Date: Thu, 24 Sep 2020 16:41:46 +0000 From: Brooks Davis <brooks@freebsd.org> To: "Yigithan Bilge (Student)" <yigithanbilge@sabanciuniv.edu> Cc: freebsd-pkg@freebsd.org Subject: Re: FreeBSD OpenVAS Configuration Message-ID: <20200924164146.GA64154@spindle.one-eyed-alien.net> In-Reply-To: <CAE1-y3b=JUmxbq75zKF2r1H6od-pqGpH8TjS3eu6%2BS4AwQyEow@mail.gmail.com> References: <CAE1-y3b=JUmxbq75zKF2r1H6od-pqGpH8TjS3eu6%2BS4AwQyEow@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--DocE+STaALJfprDB Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable It appears that OpenVAS is complaining about itself in a confusing and unhelpful way. According to the following page, GVM is new branding for OpenVAS. https://wiki.gentoo.org/wiki/Greenbone_Vulnerability_Management -- Brooks On Thu, Sep 24, 2020 at 01:42:41PM +0300, Yigithan Bilge (Student) wrote: > Hey, >=20 > I currently work on a project to scan a network and find vulnerabilities > which has to be on FreeBSD. So, as a first step, I installed packages of > openvas9 and scanned the network by using the web interface. There is also > a server on ubuntu to see what openvas will find. >=20 > On the report, there is a vulnerability called ???Report outdated / > end-of-life Scan Engine / Environment (local)??? which makes me think the > system isn???t working quite well since the server has apache2 and open p= ort > 80 HTTP but couldn???t tell any of these as a vulnerability. >=20 > There is also a part on the report as: >=20 > Vulnerability Detection Result: > Installed GVM Libraries (gvm-libs) version: 9.0.1 > Latest available GVM Libraries (gvm-libs) version: 10.0.2 >=20 > I couldn???t update this gvm library, and I couldn???t even find this lib= rary > to update in the list of packages. All conversations and videos are on Ka= li > or etc. I have got in touch with the greenbone community and got thia > reply *"Greenbone > is not in charge for your version of our software. Therefore you should > contact the provider of your packages (most likely your distribution) and > create a request for updated packages."* >=20 > I also add the report, I hope someone can help me to solve the errors I > mentioned in the upper text. Sorry if I wrote something unnecessary or > irrelevant with this page, I am a student and quite new in this field. >=20 > Thank you > I Summary > =3D=3D=3D=3D=3D=3D=3D=3D=3D >=20 > This document reports on the results of an automatic security scan. > The report first summarises the results found. > Then, for each host, the report describes every issue found. > Please consider the advice given in each description, in order to rectify > the issue. >=20 > All dates are displayed using the timezone "Coordinated Universal Time", > which is abbreviated "UTC". >=20 > Vendor security updates are not trusted. >=20 > Overrides are on. When a result has an override, this report uses the > threat of the override. >=20 > Notes are included in the report.Information on overrides is included in = the report. >=20 > This report might not show details of all issues that were found. > It only lists hosts that produced issues. > Issues with the threat level "Log" are not shown. > Issues with the threat level "Debug" are not shown. > Issues with the threat level "False Positive" are not shown. > Only results with a minimum QoD of 70 are shown. >=20 > This report contains all 12 results selected by the > filtering described above. Before filtering there were 293 results. >=20 > Scan started:=20 > Scan ended: =20 > Task: Server Scanning - Apache2 >=20 > Host Summary > ************ >=20 > Host High Medium Low Log False Positive > 172.20.10.2 2 0 0 0 0 > 172.20.10.4 2 0 0 0 0 > 172.20.10.12 2 0 0 0 0 > 172.20.10.11 2 0 0 0 0 > 172.20.10.8 2 0 0 0 0 > 172.20.10.1 2 0 0 0 0 > Total: 6 12 0 0 0 0 >=20 >=20 > II Results per Host > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D >=20 > Host 172.20.10.2 > **************** >=20 > Scanning of this host started at:=20 > Number of results: 2 >=20 > Port Summary for Host 172.20.10.2 > --------------------------------- >=20 > Service (Port) Threat Level > general/tcp High > general/tcp High > general/tcp High > general/tcp High > general/tcp High > general/tcp High >=20 > Security Issues for Host 172.20.10.2 > ------------------------------------ >=20 > Issue > ----- > NVT: Report outdated / end-of-life Scan Engine / Environment (local) > OID: 1.3.6.1.4.1.25623.1.0.108560 > Threat: High (CVSS: 10.0) > Port: general/tcp >=20 > Summary: > This script checks and reports an outdated or end-of-life scan engine > for the following environments: > - Greenbone Source Edition (GSE) > - Greenbone Community Edition (GCE) > used for this scan. > NOTE: While this is not, in and of itself, a security vulnerability, a = severit! > y is reported to make you aware > of a possible decreased scan coverage or missing detection of vulnerabi= lities ! > on the target due to e.g.: > - missing functionalities > - missing bugfixes > - incompatibilities within the feed. >=20 > Vulnerability Detection Result: > Installed GVM Libraries (gvm-libs) version: 9.0.1 > Latest available GVM Libraries (gvm-libs) version: 10.0.2 > Reference URL(s) for the latest available version: https://community.gree= nbone.n! > et/t/gvm-11-stable-initial-release-2019-10-14/3674 / https://community.gr= eenbone! > .net/t/gvm-10-old-stable-initial-release-2019-04-05/208 >=20 > Solution: > Solution type: VendorFix > Update to the latest available stable release for your scan environment. = Please ! > check the > references for more information. If you're using packages provided by y= our Lin! > ux distribution please contact the maintainer > of the used distribution / repository and request updated packages. > If you want to accept the risk of a possible decreased scan coverage or= missin! > g detection of vulnerabilities on the target you > can set a global override for this script as described in the linked ma= nuals. >=20 > Vulnerability Detection Method: > Details: > Report outdated / end-of-life Scan Engine / Environment (local) > (OID: 1.3.6.1.4.1.25623.1.0.108560) > Version used: 2020-06-10T13:24:20+0000 >=20 > References: > Other: > https://www.greenbone.net/en/install_use_gce/ > https://community.greenbone.net/t/gvm-9-end-of-life-initial-release-2= 017-03-07/211 > https://community.greenbone.net/t/gvm-10-old-stable-initial-release-2= 019-04-05/208 > https://community.greenbone.net/t/gvm-11-stable-initial-release-2019-= 10-14/3674 > https://docs.greenbone.net/GSM-Manual/gos-4/en/reports.html#creating-= an-override > https://docs.greenbone.net/GSM-Manual/gos-5/en/reports.html#creating-= an-override > https://docs.greenbone.net/GSM-Manual/gos-6/en/reports.html#creating-= an-override >=20 >=20 > Issue > ----- > NVT: Important Announcement > OID: 1.3.6.1.4.1.25623.1.0.999998 > Threat: High (CVSS: 10.0) > Port: general/tcp >=20 > Summary: > ATTENTION: > Your vulnerability tests are out of maintenance and not updated since Sep= tember ! > 1st 2020. Your setup of Greenbone Source Edition will not report about an= y new t! > hreats in your scanned environment since this date! > REASON: > Your Greenbone setup is connected to a discontinued download server of th= e Green! > bone Community Feed. The Greenbone Community Feed is still available via = a new d! > ownload server. The discontinuation announcement was posted on May 13th a= t the G! > reenbone Community Portal. > SOLUTION: > You can consider to upgrade your setup to a Greenbone enterprise product = which a! > lso provides you the full scan coverage via Greenbone Security Feed (see = PROFESS! > IONAL SOLUTION). Alternatively you can continue with the Greenbone Commun= ity Fee! > d (see FREE COMMUNITY SOLUTION). > PROFESSIONAL SOLUTION (Upgrading to full coverage scanning) > We are happy that our technology already today helps you to reduce the at= tack su! > rface of your corporate IT infrastructure. Our enterprise products close = blind s! > pots of the community feed and give access to Greenbone service desk. > Please contact > upgrade@greenbone.net > and provide the following details (use copy&paste). Please understand tha= t we wi! > ll not reply to you if you do not provide all the details. > - Company name: > - Company homepage: > - Your name: > - Your position in the company: > - The number of IP addresses you are scanning with Greenbone (ca.): > - The number of scanner instances you are using to scan: > - Are you using a master-sensor configuration: yes/no > Feel free to add any additional information you regard helpful to underst= and you! > r setup. > Our team will recommend to you a suitable commercial option. We are happy= to dis! > cuss larger setups in direct communication. > You can inform yourself about our standard products here: > https://www.greenbone.net/en/products-solutions/ > FREE COMMUNITY SOLUTION: Continue scanning with community feed > The Greenbone Community Feed is still available and updated daily. You ma= y have ! > just missed the technical notes and announcement here: > https://community.greenbone.net/t/community-feed-url-consolidation/5338 >=20 > Vulnerability Detection Result: > ATTENTION: > Your vulnerability tests are out of maintenance and not updated since Sep= tember ! > 1st 2020. Your setup of Greenbone Source Edition will not report about an= y new t! > hreats in your scanned environment since this date! > REASON: > Your Greenbone setup is connected to a discontinued download server of th= e Green! > bone Community Feed. The Greenbone Community Feed is still available via = a new d! > ownload server. The discontinuation announcement was posted on May 13th a= t the G! > reenbone Community Portal. > SOLUTION: > You can consider to upgrade your setup to a Greenbone enterprise product = which a! > lso provides you the full scan coverage via Greenbone Security Feed (see = PROFESS! > IONAL SOLUTION). Alternatively you can continue with the Greenbone Commun= ity Fee! > d (see FREE COMMUNITY SOLUTION). > PROFESSIONAL SOLUTION (Upgrading to full coverage scanning) > We are happy that our technology already today helps you to reduce the at= tack su! > rface of your corporate IT infrastructure. Our enterprise products close = blind s! > pots of the community feed and give access to Greenbone service desk. > Please contact > upgrade@greenbone.net > and provide the following details (use copy&paste). Please understand tha= t we wi! > ll not reply to you if you do not provide all the details. > - Company name: > - Company homepage: > - Your name: > - Your position in the company: > - The number of IP addresses you are scanning with Greenbone (ca.): > - The number of scanner instances you are using to scan: > - Are you using a master-sensor configuration: yes/no > Feel free to add any additional information you regard helpful to underst= and you! > r setup. > Our team will recommend to you a suitable commercial option. We are happy= to dis! > cuss larger setups in direct communication. > You can inform yourself about our standard products here: > https://www.greenbone.net/en/products-solutions/ > FREE COMMUNITY SOLUTION: Continue scanning with community feed > The Greenbone Community Feed is still available and updated daily. You ma= y have ! > just missed the technical notes and announcement here: > https://community.greenbone.net/t/community-feed-url-consolidation/5338 >=20 > Vulnerability Detection Method: > Details: > Important Announcement > (OID: 1.3.6.1.4.1.25623.1.0.999998) > Version used: 2020-07-14T11:31:48+0000 >=20 > References: > Other: > https://community.greenbone.net/t/community-feed-url-consolidation/53= 38 >=20 >=20 > Host 172.20.10.4 > **************** >=20 > Scanning of this host started at:=20 > Number of results: 2 >=20 > Port Summary for Host 172.20.10.4 > --------------------------------- >=20 > Service (Port) Threat Level > general/tcp High > general/tcp High > general/tcp High > general/tcp High > general/tcp High > general/tcp High >=20 > Security Issues for Host 172.20.10.4 > ------------------------------------ >=20 > Issue > ----- > NVT: Report outdated / end-of-life Scan Engine / Environment (local) > OID: 1.3.6.1.4.1.25623.1.0.108560 > Threat: High (CVSS: 10.0) > Port: general/tcp >=20 > Summary: > This script checks and reports an outdated or end-of-life scan engine > for the following environments: > - Greenbone Source Edition (GSE) > - Greenbone Community Edition (GCE) > used for this scan. > NOTE: While this is not, in and of itself, a security vulnerability, a = severit! > y is reported to make you aware > of a possible decreased scan coverage or missing detection of vulnerabi= lities ! > on the target due to e.g.: > - missing functionalities > - missing bugfixes > - incompatibilities within the feed. >=20 > Vulnerability Detection Result: > Installed GVM Libraries (gvm-libs) version: 9.0.1 > Latest available GVM Libraries (gvm-libs) version: 10.0.2 > Reference URL(s) for the latest available version: https://community.gree= nbone.n! > et/t/gvm-11-stable-initial-release-2019-10-14/3674 / https://community.gr= eenbone! > .net/t/gvm-10-old-stable-initial-release-2019-04-05/208 >=20 > Solution: > Solution type: VendorFix > Update to the latest available stable release for your scan environment. = Please ! > check the > references for more information. If you're using packages provided by y= our Lin! > ux distribution please contact the maintainer > of the used distribution / repository and request updated packages. > If you want to accept the risk of a possible decreased scan coverage or= missin! > g detection of vulnerabilities on the target you > can set a global override for this script as described in the linked ma= nuals. >=20 > Vulnerability Detection Method: > Details: > Report outdated / end-of-life Scan Engine / Environment (local) > (OID: 1.3.6.1.4.1.25623.1.0.108560) > Version used: 2020-06-10T13:24:20+0000 >=20 > References: > Other: > https://www.greenbone.net/en/install_use_gce/ > https://community.greenbone.net/t/gvm-9-end-of-life-initial-release-2= 017-03-07/211 > https://community.greenbone.net/t/gvm-10-old-stable-initial-release-2= 019-04-05/208 > https://community.greenbone.net/t/gvm-11-stable-initial-release-2019-= 10-14/3674 > https://docs.greenbone.net/GSM-Manual/gos-4/en/reports.html#creating-= an-override > https://docs.greenbone.net/GSM-Manual/gos-5/en/reports.html#creating-= an-override > https://docs.greenbone.net/GSM-Manual/gos-6/en/reports.html#creating-= an-override >=20 >=20 > Issue > ----- > NVT: Important Announcement > OID: 1.3.6.1.4.1.25623.1.0.999998 > Threat: High (CVSS: 10.0) > Port: general/tcp >=20 > Summary: > ATTENTION: > Your vulnerability tests are out of maintenance and not updated since Sep= tember ! > 1st 2020. Your setup of Greenbone Source Edition will not report about an= y new t! > hreats in your scanned environment since this date! > REASON: > Your Greenbone setup is connected to a discontinued download server of th= e Green! > bone Community Feed. The Greenbone Community Feed is still available via = a new d! > ownload server. The discontinuation announcement was posted on May 13th a= t the G! > reenbone Community Portal. > SOLUTION: > You can consider to upgrade your setup to a Greenbone enterprise product = which a! > lso provides you the full scan coverage via Greenbone Security Feed (see = PROFESS! > IONAL SOLUTION). Alternatively you can continue with the Greenbone Commun= ity Fee! > d (see FREE COMMUNITY SOLUTION). > PROFESSIONAL SOLUTION (Upgrading to full coverage scanning) > We are happy that our technology already today helps you to reduce the at= tack su! > rface of your corporate IT infrastructure. Our enterprise products close = blind s! > pots of the community feed and give access to Greenbone service desk. > Please contact > upgrade@greenbone.net > and provide the following details (use copy&paste). Please understand tha= t we wi! > ll not reply to you if you do not provide all the details. > - Company name: > - Company homepage: > - Your name: > - Your position in the company: > - The number of IP addresses you are scanning with Greenbone (ca.): > - The number of scanner instances you are using to scan: > - Are you using a master-sensor configuration: yes/no > Feel free to add any additional information you regard helpful to underst= and you! > r setup. > Our team will recommend to you a suitable commercial option. We are happy= to dis! > cuss larger setups in direct communication. > You can inform yourself about our standard products here: > https://www.greenbone.net/en/products-solutions/ > FREE COMMUNITY SOLUTION: Continue scanning with community feed > The Greenbone Community Feed is still available and updated daily. You ma= y have ! > just missed the technical notes and announcement here: > https://community.greenbone.net/t/community-feed-url-consolidation/5338 >=20 > Vulnerability Detection Result: > ATTENTION: > Your vulnerability tests are out of maintenance and not updated since Sep= tember ! > 1st 2020. Your setup of Greenbone Source Edition will not report about an= y new t! > hreats in your scanned environment since this date! > REASON: > Your Greenbone setup is connected to a discontinued download server of th= e Green! > bone Community Feed. The Greenbone Community Feed is still available via = a new d! > ownload server. The discontinuation announcement was posted on May 13th a= t the G! > reenbone Community Portal. > SOLUTION: > You can consider to upgrade your setup to a Greenbone enterprise product = which a! > lso provides you the full scan coverage via Greenbone Security Feed (see = PROFESS! > IONAL SOLUTION). Alternatively you can continue with the Greenbone Commun= ity Fee! > d (see FREE COMMUNITY SOLUTION). > PROFESSIONAL SOLUTION (Upgrading to full coverage scanning) > We are happy that our technology already today helps you to reduce the at= tack su! > rface of your corporate IT infrastructure. Our enterprise products close = blind s! > pots of the community feed and give access to Greenbone service desk. > Please contact > upgrade@greenbone.net > and provide the following details (use copy&paste). Please understand tha= t we wi! > ll not reply to you if you do not provide all the details. > - Company name: > - Company homepage: > - Your name: > - Your position in the company: > - The number of IP addresses you are scanning with Greenbone (ca.): > - The number of scanner instances you are using to scan: > - Are you using a master-sensor configuration: yes/no > Feel free to add any additional information you regard helpful to underst= and you! > r setup. > Our team will recommend to you a suitable commercial option. We are happy= to dis! > cuss larger setups in direct communication. > You can inform yourself about our standard products here: > https://www.greenbone.net/en/products-solutions/ > FREE COMMUNITY SOLUTION: Continue scanning with community feed > The Greenbone Community Feed is still available and updated daily. You ma= y have ! > just missed the technical notes and announcement here: > https://community.greenbone.net/t/community-feed-url-consolidation/5338 >=20 > Vulnerability Detection Method: > Details: > Important Announcement > (OID: 1.3.6.1.4.1.25623.1.0.999998) > Version used: 2020-07-14T11:31:48+0000 >=20 > References: > Other: > https://community.greenbone.net/t/community-feed-url-consolidation/53= 38 >=20 >=20 > Host 172.20.10.12 > ***************** >=20 > Scanning of this host started at:=20 > Number of results: 2 >=20 > Port Summary for Host 172.20.10.12 > ---------------------------------- >=20 > Service (Port) Threat Level > general/tcp High > general/tcp High > general/tcp High > general/tcp High > general/tcp High > general/tcp High >=20 > Security Issues for Host 172.20.10.12 > ------------------------------------- >=20 > Issue > ----- > NVT: Report outdated / end-of-life Scan Engine / Environment (local) > OID: 1.3.6.1.4.1.25623.1.0.108560 > Threat: High (CVSS: 10.0) > Port: general/tcp >=20 > Summary: > This script checks and reports an outdated or end-of-life scan engine > for the following environments: > - Greenbone Source Edition (GSE) > - Greenbone Community Edition (GCE) > used for this scan. > NOTE: While this is not, in and of itself, a security vulnerability, a = severit! > y is reported to make you aware > of a possible decreased scan coverage or missing detection of vulnerabi= lities ! > on the target due to e.g.: > - missing functionalities > - missing bugfixes > - incompatibilities within the feed. >=20 > Vulnerability Detection Result: > Installed GVM Libraries (gvm-libs) version: 9.0.1 > Latest available GVM Libraries (gvm-libs) version: 10.0.2 > Reference URL(s) for the latest available version: https://community.gree= nbone.n! > et/t/gvm-11-stable-initial-release-2019-10-14/3674 / https://community.gr= eenbone! > .net/t/gvm-10-old-stable-initial-release-2019-04-05/208 >=20 > Solution: > Solution type: VendorFix > Update to the latest available stable release for your scan environment. = Please ! > check the > references for more information. If you're using packages provided by y= our Lin! > ux distribution please contact the maintainer > of the used distribution / repository and request updated packages. > If you want to accept the risk of a possible decreased scan coverage or= missin! > g detection of vulnerabilities on the target you > can set a global override for this script as described in the linked ma= nuals. >=20 > Vulnerability Detection Method: > Details: > Report outdated / end-of-life Scan Engine / Environment (local) > (OID: 1.3.6.1.4.1.25623.1.0.108560) > Version used: 2020-06-10T13:24:20+0000 >=20 > References: > Other: > https://www.greenbone.net/en/install_use_gce/ > https://community.greenbone.net/t/gvm-9-end-of-life-initial-release-2= 017-03-07/211 > https://community.greenbone.net/t/gvm-10-old-stable-initial-release-2= 019-04-05/208 > https://community.greenbone.net/t/gvm-11-stable-initial-release-2019-= 10-14/3674 > https://docs.greenbone.net/GSM-Manual/gos-4/en/reports.html#creating-= an-override > https://docs.greenbone.net/GSM-Manual/gos-5/en/reports.html#creating-= an-override > https://docs.greenbone.net/GSM-Manual/gos-6/en/reports.html#creating-= an-override >=20 >=20 > Issue > ----- > NVT: Important Announcement > OID: 1.3.6.1.4.1.25623.1.0.999998 > Threat: High (CVSS: 10.0) > Port: general/tcp >=20 > Summary: > ATTENTION: > Your vulnerability tests are out of maintenance and not updated since Sep= tember ! > 1st 2020. Your setup of Greenbone Source Edition will not report about an= y new t! > hreats in your scanned environment since this date! > REASON: > Your Greenbone setup is connected to a discontinued download server of th= e Green! > bone Community Feed. The Greenbone Community Feed is still available via = a new d! > ownload server. The discontinuation announcement was posted on May 13th a= t the G! > reenbone Community Portal. > SOLUTION: > You can consider to upgrade your setup to a Greenbone enterprise product = which a! > lso provides you the full scan coverage via Greenbone Security Feed (see = PROFESS! > IONAL SOLUTION). Alternatively you can continue with the Greenbone Commun= ity Fee! > d (see FREE COMMUNITY SOLUTION). > PROFESSIONAL SOLUTION (Upgrading to full coverage scanning) > We are happy that our technology already today helps you to reduce the at= tack su! > rface of your corporate IT infrastructure. Our enterprise products close = blind s! > pots of the community feed and give access to Greenbone service desk. > Please contact > upgrade@greenbone.net > and provide the following details (use copy&paste). Please understand tha= t we wi! > ll not reply to you if you do not provide all the details. > - Company name: > - Company homepage: > - Your name: > - Your position in the company: > - The number of IP addresses you are scanning with Greenbone (ca.): > - The number of scanner instances you are using to scan: > - Are you using a master-sensor configuration: yes/no > Feel free to add any additional information you regard helpful to underst= and you! > r setup. > Our team will recommend to you a suitable commercial option. We are happy= to dis! > cuss larger setups in direct communication. > You can inform yourself about our standard products here: > https://www.greenbone.net/en/products-solutions/ > FREE COMMUNITY SOLUTION: Continue scanning with community feed > The Greenbone Community Feed is still available and updated daily. You ma= y have ! > just missed the technical notes and announcement here: > https://community.greenbone.net/t/community-feed-url-consolidation/5338 >=20 > Vulnerability Detection Result: > ATTENTION: > Your vulnerability tests are out of maintenance and not updated since Sep= tember ! > 1st 2020. Your setup of Greenbone Source Edition will not report about an= y new t! > hreats in your scanned environment since this date! > REASON: > Your Greenbone setup is connected to a discontinued download server of th= e Green! > bone Community Feed. The Greenbone Community Feed is still available via = a new d! > ownload server. The discontinuation announcement was posted on May 13th a= t the G! > reenbone Community Portal. > SOLUTION: > You can consider to upgrade your setup to a Greenbone enterprise product = which a! > lso provides you the full scan coverage via Greenbone Security Feed (see = PROFESS! > IONAL SOLUTION). Alternatively you can continue with the Greenbone Commun= ity Fee! > d (see FREE COMMUNITY SOLUTION). > PROFESSIONAL SOLUTION (Upgrading to full coverage scanning) > We are happy that our technology already today helps you to reduce the at= tack su! > rface of your corporate IT infrastructure. Our enterprise products close = blind s! > pots of the community feed and give access to Greenbone service desk. > Please contact > upgrade@greenbone.net > and provide the following details (use copy&paste). Please understand tha= t we wi! > ll not reply to you if you do not provide all the details. > - Company name: > - Company homepage: > - Your name: > - Your position in the company: > - The number of IP addresses you are scanning with Greenbone (ca.): > - The number of scanner instances you are using to scan: > - Are you using a master-sensor configuration: yes/no > Feel free to add any additional information you regard helpful to underst= and you! > r setup. > Our team will recommend to you a suitable commercial option. We are happy= to dis! > cuss larger setups in direct communication. > You can inform yourself about our standard products here: > https://www.greenbone.net/en/products-solutions/ > FREE COMMUNITY SOLUTION: Continue scanning with community feed > The Greenbone Community Feed is still available and updated daily. You ma= y have ! > just missed the technical notes and announcement here: > https://community.greenbone.net/t/community-feed-url-consolidation/5338 >=20 > Vulnerability Detection Method: > Details: > Important Announcement > (OID: 1.3.6.1.4.1.25623.1.0.999998) > Version used: 2020-07-14T11:31:48+0000 >=20 > References: > Other: > https://community.greenbone.net/t/community-feed-url-consolidation/53= 38 >=20 >=20 > Host 172.20.10.11 > ***************** >=20 > Scanning of this host started at:=20 > Number of results: 2 >=20 > Port Summary for Host 172.20.10.11 > ---------------------------------- >=20 > Service (Port) Threat Level > general/tcp High > general/tcp High > general/tcp High > general/tcp High > general/tcp High > general/tcp High >=20 > Security Issues for Host 172.20.10.11 > ------------------------------------- >=20 > Issue > ----- > NVT: Report outdated / end-of-life Scan Engine / Environment (local) > OID: 1.3.6.1.4.1.25623.1.0.108560 > Threat: High (CVSS: 10.0) > Port: general/tcp >=20 > Summary: > This script checks and reports an outdated or end-of-life scan engine > for the following environments: > - Greenbone Source Edition (GSE) > - Greenbone Community Edition (GCE) > used for this scan. > NOTE: While this is not, in and of itself, a security vulnerability, a = severit! > y is reported to make you aware > of a possible decreased scan coverage or missing detection of vulnerabi= lities ! > on the target due to e.g.: > - missing functionalities > - missing bugfixes > - incompatibilities within the feed. >=20 > Vulnerability Detection Result: > Installed GVM Libraries (gvm-libs) version: 9.0.1 > Latest available GVM Libraries (gvm-libs) version: 10.0.2 > Reference URL(s) for the latest available version: https://community.gree= nbone.n! > et/t/gvm-11-stable-initial-release-2019-10-14/3674 / https://community.gr= eenbone! > .net/t/gvm-10-old-stable-initial-release-2019-04-05/208 >=20 > Solution: > Solution type: VendorFix > Update to the latest available stable release for your scan environment. = Please ! > check the > references for more information. If you're using packages provided by y= our Lin! > ux distribution please contact the maintainer > of the used distribution / repository and request updated packages. > If you want to accept the risk of a possible decreased scan coverage or= missin! > g detection of vulnerabilities on the target you > can set a global override for this script as described in the linked ma= nuals. >=20 > Vulnerability Detection Method: > Details: > Report outdated / end-of-life Scan Engine / Environment (local) > (OID: 1.3.6.1.4.1.25623.1.0.108560) > Version used: 2020-06-10T13:24:20+0000 >=20 > References: > Other: > https://www.greenbone.net/en/install_use_gce/ > https://community.greenbone.net/t/gvm-9-end-of-life-initial-release-2= 017-03-07/211 > https://community.greenbone.net/t/gvm-10-old-stable-initial-release-2= 019-04-05/208 > https://community.greenbone.net/t/gvm-11-stable-initial-release-2019-= 10-14/3674 > https://docs.greenbone.net/GSM-Manual/gos-4/en/reports.html#creating-= an-override > https://docs.greenbone.net/GSM-Manual/gos-5/en/reports.html#creating-= an-override > https://docs.greenbone.net/GSM-Manual/gos-6/en/reports.html#creating-= an-override >=20 >=20 > Issue > ----- > NVT: Important Announcement > OID: 1.3.6.1.4.1.25623.1.0.999998 > Threat: High (CVSS: 10.0) > Port: general/tcp >=20 > Summary: > ATTENTION: > Your vulnerability tests are out of maintenance and not updated since Sep= tember ! > 1st 2020. Your setup of Greenbone Source Edition will not report about an= y new t! > hreats in your scanned environment since this date! > REASON: > Your Greenbone setup is connected to a discontinued download server of th= e Green! > bone Community Feed. The Greenbone Community Feed is still available via = a new d! > ownload server. The discontinuation announcement was posted on May 13th a= t the G! > reenbone Community Portal. > SOLUTION: > You can consider to upgrade your setup to a Greenbone enterprise product = which a! > lso provides you the full scan coverage via Greenbone Security Feed (see = PROFESS! > IONAL SOLUTION). Alternatively you can continue with the Greenbone Commun= ity Fee! > d (see FREE COMMUNITY SOLUTION). > PROFESSIONAL SOLUTION (Upgrading to full coverage scanning) > We are happy that our technology already today helps you to reduce the at= tack su! > rface of your corporate IT infrastructure. Our enterprise products close = blind s! > pots of the community feed and give access to Greenbone service desk. > Please contact > upgrade@greenbone.net > and provide the following details (use copy&paste). Please understand tha= t we wi! > ll not reply to you if you do not provide all the details. > - Company name: > - Company homepage: > - Your name: > - Your position in the company: > - The number of IP addresses you are scanning with Greenbone (ca.): > - The number of scanner instances you are using to scan: > - Are you using a master-sensor configuration: yes/no > Feel free to add any additional information you regard helpful to underst= and you! > r setup. > Our team will recommend to you a suitable commercial option. We are happy= to dis! > cuss larger setups in direct communication. > You can inform yourself about our standard products here: > https://www.greenbone.net/en/products-solutions/ > FREE COMMUNITY SOLUTION: Continue scanning with community feed > The Greenbone Community Feed is still available and updated daily. You ma= y have ! > just missed the technical notes and announcement here: > https://community.greenbone.net/t/community-feed-url-consolidation/5338 >=20 > Vulnerability Detection Result: > ATTENTION: > Your vulnerability tests are out of maintenance and not updated since Sep= tember ! > 1st 2020. Your setup of Greenbone Source Edition will not report about an= y new t! > hreats in your scanned environment since this date! > REASON: > Your Greenbone setup is connected to a discontinued download server of th= e Green! > bone Community Feed. The Greenbone Community Feed is still available via = a new d! > ownload server. The discontinuation announcement was posted on May 13th a= t the G! > reenbone Community Portal. > SOLUTION: > You can consider to upgrade your setup to a Greenbone enterprise product = which a! > lso provides you the full scan coverage via Greenbone Security Feed (see = PROFESS! > IONAL SOLUTION). Alternatively you can continue with the Greenbone Commun= ity Fee! > d (see FREE COMMUNITY SOLUTION). > PROFESSIONAL SOLUTION (Upgrading to full coverage scanning) > We are happy that our technology already today helps you to reduce the at= tack su! > rface of your corporate IT infrastructure. Our enterprise products close = blind s! > pots of the community feed and give access to Greenbone service desk. > Please contact > upgrade@greenbone.net > and provide the following details (use copy&paste). Please understand tha= t we wi! > ll not reply to you if you do not provide all the details. > - Company name: > - Company homepage: > - Your name: > - Your position in the company: > - The number of IP addresses you are scanning with Greenbone (ca.): > - The number of scanner instances you are using to scan: > - Are you using a master-sensor configuration: yes/no > Feel free to add any additional information you regard helpful to underst= and you! > r setup. > Our team will recommend to you a suitable commercial option. We are happy= to dis! > cuss larger setups in direct communication. > You can inform yourself about our standard products here: > https://www.greenbone.net/en/products-solutions/ > FREE COMMUNITY SOLUTION: Continue scanning with community feed > The Greenbone Community Feed is still available and updated daily. You ma= y have ! > just missed the technical notes and announcement here: > https://community.greenbone.net/t/community-feed-url-consolidation/5338 >=20 > Vulnerability Detection Method: > Details: > Important Announcement > (OID: 1.3.6.1.4.1.25623.1.0.999998) > Version used: 2020-07-14T11:31:48+0000 >=20 > References: > Other: > https://community.greenbone.net/t/community-feed-url-consolidation/53= 38 >=20 >=20 > Host 172.20.10.8 > **************** >=20 > Scanning of this host started at:=20 > Number of results: 2 >=20 > Port Summary for Host 172.20.10.8 > --------------------------------- >=20 > Service (Port) Threat Level > general/tcp High > general/tcp High > general/tcp High > general/tcp High > general/tcp High > general/tcp High >=20 > Security Issues for Host 172.20.10.8 > ------------------------------------ >=20 > Issue > ----- > NVT: Report outdated / end-of-life Scan Engine / Environment (local) > OID: 1.3.6.1.4.1.25623.1.0.108560 > Threat: High (CVSS: 10.0) > Port: general/tcp >=20 > Summary: > This script checks and reports an outdated or end-of-life scan engine > for the following environments: > - Greenbone Source Edition (GSE) > - Greenbone Community Edition (GCE) > used for this scan. > NOTE: While this is not, in and of itself, a security vulnerability, a = severit! > y is reported to make you aware > of a possible decreased scan coverage or missing detection of vulnerabi= lities ! > on the target due to e.g.: > - missing functionalities > - missing bugfixes > - incompatibilities within the feed. >=20 > Vulnerability Detection Result: > Installed GVM Libraries (gvm-libs) version: 9.0.1 > Latest available GVM Libraries (gvm-libs) version: 10.0.2 > Reference URL(s) for the latest available version: https://community.gree= nbone.n! > et/t/gvm-11-stable-initial-release-2019-10-14/3674 / https://community.gr= eenbone! > .net/t/gvm-10-old-stable-initial-release-2019-04-05/208 >=20 > Solution: > Solution type: VendorFix > Update to the latest available stable release for your scan environment. = Please ! > check the > references for more information. If you're using packages provided by y= our Lin! > ux distribution please contact the maintainer > of the used distribution / repository and request updated packages. > If you want to accept the risk of a possible decreased scan coverage or= missin! > g detection of vulnerabilities on the target you > can set a global override for this script as described in the linked ma= nuals. >=20 > Vulnerability Detection Method: > Details: > Report outdated / end-of-life Scan Engine / Environment (local) > (OID: 1.3.6.1.4.1.25623.1.0.108560) > Version used: 2020-06-10T13:24:20+0000 >=20 > References: > Other: > https://www.greenbone.net/en/install_use_gce/ > https://community.greenbone.net/t/gvm-9-end-of-life-initial-release-2= 017-03-07/211 > https://community.greenbone.net/t/gvm-10-old-stable-initial-release-2= 019-04-05/208 > https://community.greenbone.net/t/gvm-11-stable-initial-release-2019-= 10-14/3674 > https://docs.greenbone.net/GSM-Manual/gos-4/en/reports.html#creating-= an-override > https://docs.greenbone.net/GSM-Manual/gos-5/en/reports.html#creating-= an-override > https://docs.greenbone.net/GSM-Manual/gos-6/en/reports.html#creating-= an-override >=20 >=20 > Issue > ----- > NVT: Important Announcement > OID: 1.3.6.1.4.1.25623.1.0.999998 > Threat: High (CVSS: 10.0) > Port: general/tcp >=20 > Summary: > ATTENTION: > Your vulnerability tests are out of maintenance and not updated since Sep= tember ! > 1st 2020. Your setup of Greenbone Source Edition will not report about an= y new t! > hreats in your scanned environment since this date! > REASON: > Your Greenbone setup is connected to a discontinued download server of th= e Green! > bone Community Feed. The Greenbone Community Feed is still available via = a new d! > ownload server. The discontinuation announcement was posted on May 13th a= t the G! > reenbone Community Portal. > SOLUTION: > You can consider to upgrade your setup to a Greenbone enterprise product = which a! > lso provides you the full scan coverage via Greenbone Security Feed (see = PROFESS! > IONAL SOLUTION). Alternatively you can continue with the Greenbone Commun= ity Fee! > d (see FREE COMMUNITY SOLUTION). > PROFESSIONAL SOLUTION (Upgrading to full coverage scanning) > We are happy that our technology already today helps you to reduce the at= tack su! > rface of your corporate IT infrastructure. Our enterprise products close = blind s! > pots of the community feed and give access to Greenbone service desk. > Please contact > upgrade@greenbone.net > and provide the following details (use copy&paste). Please understand tha= t we wi! > ll not reply to you if you do not provide all the details. > - Company name: > - Company homepage: > - Your name: > - Your position in the company: > - The number of IP addresses you are scanning with Greenbone (ca.): > - The number of scanner instances you are using to scan: > - Are you using a master-sensor configuration: yes/no > Feel free to add any additional information you regard helpful to underst= and you! > r setup. > Our team will recommend to you a suitable commercial option. We are happy= to dis! > cuss larger setups in direct communication. > You can inform yourself about our standard products here: > https://www.greenbone.net/en/products-solutions/ > FREE COMMUNITY SOLUTION: Continue scanning with community feed > The Greenbone Community Feed is still available and updated daily. You ma= y have ! > just missed the technical notes and announcement here: > https://community.greenbone.net/t/community-feed-url-consolidation/5338 >=20 > Vulnerability Detection Result: > ATTENTION: > Your vulnerability tests are out of maintenance and not updated since Sep= tember ! > 1st 2020. Your setup of Greenbone Source Edition will not report about an= y new t! > hreats in your scanned environment since this date! > REASON: > Your Greenbone setup is connected to a discontinued download server of th= e Green! > bone Community Feed. The Greenbone Community Feed is still available via = a new d! > ownload server. The discontinuation announcement was posted on May 13th a= t the G! > reenbone Community Portal. > SOLUTION: > You can consider to upgrade your setup to a Greenbone enterprise product = which a! > lso provides you the full scan coverage via Greenbone Security Feed (see = PROFESS! > IONAL SOLUTION). Alternatively you can continue with the Greenbone Commun= ity Fee! > d (see FREE COMMUNITY SOLUTION). > PROFESSIONAL SOLUTION (Upgrading to full coverage scanning) > We are happy that our technology already today helps you to reduce the at= tack su! > rface of your corporate IT infrastructure. Our enterprise products close = blind s! > pots of the community feed and give access to Greenbone service desk. > Please contact > upgrade@greenbone.net > and provide the following details (use copy&paste). Please understand tha= t we wi! > ll not reply to you if you do not provide all the details. > - Company name: > - Company homepage: > - Your name: > - Your position in the company: > - The number of IP addresses you are scanning with Greenbone (ca.): > - The number of scanner instances you are using to scan: > - Are you using a master-sensor configuration: yes/no > Feel free to add any additional information you regard helpful to underst= and you! > r setup. > Our team will recommend to you a suitable commercial option. We are happy= to dis! > cuss larger setups in direct communication. > You can inform yourself about our standard products here: > https://www.greenbone.net/en/products-solutions/ > FREE COMMUNITY SOLUTION: Continue scanning with community feed > The Greenbone Community Feed is still available and updated daily. You ma= y have ! > just missed the technical notes and announcement here: > https://community.greenbone.net/t/community-feed-url-consolidation/5338 >=20 > Vulnerability Detection Method: > Details: > Important Announcement > (OID: 1.3.6.1.4.1.25623.1.0.999998) > Version used: 2020-07-14T11:31:48+0000 >=20 > References: > Other: > https://community.greenbone.net/t/community-feed-url-consolidation/53= 38 >=20 >=20 > Host 172.20.10.1 > **************** >=20 > Scanning of this host started at:=20 > Number of results: 2 >=20 > Port Summary for Host 172.20.10.1 > --------------------------------- >=20 > Service (Port) Threat Level > general/tcp High > general/tcp High > general/tcp High > general/tcp High > general/tcp High > general/tcp High >=20 > Security Issues for Host 172.20.10.1 > ------------------------------------ >=20 > Issue > ----- > NVT: Report outdated / end-of-life Scan Engine / Environment (local) > OID: 1.3.6.1.4.1.25623.1.0.108560 > Threat: High (CVSS: 10.0) > Port: general/tcp >=20 > Summary: > This script checks and reports an outdated or end-of-life scan engine > for the following environments: > - Greenbone Source Edition (GSE) > - Greenbone Community Edition (GCE) > used for this scan. > NOTE: While this is not, in and of itself, a security vulnerability, a = severit! > y is reported to make you aware > of a possible decreased scan coverage or missing detection of vulnerabi= lities ! > on the target due to e.g.: > - missing functionalities > - missing bugfixes > - incompatibilities within the feed. >=20 > Vulnerability Detection Result: > Installed GVM Libraries (gvm-libs) version: 9.0.1 > Latest available GVM Libraries (gvm-libs) version: 10.0.2 > Reference URL(s) for the latest available version: https://community.gree= nbone.n! > et/t/gvm-11-stable-initial-release-2019-10-14/3674 / https://community.gr= eenbone! > .net/t/gvm-10-old-stable-initial-release-2019-04-05/208 >=20 > Solution: > Solution type: VendorFix > Update to the latest available stable release for your scan environment. = Please ! > check the > references for more information. If you're using packages provided by y= our Lin! > ux distribution please contact the maintainer > of the used distribution / repository and request updated packages. > If you want to accept the risk of a possible decreased scan coverage or= missin! > g detection of vulnerabilities on the target you > can set a global override for this script as described in the linked ma= nuals. >=20 > Vulnerability Detection Method: > Details: > Report outdated / end-of-life Scan Engine / Environment (local) > (OID: 1.3.6.1.4.1.25623.1.0.108560) > Version used: 2020-06-10T13:24:20+0000 >=20 > References: > Other: > https://www.greenbone.net/en/install_use_gce/ > https://community.greenbone.net/t/gvm-9-end-of-life-initial-release-2= 017-03-07/211 > https://community.greenbone.net/t/gvm-10-old-stable-initial-release-2= 019-04-05/208 > https://community.greenbone.net/t/gvm-11-stable-initial-release-2019-= 10-14/3674 > https://docs.greenbone.net/GSM-Manual/gos-4/en/reports.html#creating-= an-override > https://docs.greenbone.net/GSM-Manual/gos-5/en/reports.html#creating-= an-override > https://docs.greenbone.net/GSM-Manual/gos-6/en/reports.html#creating-= an-override >=20 >=20 > Issue > ----- > NVT: Important Announcement > OID: 1.3.6.1.4.1.25623.1.0.999998 > Threat: High (CVSS: 10.0) > Port: general/tcp >=20 > Summary: > ATTENTION: > Your vulnerability tests are out of maintenance and not updated since Sep= tember ! > 1st 2020. Your setup of Greenbone Source Edition will not report about an= y new t! > hreats in your scanned environment since this date! > REASON: > Your Greenbone setup is connected to a discontinued download server of th= e Green! > bone Community Feed. The Greenbone Community Feed is still available via = a new d! > ownload server. The discontinuation announcement was posted on May 13th a= t the G! > reenbone Community Portal. > SOLUTION: > You can consider to upgrade your setup to a Greenbone enterprise product = which a! > lso provides you the full scan coverage via Greenbone Security Feed (see = PROFESS! > IONAL SOLUTION). Alternatively you can continue with the Greenbone Commun= ity Fee! > d (see FREE COMMUNITY SOLUTION). > PROFESSIONAL SOLUTION (Upgrading to full coverage scanning) > We are happy that our technology already today helps you to reduce the at= tack su! > rface of your corporate IT infrastructure. Our enterprise products close = blind s! > pots of the community feed and give access to Greenbone service desk. > Please contact > upgrade@greenbone.net > and provide the following details (use copy&paste). Please understand tha= t we wi! > ll not reply to you if you do not provide all the details. > - Company name: > - Company homepage: > - Your name: > - Your position in the company: > - The number of IP addresses you are scanning with Greenbone (ca.): > - The number of scanner instances you are using to scan: > - Are you using a master-sensor configuration: yes/no > Feel free to add any additional information you regard helpful to underst= and you! > r setup. > Our team will recommend to you a suitable commercial option. We are happy= to dis! > cuss larger setups in direct communication. > You can inform yourself about our standard products here: > https://www.greenbone.net/en/products-solutions/ > FREE COMMUNITY SOLUTION: Continue scanning with community feed > The Greenbone Community Feed is still available and updated daily. You ma= y have ! > just missed the technical notes and announcement here: > https://community.greenbone.net/t/community-feed-url-consolidation/5338 >=20 > Vulnerability Detection Result: > ATTENTION: > Your vulnerability tests are out of maintenance and not updated since Sep= tember ! > 1st 2020. Your setup of Greenbone Source Edition will not report about an= y new t! > hreats in your scanned environment since this date! > REASON: > Your Greenbone setup is connected to a discontinued download server of th= e Green! > bone Community Feed. The Greenbone Community Feed is still available via = a new d! > ownload server. The discontinuation announcement was posted on May 13th a= t the G! > reenbone Community Portal. > SOLUTION: > You can consider to upgrade your setup to a Greenbone enterprise product = which a! > lso provides you the full scan coverage via Greenbone Security Feed (see = PROFESS! > IONAL SOLUTION). Alternatively you can continue with the Greenbone Commun= ity Fee! > d (see FREE COMMUNITY SOLUTION). > PROFESSIONAL SOLUTION (Upgrading to full coverage scanning) > We are happy that our technology already today helps you to reduce the at= tack su! > rface of your corporate IT infrastructure. Our enterprise products close = blind s! > pots of the community feed and give access to Greenbone service desk. > Please contact > upgrade@greenbone.net > and provide the following details (use copy&paste). Please understand tha= t we wi! > ll not reply to you if you do not provide all the details. > - Company name: > - Company homepage: > - Your name: > - Your position in the company: > - The number of IP addresses you are scanning with Greenbone (ca.): > - The number of scanner instances you are using to scan: > - Are you using a master-sensor configuration: yes/no > Feel free to add any additional information you regard helpful to underst= and you! > r setup. > Our team will recommend to you a suitable commercial option. We are happy= to dis! > cuss larger setups in direct communication. > You can inform yourself about our standard products here: > https://www.greenbone.net/en/products-solutions/ > FREE COMMUNITY SOLUTION: Continue scanning with community feed > The Greenbone Community Feed is still available and updated daily. You ma= y have ! > just missed the technical notes and announcement here: > https://community.greenbone.net/t/community-feed-url-consolidation/5338 >=20 > Vulnerability Detection Method: > Details: > Important Announcement > (OID: 1.3.6.1.4.1.25623.1.0.999998) > Version used: 2020-07-14T11:31:48+0000 >=20 > References: > Other: > https://community.greenbone.net/t/community-feed-url-consolidation/53= 38 >=20 >=20 > _______________________________________________ > freebsd-pkg@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-pkg > To unsubscribe, send any mail to "freebsd-pkg-unsubscribe@freebsd.org" --DocE+STaALJfprDB Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQEbBAEBAgAGBQJfbMxJAAoJEKzQXbSebgfA5ZkH9ArLPOPEvCPjiVdcDHGBDXu4 PrNbORcuHkLV1HjGBxQMO+5BiNU8Kqnw9mWXYgLtTRK8aHrRKnQPeetCc/TjnZJD Z85ouCsUE+KCm8I65GVokUH3bue69encP+8q/QhP3+0+lLwovNGYMH8EnOpbOBrK mMrbrlSBXUhLfl5LwgKvx/cCOQ1tGeRukPYRTzoyG+zUOXtrBl6qSjE9/TNTm2cs 7P6W6j79Nl2TUOOXVTQYkpcFZbDp8NS5sw156RPJluDs+V9YLLdI0iJD7d8IuH+P eq/GmU9EI6Dyxw79eP/EZ37Vv948Mxe4YtLQgz8u2VgjHQRRskQdFzc7vUYd2w== =r/II -----END PGP SIGNATURE----- --DocE+STaALJfprDB--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20200924164146.GA64154>