/tcp High > general/tcp High > general/tcp High > general/tcp High > general/tcp High > general/tcp High > > Security Issues for Host 172.20.10.12 > ------------------------------------- > > Issue > ----- > NVT: Report outdated / end-of-life Scan Engine / Environment (local) > OID: 1.3.6.1.4.1.25623.1.0.108560 > Threat: High (CVSS: 10.0) > Port: general/tcp > > Summary: > This script checks and reports an outdated or end-of-life scan engine > for the following environments: > - Greenbone Source Edition (GSE) > - Greenbone Community Edition (GCE) > used for this scan. > NOTE: While this is not, in and of itself, a security vulnerability, a severit! > y is reported to make you aware > of a possible decreased scan coverage or missing detection of vulnerabilities ! > on the target due to e.g.: > - missing functionalities > - missing bugfixes > - incompatibilities within the feed. > > Vulnerability Detection Result: > Installed GVM Libraries (gvm-libs) version: 9.0.1 > Latest available GVM Libraries (gvm-libs) version: 10.0.2 > Reference URL(s) for the latest available version: https://community.greenbone.n! > et/t/gvm-11-stable-initial-release-2019-10-14/3674 / https://community.greenbone! > .net/t/gvm-10-old-stable-initial-release-2019-04-05/208 > > Solution: > Solution type: VendorFix > Update to the latest available stable release for your scan environment. Please ! > check the > references for more information. If you're using packages provided by your Lin! > ux distribution please contact the maintainer > of the used distribution / repository and request updated packages. > If you want to accept the risk of a possible decreased scan coverage or missin! > g detection of vulnerabilities on the target you > can set a global override for this script as described in the linked manuals. > > Vulnerability Detection Method: > Details: > Report outdated / end-of-life Scan Engine / Environment (local) > (OID: 1.3.6.1.4.1.25623.1.0.108560) > Version used: 2020-06-10T13:24:20+0000 > > References: > Other: > https://www.greenbone.net/en/install_use_gce/ > https://community.greenbone.net/t/gvm-9-end-of-life-initial-release-2017-03-07/211 > https://community.greenbone.net/t/gvm-10-old-stable-initial-release-2019-04-05/208 > https://community.greenbone.net/t/gvm-11-stable-initial-release-2019-10-14/3674 > https://docs.greenbone.net/GSM-Manual/gos-4/en/reports.html#creating-an-override > https://docs.greenbone.net/GSM-Manual/gos-5/en/reports.html#creating-an-override > https://docs.greenbone.net/GSM-Manual/gos-6/en/reports.html#creating-an-override > > > Issue > ----- > NVT: Important Announcement > OID: 1.3.6.1.4.1.25623.1.0.999998 > Threat: High (CVSS: 10.0) > Port: general/tcp > > Summary: > ATTENTION: > Your vulnerability tests are out of maintenance and not updated since September ! > 1st 2020. Your setup of Greenbone Source Edition will not report about any new t! > hreats in your scanned environment since this date! > REASON: > Your Greenbone setup is connected to a discontinued download server of the Green! > bone Community Feed. The Greenbone Community Feed is still available via a new d! > ownload server. The discontinuation announcement was posted on May 13th at the G! > reenbone Community Portal. > SOLUTION: > You can consider to upgrade your setup to a Greenbone enterprise product which a! > lso provides you the full scan coverage via Greenbone Security Feed (see PROFESS! > IONAL SOLUTION). Alternatively you can continue with the Greenbone Community Fee! > d (see FREE COMMUNITY SOLUTION). > PROFESSIONAL SOLUTION (Upgrading to full coverage scanning) > We are happy that our technology already today helps you to reduce the attack su! > rface of your corporate IT infrastructure. Our enterprise products close blind s! > pots of the community feed and give access to Greenbone service desk. > Please contact > upgrade@greenbone.net > and provide the following details (use copy&paste). Please understand that we wi! > ll not reply to you if you do not provide all the details. > - Company name: > - Company homepage: > - Your name: > - Your position in the company: > - The number of IP addresses you are scanning with Greenbone (ca.): > - The number of scanner instances you are using to scan: > - Are you using a master-sensor configuration: yes/no > Feel free to add any additional information you regard helpful to understand you! > r setup. > Our team will recommend to you a suitable commercial option. We are happy to dis! > cuss larger setups in direct communication. > You can inform yourself about our standard products here: > https://www.greenbone.net/en/products-solutions/ > FREE COMMUNITY SOLUTION: Continue scanning with community feed > The Greenbone Community Feed is still available and updated daily. You may have ! > just missed the technical notes and announcement here: > https://community.greenbone.net/t/community-feed-url-consolidation/5338 > > Vulnerability Detection Result: > ATTENTION: > Your vulnerability tests are out of maintenance and not updated since September ! > 1st 2020. Your setup of Greenbone Source Edition will not report about any new t! > hreats in your scanned environment since this date! > REASON: > Your Greenbone setup is connected to a discontinued download server of the Green! > bone Community Feed. The Greenbone Community Feed is still available via a new d! > ownload server. The discontinuation announcement was posted on May 13th at the G! > reenbone Community Portal. > SOLUTION: > You can consider to upgrade your setup to a Greenbone enterprise product which a! > lso provides you the full scan coverage via Greenbone Security Feed (see PROFESS! > IONAL SOLUTION). Alternatively you can continue with the Greenbone Community Fee! > d (see FREE COMMUNITY SOLUTION). > PROFESSIONAL SOLUTION (Upgrading to full coverage scanning) > We are happy that our technology already today helps you to reduce the attack su! > rface of your corporate IT infrastructure. Our enterprise products close blind s! > pots of the community feed and give access to Greenbone service desk. > Please contact > upgrade@greenbone.net > and provide the following details (use copy&paste). Please understand that we wi! > ll not reply to you if you do not provide all the details. > - Company name: > - Company homepage: > - Your name: > - Your position in the company: > - The number of IP addresses you are scanning with Greenbone (ca.): > - The number of scanner instances you are using to scan: > - Are you using a master-sensor configuration: yes/no > Feel free to add any additional information you regard helpful to understand you! > r setup. > Our team will recommend to you a suitable commercial option. We are happy to dis! > cuss larger setups in direct communication. > You can inform yourself about our standard products here: > https://www.greenbone.net/en/products-solutions/ > FREE COMMUNITY SOLUTION: Continue scanning with community feed > The Greenbone Community Feed is still available and updated daily. You may have ! > just missed the technical notes and announcement here: > https://community.greenbone.net/t/community-feed-url-consolidation/5338 > > Vulnerability Detection Method: > Details: > Important Announcement > (OID: 1.3.6.1.4.1.25623.1.0.999998) > Version used: 2020-07-14T11:31:48+0000 > > References: > Other: > https://community.greenbone.net/t/community-feed-url-consolidation/5338 > > > Host 172.20.10.11 > ***************** > > Scanning of this host started at: > Number of results: 2 > > Port Summary for Host 172.20.10.11 > ---------------------------------- > > Service (Port) Threat Level > general/tcp High > general/tcp High > general/tcp High > general/tcp High > general/tcp High > general/tcp High > > Security Issues for Host 172.20.10.11 > ------------------------------------- > > Issue > ----- > NVT: Report outdated / end-of-life Scan Engine / Environment (local) > OID: 1.3.6.1.4.1.25623.1.0.108560 > Threat: High (CVSS: 10.0) > Port: general/tcp > > Summary: > This script checks and reports an outdated or end-of-life scan engine > for the following environments: > - Greenbone Source Edition (GSE) > - Greenbone Community Edition (GCE) > used for this scan. > NOTE: While this is not, in and of itself, a security vulnerability, a severit! > y is reported to make you aware > of a possible decreased scan coverage or missing detection of vulnerabilities ! > on the target due to e.g.: > - missing functionalities > - missing bugfixes > - incompatibilities within the feed. > > Vulnerability Detection Result: > Installed GVM Libraries (gvm-libs) version: 9.0.1 > Latest available GVM Libraries (gvm-libs) version: 10.0.2 > Reference URL(s) for the latest available version: https://community.greenbone.n! > et/t/gvm-11-stable-initial-release-2019-10-14/3674 / https://community.greenbone! > .net/t/gvm-10-old-stable-initial-release-2019-04-05/208 > > Solution: > Solution type: VendorFix > Update to the latest available stable release for your scan environment. Please ! > check the > references for more information. If you're using packages provided by your Lin! > ux distribution please contact the maintainer > of the used distribution / repository and request updated packages. > If you want to accept the risk of a possible decreased scan coverage or missin! > g detection of vulnerabilities on the target you > can set a global override for this script as described in the linked manuals. > > Vulnerability Detection Method: > Details: > Report outdated / end-of-life Scan Engine / Environment (local) > (OID: 1.3.6.1.4.1.25623.1.0.108560) > Version used: 2020-06-10T13:24:20+0000 > > References: > Other: > https://www.greenbone.net/en/install_use_gce/ > https://community.greenbone.net/t/gvm-9-end-of-life-initial-release-2017-03-07/211 > https://community.greenbone.net/t/gvm-10-old-stable-initial-release-2019-04-05/208 > https://community.greenbone.net/t/gvm-11-stable-initial-release-2019-10-14/3674 > https://docs.greenbone.net/GSM-Manual/gos-4/en/reports.html#creating-an-override > https://docs.greenbone.net/GSM-Manual/gos-5/en/reports.html#creating-an-override > https://docs.greenbone.net/GSM-Manual/gos-6/en/reports.html#creating-an-override > > > Issue > ----- > NVT: Important Announcement > OID: 1.3.6.1.4.1.25623.1.0.999998 > Threat: High (CVSS: 10.0) > Port: general/tcp > > Summary: > ATTENTION: > Your vulnerability tests are out of maintenance and not updated since September ! > 1st 2020. Your setup of Greenbone Source Edition will not report about any new t! > hreats in your scanned environment since this date! > REASON: > Your Greenbone setup is connected to a discontinued download server of the Green! > bone Community Feed. The Greenbone Community Feed is still available via a new d! > ownload server. The discontinuation announcement was posted on May 13th at the G! > reenbone Community Portal. > SOLUTION: > You can consider to upgrade your setup to a Greenbone enterprise product which a! > lso provides you the full scan coverage via Greenbone Security Feed (see PROFESS! > IONAL SOLUTION). Alternatively you can continue with the Greenbone Community Fee! > d (see FREE COMMUNITY SOLUTION). > PROFESSIONAL SOLUTION (Upgrading to full coverage scanning) > We are happy that our technology already today helps you to reduce the attack su! > rface of your corporate IT infrastructure. Our enterprise products close blind s! > pots of the community feed and give access to Greenbone service desk. > Please contact > upgrade@greenbone.net > and provide the following details (use copy&paste). Please understand that we wi! > ll not reply to you if you do not provide all the details. > - Company name: > - Company homepage: > - Your name: > - Your position in the company: > - The number of IP addresses you are scanning with Greenbone (ca.): > - The number of scanner instances you are using to scan: > - Are you using a master-sensor configuration: yes/no > Feel free to add any additional information you regard helpful to understand you! > r setup. > Our team will recommend to you a suitable commercial option. We are happy to dis! > cuss larger setups in direct communication. > You can inform yourself about our standard products here: > https://www.greenbone.net/en/products-solutions/ > FREE COMMUNITY SOLUTION: Continue scanning with community feed > The Greenbone Community Feed is still available and updated daily. You may have ! > just missed the technical notes and announcement here: > https://community.greenbone.net/t/community-feed-url-consolidation/5338 > > Vulnerability Detection Result: > ATTENTION: > Your vulnerability tests are out of maintenance and not updated since September ! > 1st 2020. Your setup of Greenbone Source Edition will not report about any new t! > hreats in your scanned environment since this date! > REASON: > Your Greenbone setup is connected to a discontinued download server of the Green! > bone Community Feed. The Greenbone Community Feed is still available via a new d! > ownload server. The discontinuation announcement was posted on May 13th at the G! > reenbone Community Portal. > SOLUTION: > You can consider to upgrade your setup to a Greenbone enterprise product which a! > lso provides you the full scan coverage via Greenbone Security Feed (see PROFESS! > IONAL SOLUTION). Alternatively you can continue with the Greenbone Community Fee! > d (see FREE COMMUNITY SOLUTION). > PROFESSIONAL SOLUTION (Upgrading to full coverage scanning) > We are happy that our technology already today helps you to reduce the attack su! > rface of your corporate IT infrastructure. Our enterprise products close blind s! > pots of the community feed and give access to Greenbone service desk. > Please contact > upgrade@greenbone.net > and provide the following details (use copy&paste). Please understand that we wi! > ll not reply to you if you do not provide all the details. > - Company name: > - Company homepage: > - Your name: > - Your position in the company: > - The number of IP addresses you are scanning with Greenbone (ca.): > - The number of scanner instances you are using to scan: > - Are you using a master-sensor configuration: yes/no > Feel free to add any additional information you regard helpful to understand you! > r setup. > Our team will recommend to you a suitable commercial option. We are happy to dis! > cuss larger setups in direct communication. > You can inform yourself about our standard products here: > https://www.greenbone.net/en/products-solutions/ > FREE COMMUNITY SOLUTION: Continue scanning with community feed > The Greenbone Community Feed is still available and updated daily. You may have ! > just missed the technical notes and announcement here: > https://community.greenbone.net/t/community-feed-url-consolidation/5338 > > Vulnerability Detection Method: > Details: > Important Announcement > (OID: 1.3.6.1.4.1.25623.1.0.999998) > Version used: 2020-07-14T11:31:48+0000 > > References: > Other: > https://community.greenbone.net/t/community-feed-url-consolidation/5338 > > > Host 172.20.10.8 > **************** > > Scanning of this host started at: > Number of results: 2 > > Port Summary for Host 172.20.10.8 > --------------------------------- > > Service (Port) Threat Level > general/tcp High > general/tcp High > general/tcp High > general/tcp High > general/tcp High > general/tcp High > > Security Issues for Host 172.20.10.8 > ------------------------------------ > > Issue > ----- > NVT: Report outdated / end-of-life Scan Engine / Environment (local) > OID: 1.3.6.1.4.1.25623.1.0.108560 > Threat: High (CVSS: 10.0) > Port: general/tcp > > Summary: > This script checks and reports an outdated or end-of-life scan engine > for the following environments: > - Greenbone Source Edition (GSE) > - Greenbone Community Edition (GCE) > used for this scan. > NOTE: While this is not, in and of itself, a security vulnerability, a severit! > y is reported to make you aware > of a possible decreased scan coverage or missing detection of vulnerabilities ! > on the target due to e.g.: > - missing functionalities > - missing bugfixes > - incompatibilities within the feed. > > Vulnerability Detection Result: > Installed GVM Libraries (gvm-libs) version: 9.0.1 > Latest available GVM Libraries (gvm-libs) version: 10.0.2 > Reference URL(s) for the latest available version: https://community.greenbone.n! > et/t/gvm-11-stable-initial-release-2019-10-14/3674 / https://community.greenbone! > .net/t/gvm-10-old-stable-initial-release-2019-04-05/208 > > Solution: > Solution type: VendorFix > Update to the latest available stable release for your scan environment. Please ! > check the > references for more information. If you're using packages provided by your Lin! > ux distribution please contact the maintainer > of the used distribution / repository and request updated packages. > If you want to accept the risk of a possible decreased scan coverage or missin! > g detection of vulnerabilities on the target you > can set a global override for this script as described in the linked manuals. > > Vulnerability Detection Method: > Details: > Report outdated / end-of-life Scan Engine / Environment (local) > (OID: 1.3.6.1.4.1.25623.1.0.108560) > Version used: 2020-06-10T13:24:20+0000 > > References: > Other: > https://www.greenbone.net/en/install_use_gce/ > https://community.greenbone.net/t/gvm-9-end-of-life-initial-release-2017-03-07/211 > https://community.greenbone.net/t/gvm-10-old-stable-initial-release-2019-04-05/208 > https://community.greenbone.net/t/gvm-11-stable-initial-release-2019-10-14/3674 > https://docs.greenbone.net/GSM-Manual/gos-4/en/reports.html#creating-an-override > https://docs.greenbone.net/GSM-Manual/gos-5/en/reports.html#creating-an-override > https://docs.greenbone.net/GSM-Manual/gos-6/en/reports.html#creating-an-override > > > Issue > ----- > NVT: Important Announcement > OID: 1.3.6.1.4.1.25623.1.0.999998 > Threat: High (CVSS: 10.0) > Port: general/tcp > > Summary: > ATTENTION: > Your vulnerability tests are out of maintenance and not updated since September ! > 1st 2020. Your setup of Greenbone Source Edition will not report about any new t! > hreats in your scanned environment since this date! > REASON: > Your Greenbone setup is connected to a discontinued download server of the Green! > bone Community Feed. The Greenbone Community Feed is still available via a new d! > ownload server. The discontinuation announcement was posted on May 13th at the G! > reenbone Community Portal. > SOLUTION: > You can consider to upgrade your setup to a Greenbone enterprise product which a! > lso provides you the full scan coverage via Greenbone Security Feed (see PROFESS! > IONAL SOLUTION). Alternatively you can continue with the Greenbone Community Fee! > d (see FREE COMMUNITY SOLUTION). > PROFESSIONAL SOLUTION (Upgrading to full coverage scanning) > We are happy that our technology already today helps you to reduce the attack su! > rface of your corporate IT infrastructure. Our enterprise products close blind s! > pots of the community feed and give access to Greenbone service desk. > Please contact > upgrade@greenbone.net > and provide the following details (use copy&paste). Please understand that we wi! > ll not reply to you if you do not provide all the details. > - Company name: > - Company homepage: > - Your name: > - Your position in the company: > - The number of IP addresses you are scanning with Greenbone (ca.): > - The number of scanner instances you are using to scan: > - Are you using a master-sensor configuration: yes/no > Feel free to add any additional information you regard helpful to understand you! > r setup. > Our team will recommend to you a suitable commercial option. We are happy to dis! > cuss larger setups in direct communication. > You can inform yourself about our standard products here: > https://www.greenbone.net/en/products-solutions/ > FREE COMMUNITY SOLUTION: Continue scanning with community feed > The Greenbone Community Feed is still available and updated daily. You may have ! > just missed the technical notes and announcement here: > https://community.greenbone.net/t/community-feed-url-consolidation/5338 > > Vulnerability Detection Result: > ATTENTION: > Your vulnerability tests are out of maintenance and not updated since September ! > 1st 2020. Your setup of Greenbone Source Edition will not report about any new t! > hreats in your scanned environment since this date! > REASON: > Your Greenbone setup is connected to a discontinued download server of the Green! > bone Community Feed. The Greenbone Community Feed is still available via a new d! > ownload server. The discontinuation announcement was posted on May 13th at the G! > reenbone Community Portal. > SOLUTION: > You can consider to upgrade your setup to a Greenbone enterprise product which a! > lso provides you the full scan coverage via Greenbone Security Feed (see PROFESS! > IONAL SOLUTION). Alternatively you can continue with the Greenbone Community Fee! > d (see FREE COMMUNITY SOLUTION). > PROFESSIONAL SOLUTION (Upgrading to full coverage scanning) > We are happy that our technology already today helps you to reduce the attack su! > rface of your corporate IT infrastructure. Our enterprise products close blind s! > pots of the community feed and give access to Greenbone service desk. > Please contact > upgrade@greenbone.net > and provide the following details (use copy&paste). Please understand that we wi! > ll not reply to you if you do not provide all the details. > - Company name: > - Company homepage: > - Your name: > - Your position in the company: > - The number of IP addresses you are scanning with Greenbone (ca.): > - The number of scanner instances you are using to scan: > - Are you using a master-sensor configuration: yes/no > Feel free to add any additional information you regard helpful to understand you! > r setup. > Our team will recommend to you a suitable commercial option. We are happy to dis! > cuss larger setups in direct communication. > You can inform yourself about our standard products here: > https://www.greenbone.net/en/products-solutions/ > FREE COMMUNITY SOLUTION: Continue scanning with community feed > The Greenbone Community Feed is still available and updated daily. You may have ! > just missed the technical notes and announcement here: > https://community.greenbone.net/t/community-feed-url-consolidation/5338 > > Vulnerability Detection Method: > Details: > Important Announcement > (OID: 1.3.6.1.4.1.25623.1.0.999998) > Version used: 2020-07-14T11:31:48+0000 > > References: > Other: > https://community.greenbone.net/t/community-feed-url-consolidation/5338 > > > Host 172.20.10.1 > **************** > > Scanning of this host started at: > Number of results: 2 > > Port Summary for Host 172.20.10.1 > --------------------------------- > > Service (Port) Threat Level > general/tcp High > general/tcp High > general/tcp High > general/tcp High > general/tcp High > general/tcp High > > Security Issues for Host 172.20.10.1 > ------------------------------------ > > Issue > ----- > NVT: Report outdated / end-of-life Scan Engine / Environment (local) > OID: 1.3.6.1.4.1.25623.1.0.108560 > Threat: High (CVSS: 10.0) > Port: general/tcp > > Summary: > This script checks and reports an outdated or end-of-life scan engine > for the following environments: > - Greenbone Source Edition (GSE) > - Greenbone Community Edition (GCE) > used for this scan. > NOTE: While this is not, in and of itself, a security vulnerability, a severit! > y is reported to make you aware > of a possible decreased scan coverage or missing detection of vulnerabilities ! > on the target due to e.g.: > - missing functionalities > - missing bugfixes > - incompatibilities within the feed. > > Vulnerability Detection Result: > Installed GVM Libraries (gvm-libs) version: 9.0.1 > Latest available GVM Libraries (gvm-libs) version: 10.0.2 > Reference URL(s) for the latest available version: https://community.greenbone.n! > et/t/gvm-11-stable-initial-release-2019-10-14/3674 / https://community.greenbone! > .net/t/gvm-10-old-stable-initial-release-2019-04-05/208 > > Solution: > Solution type: VendorFix > Update to the latest available stable release for your scan environment. Please ! > check the > references for more information. If you're using packages provided by your Lin! > ux distribution please contact the maintainer > of the used distribution / repository and request updated packages. > If you want to accept the risk of a possible decreased scan coverage or missin! > g detection of vulnerabilities on the target you > can set a global override for this script as described in the linked manuals. > > Vulnerability Detection Method: > Details: > Report outdated / end-of-life Scan Engine / Environment (local) > (OID: 1.3.6.1.4.1.25623.1.0.108560) > Version used: 2020-06-10T13:24:20+0000 > > References: > Other: > https://www.greenbone.net/en/install_use_gce/ > https://community.greenbone.net/t/gvm-9-end-of-life-initial-release-2017-03-07/211 > https://community.greenbone.net/t/gvm-10-old-stable-initial-release-2019-04-05/208 > https://community.greenbone.net/t/gvm-11-stable-initial-release-2019-10-14/3674 > https://docs.greenbone.net/GSM-Manual/gos-4/en/reports.html#creating-an-override > https://docs.greenbone.net/GSM-Manual/gos-5/en/reports.html#creating-an-override > https://docs.greenbone.net/GSM-Manual/gos-6/en/reports.html#creating-an-override > > > Issue > ----- > NVT: Important Announcement > OID: 1.3.6.1.4.1.25623.1.0.999998 > Threat: High (CVSS: 10.0) > Port: general/tcp > > Summary: > ATTENTION: > Your vulnerability tests are out of maintenance and not updated since September ! > 1st 2020. Your setup of Greenbone Source Edition will not report about any new t! > hreats in your scanned environment since this date! > REASON: > Your Greenbone setup is connected to a discontinued download server of the Green! > bone Community Feed. The Greenbone Community Feed is still available via a new d! > ownload server. The discontinuation announcement was posted on May 13th at the G! > reenbone Community Portal. > SOLUTION: > You can consider to upgrade your setup to a Greenbone enterprise product which a! > lso provides you the full scan coverage via Greenbone Security Feed (see PROFESS! > IONAL SOLUTION). Alternatively you can continue with the Greenbone Community Fee! > d (see FREE COMMUNITY SOLUTION). > PROFESSIONAL SOLUTION (Upgrading to full coverage scanning) > We are happy that our technology already today helps you to reduce the attack su! > rface of your corporate IT infrastructure. Our enterprise products close blind s! > pots of the community feed and give access to Greenbone service desk. > Please contact > upgrade@greenbone.net > and provide the following details (use copy&paste). Please understand that we wi! > ll not reply to you if you do not provide all the details. > - Company name: > - Company homepage: > - Your name: > - Your position in the company: > - The number of IP addresses you are scanning with Greenbone (ca.): > - The number of scanner instances you are using to scan: > - Are you using a master-sensor configuration: yes/no > Feel free to add any additional information you regard helpful to understand you! > r setup. > Our team will recommend to you a suitable commercial option. We are happy to dis! > cuss larger setups in direct communication. > You can inform yourself about our standard products here: > https://www.greenbone.net/en/products-solutions/ > FREE COMMUNITY SOLUTION: Continue scanning with community feed > The Greenbone Community Feed is still available and updated daily. You may have ! > just missed the technical notes and announcement here: > https://community.greenbone.net/t/community-feed-url-consolidation/5338 > > Vulnerability Detection Result: > ATTENTION: > Your vulnerability tests are out of maintenance and not updated since September ! > 1st 2020. Your setup of Greenbone Source Edition will not report about any new t! > hreats in your scanned environment since this date! > REASON: > Your Greenbone setup is connected to a discontinued download server of the Green! > bone Community Feed. The Greenbone Community Feed is still available via a new d! > ownload server. The discontinuation announcement was posted on May 13th at the G! > reenbone Community Portal. > SOLUTION: > You can consider to upgrade your setup to a Greenbone enterprise product which a! > lso provides you the full scan coverage via Greenbone Security Feed (see PROFESS! > IONAL SOLUTION). Alternatively you can continue with the Greenbone Community Fee! > d (see FREE COMMUNITY SOLUTION). > PROFESSIONAL SOLUTION (Upgrading to full coverage scanning) > We are happy that our technology already today helps you to reduce the attack su! > rface of your corporate IT infrastructure. Our enterprise products close blind s! > pots of the community feed and give access to Greenbone service desk. > Please contact > upgrade@greenbone.net > and provide the following details (use copy&paste). Please understand that we wi! > ll not reply to you if you do not provide all the details. > - Company name: > - Company homepage: > - Your name: > - Your position in the company: > - The number of IP addresses you are scanning with Greenbone (ca.): > - The number of scanner instances you are using to scan: > - Are you using a master-sensor configuration: yes/no > Feel free to add any additional information you regard helpful to understand you! > r setup. > Our team will recommend to you a suitable commercial option. We are happy to dis! > cuss larger setups in direct communication. > You can inform yourself about our standard products here: > https://www.greenbone.net/en/products-solutions/ > FREE COMMUNITY SOLUTION: Continue scanning with community feed > The Greenbone Community Feed is still available and updated daily. You may have ! > just missed the technical notes and announcement here: > https://community.greenbone.net/t/community-feed-url-consolidation/5338 > > Vulnerability Detection Method: > Details: > Important Announcement > (OID: 1.3.6.1.4.1.25623.1.0.999998) > Version used: 2020-07-14T11:31:48+0000 > > References: > Other: > https://community.greenbone.net/t/community-feed-url-consolidation/5338 > > > _______________________________________________ > freebsd-pkg@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-pkg > To unsubscribe, send any mail to "freebsd-pkg-unsubscribe@freebsd.org" [-- Attachment #2 --] -----BEGIN PGP SIGNATURE----- iQEbBAEBAgAGBQJfbMxJAAoJEKzQXbSebgfA5ZkH9ArLPOPEvCPjiVdcDHGBDXu4 PrNbORcuHkLV1HjGBxQMO+5BiNU8Kqnw9mWXYgLtTRK8aHrRKnQPeetCc/TjnZJD Z85ouCsUE+KCm8I65GVokUH3bue69encP+8q/QhP3+0+lLwovNGYMH8EnOpbOBrK mMrbrlSBXUhLfl5LwgKvx/cCOQ1tGeRukPYRTzoyG+zUOXtrBl6qSjE9/TNTm2cs 7P6W6j79Nl2TUOOXVTQYkpcFZbDp8NS5sw156RPJluDs+V9YLLdI0iJD7d8IuH+P eq/GmU9EI6Dyxw79eP/EZ37Vv948Mxe4YtLQgz8u2VgjHQRRskQdFzc7vUYd2w== =r/II -----END PGP SIGNATURE-----help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20200924164146.GA64154>