Date: Fri, 25 Sep 2020 13:54:40 +0300 From: "Yigithan Bilge (Student)" <yigithanbilge@sabanciuniv.edu> To: Brooks Davis <brooks@freebsd.org> Cc: freebsd-pkg@freebsd.org Subject: Re: FreeBSD OpenVAS Configuration Message-ID: <C0D660A2-9A41-4077-9C10-1092FB68E189@sabanciuniv.edu> In-Reply-To: <20200924164146.GA64154@spindle.one-eyed-alien.net> References: <20200924164146.GA64154@spindle.one-eyed-alien.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Thank you, but in the site you shared there are new packages named gvm-libs a= nd old packages named openvas. I can=E2=80=99t find and download new package= s, there is no reply for =E2=80=9Cpkg search gvm-libs=E2=80=9D command in th= e freebsd. How can I get these new updated packages? Do you have any idea? Thanks, ygthn > Brooks Davis <brooks@freebsd.org> =C5=9Funlar=C4=B1 yazd=C4=B1 (24 Eyl 202= 0 19:41): >=20 > =EF=BB=BFIt appears that OpenVAS is complaining about itself in a confusin= g and > unhelpful way. According to the following page, GVM is new branding for > OpenVAS. >=20 > https://wiki.gentoo.org/wiki/Greenbone_Vulnerability_Management >=20 > -- Brooks >=20 >>> On Thu, Sep 24, 2020 at 01:42:41PM +0300, Yigithan Bilge (Student) wrote= : >> Hey, >> I currently work on a project to scan a network and find vulnerabilities >> which has to be on FreeBSD. So, as a first step, I installed packages of >> openvas9 and scanned the network by using the web interface. There is als= o >> a server on ubuntu to see what openvas will find. >> On the report, there is a vulnerability called ???Report outdated / >> end-of-life Scan Engine / Environment (local)??? which makes me think the= >> system isn???t working quite well since the server has apache2 and open p= ort >> 80 HTTP but couldn???t tell any of these as a vulnerability. >> There is also a part on the report as: >> Vulnerability Detection Result: >> Installed GVM Libraries (gvm-libs) version: 9.0.1 >> Latest available GVM Libraries (gvm-libs) version: 10.0.2 >> I couldn???t update this gvm library, and I couldn???t even find this lib= rary >> to update in the list of packages. All conversations and videos are on Ka= li >> or etc. I have got in touch with the greenbone community and got thia >> reply *"Greenbone >> is not in charge for your version of our software. Therefore you should >> contact the provider of your packages (most likely your distribution) and= >> create a request for updated packages."* >> I also add the report, I hope someone can help me to solve the errors I >> mentioned in the upper text. Sorry if I wrote something unnecessary or >> irrelevant with this page, I am a student and quite new in this field. >> Thank you >=20 >> I Summary >> =3D=3D=3D=3D=3D=3D=3D=3D=3D >> This document reports on the results of an automatic security scan. >> The report first summarises the results found. >> Then, for each host, the report describes every issue found. >> Please consider the advice given in each description, in order to rectify= >> the issue. >> All dates are displayed using the timezone "Coordinated Universal Time", >> which is abbreviated "UTC". >> Vendor security updates are not trusted. >> Overrides are on. When a result has an override, this report uses the >> threat of the override. >> Notes are included in the report.Information on overrides is included in t= he report. >> This report might not show details of all issues that were found. >> It only lists hosts that produced issues. >> Issues with the threat level "Log" are not shown. >> Issues with the threat level "Debug" are not shown. >> Issues with the threat level "False Positive" are not shown. >> Only results with a minimum QoD of 70 are shown. >> This report contains all 12 results selected by the >> filtering described above. Before filtering there were 293 results. >> Scan started: >> Scan ended: =20 >> Task: Server Scanning - Apache2 >> Host Summary >> ************ >> Host High Medium Low Log False Positive >> 172.20.10.2 2 0 0 0 0 >> 172.20.10.4 2 0 0 0 0 >> 172.20.10.12 2 0 0 0 0 >> 172.20.10.11 2 0 0 0 0 >> 172.20.10.8 2 0 0 0 0 >> 172.20.10.1 2 0 0 0 0 >> Total: 6 12 0 0 0 0 >> II Results per Host >> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D >> Host 172.20.10.2 >> **************** >> Scanning of this host started at: >> Number of results: 2 >> Port Summary for Host 172.20.10.2 >> --------------------------------- >> Service (Port) Threat Level >> general/tcp High >> general/tcp High >> general/tcp High >> general/tcp High >> general/tcp High >> general/tcp High >> Security Issues for Host 172.20.10.2 >> ------------------------------------ >> Issue >> ----- >> NVT: Report outdated / end-of-life Scan Engine / Environment (local) >> OID: 1.3.6.1.4.1.25623.1.0.108560 >> Threat: High (CVSS: 10.0) >> Port: general/tcp >> Summary: >> This script checks and reports an outdated or end-of-life scan engine >> for the following environments: >> - Greenbone Source Edition (GSE) >> - Greenbone Community Edition (GCE) >> used for this scan. >> NOTE: While this is not, in and of itself, a security vulnerability, a se= verit! >> y is reported to make you aware >> of a possible decreased scan coverage or missing detection of vulnerabili= ties ! >> on the target due to e.g.: >> - missing functionalities >> - missing bugfixes >> - incompatibilities within the feed. >> Vulnerability Detection Result: >> Installed GVM Libraries (gvm-libs) version: 9.0.1 >> Latest available GVM Libraries (gvm-libs) version: 10.0.2 >> Reference URL(s) for the latest available version: https://community.gree= nbone.n! >> et/t/gvm-11-stable-initial-release-2019-10-14/3674 / https://community.gr= eenbone! >> .net/t/gvm-10-old-stable-initial-release-2019-04-05/208 >> Solution: >> Solution type: VendorFix >> Update to the latest available stable release for your scan environment. P= lease ! >> check the >> references for more information. If you're using packages provided by you= r Lin! >> ux distribution please contact the maintainer >> of the used distribution / repository and request updated packages. >> If you want to accept the risk of a possible decreased scan coverage or m= issin! >> g detection of vulnerabilities on the target you >> can set a global override for this script as described in the linked manu= als. >> Vulnerability Detection Method: >> Details: >> Report outdated / end-of-life Scan Engine / Environment (local) >> (OID: 1.3.6.1.4.1.25623.1.0.108560) >> Version used: 2020-06-10T13:24:20+0000 >> References: >> Other: >> https://www.greenbone.net/en/install_use_gce/ >> https://community.greenbone.net/t/gvm-9-end-of-life-initial-release-201= 7-03-07/211 >> https://community.greenbone.net/t/gvm-10-old-stable-initial-release-201= 9-04-05/208 >> https://community.greenbone.net/t/gvm-11-stable-initial-release-2019-10= -14/3674 >> https://docs.greenbone.net/GSM-Manual/gos-4/en/reports.html#creating-an= -override >> https://docs.greenbone.net/GSM-Manual/gos-5/en/reports.html#creating-an= -override >> https://docs.greenbone.net/GSM-Manual/gos-6/en/reports.html#creating-an= -override >> Issue >> ----- >> NVT: Important Announcement >> OID: 1.3.6.1.4.1.25623.1.0.999998 >> Threat: High (CVSS: 10.0) >> Port: general/tcp >> Summary: >> ATTENTION: >> Your vulnerability tests are out of maintenance and not updated since Sep= tember ! >> 1st 2020. Your setup of Greenbone Source Edition will not report about an= y new t! >> hreats in your scanned environment since this date! >> REASON: >> Your Greenbone setup is connected to a discontinued download server of th= e Green! >> bone Community Feed. The Greenbone Community Feed is still available via a= new d! >> ownload server. The discontinuation announcement was posted on May 13th a= t the G! >> reenbone Community Portal. >> SOLUTION: >> You can consider to upgrade your setup to a Greenbone enterprise product w= hich a! >> lso provides you the full scan coverage via Greenbone Security Feed (see P= ROFESS! >> IONAL SOLUTION). Alternatively you can continue with the Greenbone Commun= ity Fee! >> d (see FREE COMMUNITY SOLUTION). >> PROFESSIONAL SOLUTION (Upgrading to full coverage scanning) >> We are happy that our technology already today helps you to reduce the at= tack su! >> rface of your corporate IT infrastructure. Our enterprise products close b= lind s! >> pots of the community feed and give access to Greenbone service desk. >> Please contact >> upgrade@greenbone.net >> and provide the following details (use copy&paste). Please understand tha= t we wi! >> ll not reply to you if you do not provide all the details. >> - Company name: >> - Company homepage: >> - Your name: >> - Your position in the company: >> - The number of IP addresses you are scanning with Greenbone (ca.): >> - The number of scanner instances you are using to scan: >> - Are you using a master-sensor configuration: yes/no >> Feel free to add any additional information you regard helpful to underst= and you! >> r setup. >> Our team will recommend to you a suitable commercial option. We are happy= to dis! >> cuss larger setups in direct communication. >> You can inform yourself about our standard products here: >> https://www.greenbone.net/en/products-solutions/ >> FREE COMMUNITY SOLUTION: Continue scanning with community feed >> The Greenbone Community Feed is still available and updated daily. You ma= y have ! >> just missed the technical notes and announcement here: >> https://community.greenbone.net/t/community-feed-url-consolidation/5338 >> Vulnerability Detection Result: >> ATTENTION: >> Your vulnerability tests are out of maintenance and not updated since Sep= tember ! >> 1st 2020. Your setup of Greenbone Source Edition will not report about an= y new t! >> hreats in your scanned environment since this date! >> REASON: >> Your Greenbone setup is connected to a discontinued download server of th= e Green! >> bone Community Feed. The Greenbone Community Feed is still available via a= new d! >> ownload server. The discontinuation announcement was posted on May 13th a= t the G! >> reenbone Community Portal. >> SOLUTION: >> You can consider to upgrade your setup to a Greenbone enterprise product w= hich a! >> lso provides you the full scan coverage via Greenbone Security Feed (see P= ROFESS! >> IONAL SOLUTION). Alternatively you can continue with the Greenbone Commun= ity Fee! >> d (see FREE COMMUNITY SOLUTION). >> PROFESSIONAL SOLUTION (Upgrading to full coverage scanning) >> We are happy that our technology already today helps you to reduce the at= tack su! >> rface of your corporate IT infrastructure. Our enterprise products close b= lind s! >> pots of the community feed and give access to Greenbone service desk. >> Please contact >> upgrade@greenbone.net >> and provide the following details (use copy&paste). Please understand tha= t we wi! >> ll not reply to you if you do not provide all the details. >> - Company name: >> - Company homepage: >> - Your name: >> - Your position in the company: >> - The number of IP addresses you are scanning with Greenbone (ca.): >> - The number of scanner instances you are using to scan: >> - Are you using a master-sensor configuration: yes/no >> Feel free to add any additional information you regard helpful to underst= and you! >> r setup. >> Our team will recommend to you a suitable commercial option. We are happy= to dis! >> cuss larger setups in direct communication. >> You can inform yourself about our standard products here: >> https://www.greenbone.net/en/products-solutions/ >> FREE COMMUNITY SOLUTION: Continue scanning with community feed >> The Greenbone Community Feed is still available and updated daily. You ma= y have ! >> just missed the technical notes and announcement here: >> https://community.greenbone.net/t/community-feed-url-consolidation/5338 >> Vulnerability Detection Method: >> Details: >> Important Announcement >> (OID: 1.3.6.1.4.1.25623.1.0.999998) >> Version used: 2020-07-14T11:31:48+0000 >> References: >> Other: >> https://community.greenbone.net/t/community-feed-url-consolidation/5338= >> Host 172.20.10.4 >> **************** >> Scanning of this host started at: >> Number of results: 2 >> Port Summary for Host 172.20.10.4 >> --------------------------------- >> Service (Port) Threat Level >> general/tcp High >> general/tcp High >> general/tcp High >> general/tcp High >> general/tcp High >> general/tcp High >> Security Issues for Host 172.20.10.4 >> ------------------------------------ >> Issue >> ----- >> NVT: Report outdated / end-of-life Scan Engine / Environment (local) >> OID: 1.3.6.1.4.1.25623.1.0.108560 >> Threat: High (CVSS: 10.0) >> Port: general/tcp >> Summary: >> This script checks and reports an outdated or end-of-life scan engine >> for the following environments: >> - Greenbone Source Edition (GSE) >> - Greenbone Community Edition (GCE) >> used for this scan. >> NOTE: While this is not, in and of itself, a security vulnerability, a se= verit! >> y is reported to make you aware >> of a possible decreased scan coverage or missing detection of vulnerabili= ties ! >> on the target due to e.g.: >> - missing functionalities >> - missing bugfixes >> - incompatibilities within the feed. >> Vulnerability Detection Result: >> Installed GVM Libraries (gvm-libs) version: 9.0.1 >> Latest available GVM Libraries (gvm-libs) version: 10.0.2 >> Reference URL(s) for the latest available version: https://community.gree= nbone.n! >> et/t/gvm-11-stable-initial-release-2019-10-14/3674 / https://community.gr= eenbone! >> .net/t/gvm-10-old-stable-initial-release-2019-04-05/208 >> Solution: >> Solution type: VendorFix >> Update to the latest available stable release for your scan environment. P= lease ! >> check the >> references for more information. If you're using packages provided by you= r Lin! >> ux distribution please contact the maintainer >> of the used distribution / repository and request updated packages. >> If you want to accept the risk of a possible decreased scan coverage or m= issin! >> g detection of vulnerabilities on the target you >> can set a global override for this script as described in the linked manu= als. >> Vulnerability Detection Method: >> Details: >> Report outdated / end-of-life Scan Engine / Environment (local) >> (OID: 1.3.6.1.4.1.25623.1.0.108560) >> Version used: 2020-06-10T13:24:20+0000 >> References: >> Other: >> https://www.greenbone.net/en/install_use_gce/ >> https://community.greenbone.net/t/gvm-9-end-of-life-initial-release-201= 7-03-07/211 >> https://community.greenbone.net/t/gvm-10-old-stable-initial-release-201= 9-04-05/208 >> https://community.greenbone.net/t/gvm-11-stable-initial-release-2019-10= -14/3674 >> https://docs.greenbone.net/GSM-Manual/gos-4/en/reports.html#creating-an= -override >> https://docs.greenbone.net/GSM-Manual/gos-5/en/reports.html#creating-an= -override >> https://docs.greenbone.net/GSM-Manual/gos-6/en/reports.html#creating-an= -override >> Issue >> ----- >> NVT: Important Announcement >> OID: 1.3.6.1.4.1.25623.1.0.999998 >> Threat: High (CVSS: 10.0) >> Port: general/tcp >> Summary: >> ATTENTION: >> Your vulnerability tests are out of maintenance and not updated since Sep= tember ! >> 1st 2020. Your setup of Greenbone Source Edition will not report about an= y new t! >> hreats in your scanned environment since this date! >> REASON: >> Your Greenbone setup is connected to a discontinued download server of th= e Green! >> bone Community Feed. The Greenbone Community Feed is still available via a= new d! >> ownload server. The discontinuation announcement was posted on May 13th a= t the G! >> reenbone Community Portal. >> SOLUTION: >> You can consider to upgrade your setup to a Greenbone enterprise product w= hich a! >> lso provides you the full scan coverage via Greenbone Security Feed (see P= ROFESS! >> IONAL SOLUTION). Alternatively you can continue with the Greenbone Commun= ity Fee! >> d (see FREE COMMUNITY SOLUTION). >> PROFESSIONAL SOLUTION (Upgrading to full coverage scanning) >> We are happy that our technology already today helps you to reduce the at= tack su! >> rface of your corporate IT infrastructure. Our enterprise products close b= lind s! >> pots of the community feed and give access to Greenbone service desk. >> Please contact >> upgrade@greenbone.net >> and provide the following details (use copy&paste). Please understand tha= t we wi! >> ll not reply to you if you do not provide all the details. >> - Company name: >> - Company homepage: >> - Your name: >> - Your position in the company: >> - The number of IP addresses you are scanning with Greenbone (ca.): >> - The number of scanner instances you are using to scan: >> - Are you using a master-sensor configuration: yes/no >> Feel free to add any additional information you regard helpful to underst= and you! >> r setup. >> Our team will recommend to you a suitable commercial option. We are happy= to dis! >> cuss larger setups in direct communication. >> You can inform yourself about our standard products here: >> https://www.greenbone.net/en/products-solutions/ >> FREE COMMUNITY SOLUTION: Continue scanning with community feed >> The Greenbone Community Feed is still available and updated daily. You ma= y have ! >> just missed the technical notes and announcement here: >> https://community.greenbone.net/t/community-feed-url-consolidation/5338 >> Vulnerability Detection Result: >> ATTENTION: >> Your vulnerability tests are out of maintenance and not updated since Sep= tember ! >> 1st 2020. Your setup of Greenbone Source Edition will not report about an= y new t! >> hreats in your scanned environment since this date! >> REASON: >> Your Greenbone setup is connected to a discontinued download server of th= e Green! >> bone Community Feed. The Greenbone Community Feed is still available via a= new d! >> ownload server. The discontinuation announcement was posted on May 13th a= t the G! >> reenbone Community Portal. >> SOLUTION: >> You can consider to upgrade your setup to a Greenbone enterprise product w= hich a! >> lso provides you the full scan coverage via Greenbone Security Feed (see P= ROFESS! >> IONAL SOLUTION). Alternatively you can continue with the Greenbone Commun= ity Fee! >> d (see FREE COMMUNITY SOLUTION). >> PROFESSIONAL SOLUTION (Upgrading to full coverage scanning) >> We are happy that our technology already today helps you to reduce the at= tack su! >> rface of your corporate IT infrastructure. Our enterprise products close b= lind s! >> pots of the community feed and give access to Greenbone service desk. >> Please contact >> upgrade@greenbone.net >> and provide the following details (use copy&paste). Please understand tha= t we wi! >> ll not reply to you if you do not provide all the details. >> - Company name: >> - Company homepage: >> - Your name: >> - Your position in the company: >> - The number of IP addresses you are scanning with Greenbone (ca.): >> - The number of scanner instances you are using to scan: >> - Are you using a master-sensor configuration: yes/no >> Feel free to add any additional information you regard helpful to underst= and you! >> r setup. >> Our team will recommend to you a suitable commercial option. We are happy= to dis! >> cuss larger setups in direct communication. >> You can inform yourself about our standard products here: >> https://www.greenbone.net/en/products-solutions/ >> FREE COMMUNITY SOLUTION: Continue scanning with community feed >> The Greenbone Community Feed is still available and updated daily. You ma= y have ! >> just missed the technical notes and announcement here: >> https://community.greenbone.net/t/community-feed-url-consolidation/5338 >> Vulnerability Detection Method: >> Details: >> Important Announcement >> (OID: 1.3.6.1.4.1.25623.1.0.999998) >> Version used: 2020-07-14T11:31:48+0000 >> References: >> Other: >> https://community.greenbone.net/t/community-feed-url-consolidation/5338= >> Host 172.20.10.12 >> ***************** >> Scanning of this host started at: >> Number of results: 2 >> Port Summary for Host 172.20.10.12 >> ---------------------------------- >> Service (Port) Threat Level >> general/tcp High >> general/tcp High >> general/tcp High >> general/tcp High >> general/tcp High >> general/tcp High >> Security Issues for Host 172.20.10.12 >> ------------------------------------- >> Issue >> ----- >> NVT: Report outdated / end-of-life Scan Engine / Environment (local) >> OID: 1.3.6.1.4.1.25623.1.0.108560 >> Threat: High (CVSS: 10.0) >> Port: general/tcp >> Summary: >> This script checks and reports an outdated or end-of-life scan engine >> for the following environments: >> - Greenbone Source Edition (GSE) >> - Greenbone Community Edition (GCE) >> used for this scan. >> NOTE: While this is not, in and of itself, a security vulnerability, a se= verit! >> y is reported to make you aware >> of a possible decreased scan coverage or missing detection of vulnerabili= ties ! >> on the target due to e.g.: >> - missing functionalities >> - missing bugfixes >> - incompatibilities within the feed. >> Vulnerability Detection Result: >> Installed GVM Libraries (gvm-libs) version: 9.0.1 >> Latest available GVM Libraries (gvm-libs) version: 10.0.2 >> Reference URL(s) for the latest available version: https://community.gree= nbone.n! >> et/t/gvm-11-stable-initial-release-2019-10-14/3674 / https://community.gr= eenbone! >> .net/t/gvm-10-old-stable-initial-release-2019-04-05/208 >> Solution: >> Solution type: VendorFix >> Update to the latest available stable release for your scan environment. P= lease ! >> check the >> references for more information. If you're using packages provided by you= r Lin! >> ux distribution please contact the maintainer >> of the used distribution / repository and request updated packages. >> If you want to accept the risk of a possible decreased scan coverage or m= issin! >> g detection of vulnerabilities on the target you >> can set a global override for this script as described in the linked manu= als. >> Vulnerability Detection Method: >> Details: >> Report outdated / end-of-life Scan Engine / Environment (local) >> (OID: 1.3.6.1.4.1.25623.1.0.108560) >> Version used: 2020-06-10T13:24:20+0000 >> References: >> Other: >> https://www.greenbone.net/en/install_use_gce/ >> https://community.greenbone.net/t/gvm-9-end-of-life-initial-release-201= 7-03-07/211 >> https://community.greenbone.net/t/gvm-10-old-stable-initial-release-201= 9-04-05/208 >> https://community.greenbone.net/t/gvm-11-stable-initial-release-2019-10= -14/3674 >> https://docs.greenbone.net/GSM-Manual/gos-4/en/reports.html#creating-an= -override >> https://docs.greenbone.net/GSM-Manual/gos-5/en/reports.html#creating-an= -override >> https://docs.greenbone.net/GSM-Manual/gos-6/en/reports.html#creating-an= -override >> Issue >> ----- >> NVT: Important Announcement >> OID: 1.3.6.1.4.1.25623.1.0.999998 >> Threat: High (CVSS: 10.0) >> Port: general/tcp >> Summary: >> ATTENTION: >> Your vulnerability tests are out of maintenance and not updated since Sep= tember ! >> 1st 2020. Your setup of Greenbone Source Edition will not report about an= y new t! >> hreats in your scanned environment since this date! >> REASON: >> Your Greenbone setup is connected to a discontinued download server of th= e Green! >> bone Community Feed. The Greenbone Community Feed is still available via a= new d! >> ownload server. The discontinuation announcement was posted on May 13th a= t the G! >> reenbone Community Portal. >> SOLUTION: >> You can consider to upgrade your setup to a Greenbone enterprise product w= hich a! >> lso provides you the full scan coverage via Greenbone Security Feed (see P= ROFESS! >> IONAL SOLUTION). Alternatively you can continue with the Greenbone Commun= ity Fee! >> d (see FREE COMMUNITY SOLUTION). >> PROFESSIONAL SOLUTION (Upgrading to full coverage scanning) >> We are happy that our technology already today helps you to reduce the at= tack su! >> rface of your corporate IT infrastructure. Our enterprise products close b= lind s! >> pots of the community feed and give access to Greenbone service desk. >> Please contact >> upgrade@greenbone.net >> and provide the following details (use copy&paste). Please understand tha= t we wi! >> ll not reply to you if you do not provide all the details. >> - Company name: >> - Company homepage: >> - Your name: >> - Your position in the company: >> - The number of IP addresses you are scanning with Greenbone (ca.): >> - The number of scanner instances you are using to scan: >> - Are you using a master-sensor configuration: yes/no >> Feel free to add any additional information you regard helpful to underst= and you! >> r setup. >> Our team will recommend to you a suitable commercial option. We are happy= to dis! >> cuss larger setups in direct communication. >> You can inform yourself about our standard products here: >> https://www.greenbone.net/en/products-solutions/ >> FREE COMMUNITY SOLUTION: Continue scanning with community feed >> The Greenbone Community Feed is still available and updated daily. You ma= y have ! >> just missed the technical notes and announcement here: >> https://community.greenbone.net/t/community-feed-url-consolidation/5338 >> Vulnerability Detection Result: >> ATTENTION: >> Your vulnerability tests are out of maintenance and not updated since Sep= tember ! >> 1st 2020. Your setup of Greenbone Source Edition will not report about an= y new t! >> hreats in your scanned environment since this date! >> REASON: >> Your Greenbone setup is connected to a discontinued download server of th= e Green! >> bone Community Feed. The Greenbone Community Feed is still available via a= new d! >> ownload server. The discontinuation announcement was posted on May 13th a= t the G! >> reenbone Community Portal. >> SOLUTION: >> You can consider to upgrade your setup to a Greenbone enterprise product w= hich a! >> lso provides you the full scan coverage via Greenbone Security Feed (see P= ROFESS! >> IONAL SOLUTION). Alternatively you can continue with the Greenbone Commun= ity Fee! >> d (see FREE COMMUNITY SOLUTION). >> PROFESSIONAL SOLUTION (Upgrading to full coverage scanning) >> We are happy that our technology already today helps you to reduce the at= tack su! >> rface of your corporate IT infrastructure. Our enterprise products close b= lind s! >> pots of the community feed and give access to Greenbone service desk. >> Please contact >> upgrade@greenbone.net >> and provide the following details (use copy&paste). Please understand tha= t we wi! >> ll not reply to you if you do not provide all the details. >> - Company name: >> - Company homepage: >> - Your name: >> - Your position in the company: >> - The number of IP addresses you are scanning with Greenbone (ca.): >> - The number of scanner instances you are using to scan: >> - Are you using a master-sensor configuration: yes/no >> Feel free to add any additional information you regard helpful to underst= and you! >> r setup. >> Our team will recommend to you a suitable commercial option. We are happy= to dis! >> cuss larger setups in direct communication. >> You can inform yourself about our standard products here: >> https://www.greenbone.net/en/products-solutions/ >> FREE COMMUNITY SOLUTION: Continue scanning with community feed >> The Greenbone Community Feed is still available and updated daily. You ma= y have ! >> just missed the technical notes and announcement here: >> https://community.greenbone.net/t/community-feed-url-consolidation/5338 >> Vulnerability Detection Method: >> Details: >> Important Announcement >> (OID: 1.3.6.1.4.1.25623.1.0.999998) >> Version used: 2020-07-14T11:31:48+0000 >> References: >> Other: >> https://community.greenbone.net/t/community-feed-url-consolidation/5338= >> Host 172.20.10.11 >> ***************** >> Scanning of this host started at: >> Number of results: 2 >> Port Summary for Host 172.20.10.11 >> ---------------------------------- >> Service (Port) Threat Level >> general/tcp High >> general/tcp High >> general/tcp High >> general/tcp High >> general/tcp High >> general/tcp High >> Security Issues for Host 172.20.10.11 >> ------------------------------------- >> Issue >> ----- >> NVT: Report outdated / end-of-life Scan Engine / Environment (local) >> OID: 1.3.6.1.4.1.25623.1.0.108560 >> Threat: High (CVSS: 10.0) >> Port: general/tcp >> Summary: >> This script checks and reports an outdated or end-of-life scan engine >> for the following environments: >> - Greenbone Source Edition (GSE) >> - Greenbone Community Edition (GCE) >> used for this scan. >> NOTE: While this is not, in and of itself, a security vulnerability, a se= verit! >> y is reported to make you aware >> of a possible decreased scan coverage or missing detection of vulnerabili= ties ! >> on the target due to e.g.: >> - missing functionalities >> - missing bugfixes >> - incompatibilities within the feed. >> Vulnerability Detection Result: >> Installed GVM Libraries (gvm-libs) version: 9.0.1 >> Latest available GVM Libraries (gvm-libs) version: 10.0.2 >> Reference URL(s) for the latest available version: https://community.gree= nbone.n! >> et/t/gvm-11-stable-initial-release-2019-10-14/3674 / https://community.gr= eenbone! >> .net/t/gvm-10-old-stable-initial-release-2019-04-05/208 >> Solution: >> Solution type: VendorFix >> Update to the latest available stable release for your scan environment. P= lease ! >> check the >> references for more information. If you're using packages provided by you= r Lin! >> ux distribution please contact the maintainer >> of the used distribution / repository and request updated packages. >> If you want to accept the risk of a possible decreased scan coverage or m= issin! >> g detection of vulnerabilities on the target you >> can set a global override for this script as described in the linked manu= als. >> Vulnerability Detection Method: >> Details: >> Report outdated / end-of-life Scan Engine / Environment (local) >> (OID: 1.3.6.1.4.1.25623.1.0.108560) >> Version used: 2020-06-10T13:24:20+0000 >> References: >> Other: >> https://www.greenbone.net/en/install_use_gce/ >> https://community.greenbone.net/t/gvm-9-end-of-life-initial-release-201= 7-03-07/211 >> https://community.greenbone.net/t/gvm-10-old-stable-initial-release-201= 9-04-05/208 >> https://community.greenbone.net/t/gvm-11-stable-initial-release-2019-10= -14/3674 >> https://docs.greenbone.net/GSM-Manual/gos-4/en/reports.html#creating-an= -override >> https://docs.greenbone.net/GSM-Manual/gos-5/en/reports.html#creating-an= -override >> https://docs.greenbone.net/GSM-Manual/gos-6/en/reports.html#creating-an= -override >> Issue >> ----- >> NVT: Important Announcement >> OID: 1.3.6.1.4.1.25623.1.0.999998 >> Threat: High (CVSS: 10.0) >> Port: general/tcp >> Summary: >> ATTENTION: >> Your vulnerability tests are out of maintenance and not updated since Sep= tember ! >> 1st 2020. Your setup of Greenbone Source Edition will not report about an= y new t! >> hreats in your scanned environment since this date! >> REASON: >> Your Greenbone setup is connected to a discontinued download server of th= e Green! >> bone Community Feed. The Greenbone Community Feed is still available via a= new d! >> ownload server. The discontinuation announcement was posted on May 13th a= t the G! >> reenbone Community Portal. >> SOLUTION: >> You can consider to upgrade your setup to a Greenbone enterprise product w= hich a! >> lso provides you the full scan coverage via Greenbone Security Feed (see P= ROFESS! >> IONAL SOLUTION). Alternatively you can continue with the Greenbone Commun= ity Fee! >> d (see FREE COMMUNITY SOLUTION). >> PROFESSIONAL SOLUTION (Upgrading to full coverage scanning) >> We are happy that our technology already today helps you to reduce the at= tack su! >> rface of your corporate IT infrastructure. Our enterprise products close b= lind s! >> pots of the community feed and give access to Greenbone service desk. >> Please contact >> upgrade@greenbone.net >> and provide the following details (use copy&paste). Please understand tha= t we wi! >> ll not reply to you if you do not provide all the details. >> - Company name: >> - Company homepage: >> - Your name: >> - Your position in the company: >> - The number of IP addresses you are scanning with Greenbone (ca.): >> - The number of scanner instances you are using to scan: >> - Are you using a master-sensor configuration: yes/no >> Feel free to add any additional information you regard helpful to underst= and you! >> r setup. >> Our team will recommend to you a suitable commercial option. We are happy= to dis! >> cuss larger setups in direct communication. >> You can inform yourself about our standard products here: >> https://www.greenbone.net/en/products-solutions/ >> FREE COMMUNITY SOLUTION: Continue scanning with community feed >> The Greenbone Community Feed is still available and updated daily. You ma= y have ! >> just missed the technical notes and announcement here: >> https://community.greenbone.net/t/community-feed-url-consolidation/5338 >> Vulnerability Detection Result: >> ATTENTION: >> Your vulnerability tests are out of maintenance and not updated since Sep= tember ! >> 1st 2020. Your setup of Greenbone Source Edition will not report about an= y new t! >> hreats in your scanned environment since this date! >> REASON: >> Your Greenbone setup is connected to a discontinued download server of th= e Green! >> bone Community Feed. The Greenbone Community Feed is still available via a= new d! >> ownload server. The discontinuation announcement was posted on May 13th a= t the G! >> reenbone Community Portal. >> SOLUTION: >> You can consider to upgrade your setup to a Greenbone enterprise product w= hich a! >> lso provides you the full scan coverage via Greenbone Security Feed (see P= ROFESS! >> IONAL SOLUTION). Alternatively you can continue with the Greenbone Commun= ity Fee! >> d (see FREE COMMUNITY SOLUTION). >> PROFESSIONAL SOLUTION (Upgrading to full coverage scanning) >> We are happy that our technology already today helps you to reduce the at= tack su! >> rface of your corporate IT infrastructure. Our enterprise products close b= lind s! >> pots of the community feed and give access to Greenbone service desk. >> Please contact >> upgrade@greenbone.net >> and provide the following details (use copy&paste). Please understand tha= t we wi! >> ll not reply to you if you do not provide all the details. >> - Company name: >> - Company homepage: >> - Your name: >> - Your position in the company: >> - The number of IP addresses you are scanning with Greenbone (ca.): >> - The number of scanner instances you are using to scan: >> - Are you using a master-sensor configuration: yes/no >> Feel free to add any additional information you regard helpful to underst= and you! >> r setup. >> Our team will recommend to you a suitable commercial option. We are happy= to dis! >> cuss larger setups in direct communication. >> You can inform yourself about our standard products here: >> https://www.greenbone.net/en/products-solutions/ >> FREE COMMUNITY SOLUTION: Continue scanning with community feed >> The Greenbone Community Feed is still available and updated daily. You ma= y have ! >> just missed the technical notes and announcement here: >> https://community.greenbone.net/t/community-feed-url-consolidation/5338 >> Vulnerability Detection Method: >> Details: >> Important Announcement >> (OID: 1.3.6.1.4.1.25623.1.0.999998) >> Version used: 2020-07-14T11:31:48+0000 >> References: >> Other: >> https://community.greenbone.net/t/community-feed-url-consolidation/5338= >> Host 172.20.10.8 >> **************** >> Scanning of this host started at: >> Number of results: 2 >> Port Summary for Host 172.20.10.8 >> --------------------------------- >> Service (Port) Threat Level >> general/tcp High >> general/tcp High >> general/tcp High >> general/tcp High >> general/tcp High >> general/tcp High >> Security Issues for Host 172.20.10.8 >> ------------------------------------ >> Issue >> ----- >> NVT: Report outdated / end-of-life Scan Engine / Environment (local) >> OID: 1.3.6.1.4.1.25623.1.0.108560 >> Threat: High (CVSS: 10.0) >> Port: general/tcp >> Summary: >> This script checks and reports an outdated or end-of-life scan engine >> for the following environments: >> - Greenbone Source Edition (GSE) >> - Greenbone Community Edition (GCE) >> used for this scan. >> NOTE: While this is not, in and of itself, a security vulnerability, a se= verit! >> y is reported to make you aware >> of a possible decreased scan coverage or missing detection of vulnerabili= ties ! >> on the target due to e.g.: >> - missing functionalities >> - missing bugfixes >> - incompatibilities within the feed. >> Vulnerability Detection Result: >> Installed GVM Libraries (gvm-libs) version: 9.0.1 >> Latest available GVM Libraries (gvm-libs) version: 10.0.2 >> Reference URL(s) for the latest available version: https://community.gree= nbone.n! >> et/t/gvm-11-stable-initial-release-2019-10-14/3674 / https://community.gr= eenbone! >> .net/t/gvm-10-old-stable-initial-release-2019-04-05/208 >> Solution: >> Solution type: VendorFix >> Update to the latest available stable release for your scan environment. P= lease ! >> check the >> references for more information. If you're using packages provided by you= r Lin! >> ux distribution please contact the maintainer >> of the used distribution / repository and request updated packages. >> If you want to accept the risk of a possible decreased scan coverage or m= issin! >> g detection of vulnerabilities on the target you >> can set a global override for this script as described in the linked manu= als. >> Vulnerability Detection Method: >> Details: >> Report outdated / end-of-life Scan Engine / Environment (local) >> (OID: 1.3.6.1.4.1.25623.1.0.108560) >> Version used: 2020-06-10T13:24:20+0000 >> References: >> Other: >> https://www.greenbone.net/en/install_use_gce/ >> https://community.greenbone.net/t/gvm-9-end-of-life-initial-release-201= 7-03-07/211 >> https://community.greenbone.net/t/gvm-10-old-stable-initial-release-201= 9-04-05/208 >> https://community.greenbone.net/t/gvm-11-stable-initial-release-2019-10= -14/3674 >> https://docs.greenbone.net/GSM-Manual/gos-4/en/reports.html#creating-an= -override >> https://docs.greenbone.net/GSM-Manual/gos-5/en/reports.html#creating-an= -override >> https://docs.greenbone.net/GSM-Manual/gos-6/en/reports.html#creating-an= -override >> Issue >> ----- >> NVT: Important Announcement >> OID: 1.3.6.1.4.1.25623.1.0.999998 >> Threat: High (CVSS: 10.0) >> Port: general/tcp >> Summary: >> ATTENTION: >> Your vulnerability tests are out of maintenance and not updated since Sep= tember ! >> 1st 2020. Your setup of Greenbone Source Edition will not report about an= y new t! >> hreats in your scanned environment since this date! >> REASON: >> Your Greenbone setup is connected to a discontinued download server of th= e Green! >> bone Community Feed. The Greenbone Community Feed is still available via a= new d! >> ownload server. The discontinuation announcement was posted on May 13th a= t the G! >> reenbone Community Portal. >> SOLUTION: >> You can consider to upgrade your setup to a Greenbone enterprise product w= hich a! >> lso provides you the full scan coverage via Greenbone Security Feed (see P= ROFESS! >> IONAL SOLUTION). Alternatively you can continue with the Greenbone Commun= ity Fee! >> d (see FREE COMMUNITY SOLUTION). >> PROFESSIONAL SOLUTION (Upgrading to full coverage scanning) >> We are happy that our technology already today helps you to reduce the at= tack su! >> rface of your corporate IT infrastructure. Our enterprise products close b= lind s! >> pots of the community feed and give access to Greenbone service desk. >> Please contact >> upgrade@greenbone.net >> and provide the following details (use copy&paste). Please understand tha= t we wi! >> ll not reply to you if you do not provide all the details. >> - Company name: >> - Company homepage: >> - Your name: >> - Your position in the company: >> - The number of IP addresses you are scanning with Greenbone (ca.): >> - The number of scanner instances you are using to scan: >> - Are you using a master-sensor configuration: yes/no >> Feel free to add any additional information you regard helpful to underst= and you! >> r setup. >> Our team will recommend to you a suitable commercial option. We are happy= to dis! >> cuss larger setups in direct communication. >> You can inform yourself about our standard products here: >> https://www.greenbone.net/en/products-solutions/ >> FREE COMMUNITY SOLUTION: Continue scanning with community feed >> The Greenbone Community Feed is still available and updated daily. You ma= y have ! >> just missed the technical notes and announcement here: >> https://community.greenbone.net/t/community-feed-url-consolidation/5338 >> Vulnerability Detection Result: >> ATTENTION: >> Your vulnerability tests are out of maintenance and not updated since Sep= tember ! >> 1st 2020. Your setup of Greenbone Source Edition will not report about an= y new t! >> hreats in your scanned environment since this date! >> REASON: >> Your Greenbone setup is connected to a discontinued download server of th= e Green! >> bone Community Feed. The Greenbone Community Feed is still available via a= new d! >> ownload server. The discontinuation announcement was posted on May 13th a= t the G! >> reenbone Community Portal. >> SOLUTION: >> You can consider to upgrade your setup to a Greenbone enterprise product w= hich a! >> lso provides you the full scan coverage via Greenbone Security Feed (see P= ROFESS! >> IONAL SOLUTION). Alternatively you can continue with the Greenbone Commun= ity Fee! >> d (see FREE COMMUNITY SOLUTION). >> PROFESSIONAL SOLUTION (Upgrading to full coverage scanning) >> We are happy that our technology already today helps you to reduce the at= tack su! >> rface of your corporate IT infrastructure. Our enterprise products close b= lind s! >> pots of the community feed and give access to Greenbone service desk. >> Please contact >> upgrade@greenbone.net >> and provide the following details (use copy&paste). Please understand tha= t we wi! >> ll not reply to you if you do not provide all the details. >> - Company name: >> - Company homepage: >> - Your name: >> - Your position in the company: >> - The number of IP addresses you are scanning with Greenbone (ca.): >> - The number of scanner instances you are using to scan: >> - Are you using a master-sensor configuration: yes/no >> Feel free to add any additional information you regard helpful to underst= and you! >> r setup. >> Our team will recommend to you a suitable commercial option. We are happy= to dis! >> cuss larger setups in direct communication. >> You can inform yourself about our standard products here: >> https://www.greenbone.net/en/products-solutions/ >> FREE COMMUNITY SOLUTION: Continue scanning with community feed >> The Greenbone Community Feed is still available and updated daily. You ma= y have ! >> just missed the technical notes and announcement here: >> https://community.greenbone.net/t/community-feed-url-consolidation/5338 >> Vulnerability Detection Method: >> Details: >> Important Announcement >> (OID: 1.3.6.1.4.1.25623.1.0.999998) >> Version used: 2020-07-14T11:31:48+0000 >> References: >> Other: >> https://community.greenbone.net/t/community-feed-url-consolidation/5338= >> Host 172.20.10.1 >> **************** >> Scanning of this host started at: >> Number of results: 2 >> Port Summary for Host 172.20.10.1 >> --------------------------------- >> Service (Port) Threat Level >> general/tcp High >> general/tcp High >> general/tcp High >> general/tcp High >> general/tcp High >> general/tcp High >> Security Issues for Host 172.20.10.1 >> ------------------------------------ >> Issue >> ----- >> NVT: Report outdated / end-of-life Scan Engine / Environment (local) >> OID: 1.3.6.1.4.1.25623.1.0.108560 >> Threat: High (CVSS: 10.0) >> Port: general/tcp >> Summary: >> This script checks and reports an outdated or end-of-life scan engine >> for the following environments: >> - Greenbone Source Edition (GSE) >> - Greenbone Community Edition (GCE) >> used for this scan. >> NOTE: While this is not, in and of itself, a security vulnerability, a se= verit! >> y is reported to make you aware >> of a possible decreased scan coverage or missing detection of vulnerabili= ties ! >> on the target due to e.g.: >> - missing functionalities >> - missing bugfixes >> - incompatibilities within the feed. >> Vulnerability Detection Result: >> Installed GVM Libraries (gvm-libs) version: 9.0.1 >> Latest available GVM Libraries (gvm-libs) version: 10.0.2 >> Reference URL(s) for the latest available version: https://community.gree= nbone.n! >> et/t/gvm-11-stable-initial-release-2019-10-14/3674 / https://community.gr= eenbone! >> .net/t/gvm-10-old-stable-initial-release-2019-04-05/208 >> Solution: >> Solution type: VendorFix >> Update to the latest available stable release for your scan environment. P= lease ! >> check the >> references for more information. If you're using packages provided by you= r Lin! >> ux distribution please contact the maintainer >> of the used distribution / repository and request updated packages. >> If you want to accept the risk of a possible decreased scan coverage or m= issin! >> g detection of vulnerabilities on the target you >> can set a global override for this script as described in the linked manu= als. >> Vulnerability Detection Method: >> Details: >> Report outdated / end-of-life Scan Engine / Environment (local) >> (OID: 1.3.6.1.4.1.25623.1.0.108560) >> Version used: 2020-06-10T13:24:20+0000 >> References: >> Other: >> https://www.greenbone.net/en/install_use_gce/ >> https://community.greenbone.net/t/gvm-9-end-of-life-initial-release-201= 7-03-07/211 >> https://community.greenbone.net/t/gvm-10-old-stable-initial-release-201= 9-04-05/208 >> https://community.greenbone.net/t/gvm-11-stable-initial-release-2019-10= -14/3674 >> https://docs.greenbone.net/GSM-Manual/gos-4/en/reports.html#creating-an= -override >> https://docs.greenbone.net/GSM-Manual/gos-5/en/reports.html#creating-an= -override >> https://docs.greenbone.net/GSM-Manual/gos-6/en/reports.html#creating-an= -override >> Issue >> ----- >> NVT: Important Announcement >> OID: 1.3.6.1.4.1.25623.1.0.999998 >> Threat: High (CVSS: 10.0) >> Port: general/tcp >> Summary: >> ATTENTION: >> Your vulnerability tests are out of maintenance and not updated since Sep= tember ! >> 1st 2020. Your setup of Greenbone Source Edition will not report about an= y new t! >> hreats in your scanned environment since this date! >> REASON: >> Your Greenbone setup is connected to a discontinued download server of th= e Green! >> bone Community Feed. The Greenbone Community Feed is still available via a= new d! >> ownload server. The discontinuation announcement was posted on May 13th a= t the G! >> reenbone Community Portal. >> SOLUTION: >> You can consider to upgrade your setup to a Greenbone enterprise product w= hich a! >> lso provides you the full scan coverage via Greenbone Security Feed (see P= ROFESS! >> IONAL SOLUTION). Alternatively you can continue with the Greenbone Commun= ity Fee! >> d (see FREE COMMUNITY SOLUTION). >> PROFESSIONAL SOLUTION (Upgrading to full coverage scanning) >> We are happy that our technology already today helps you to reduce the at= tack su! >> rface of your corporate IT infrastructure. Our enterprise products close b= lind s! >> pots of the community feed and give access to Greenbone service desk. >> Please contact >> upgrade@greenbone.net >> and provide the following details (use copy&paste). Please understand tha= t we wi! >> ll not reply to you if you do not provide all the details. >> - Company name: >> - Company homepage: >> - Your name: >> - Your position in the company: >> - The number of IP addresses you are scanning with Greenbone (ca.): >> - The number of scanner instances you are using to scan: >> - Are you using a master-sensor configuration: yes/no >> Feel free to add any additional information you regard helpful to underst= and you! >> r setup. >> Our team will recommend to you a suitable commercial option. We are happy= to dis! >> cuss larger setups in direct communication. >> You can inform yourself about our standard products here: >> https://www.greenbone.net/en/products-solutions/ >> FREE COMMUNITY SOLUTION: Continue scanning with community feed >> The Greenbone Community Feed is still available and updated daily. You ma= y have ! >> just missed the technical notes and announcement here: >> https://community.greenbone.net/t/community-feed-url-consolidation/5338 >> Vulnerability Detection Result: >> ATTENTION: >> Your vulnerability tests are out of maintenance and not updated since Sep= tember ! >> 1st 2020. Your setup of Greenbone Source Edition will not report about an= y new t! >> hreats in your scanned environment since this date! >> REASON: >> Your Greenbone setup is connected to a discontinued download server of th= e Green! >> bone Community Feed. The Greenbone Community Feed is still available via a= new d! >> ownload server. The discontinuation announcement was posted on May 13th a= t the G! >> reenbone Community Portal. >> SOLUTION: >> You can consider to upgrade your setup to a Greenbone enterprise product w= hich a! >> lso provides you the full scan coverage via Greenbone Security Feed (see P= ROFESS! >> IONAL SOLUTION). Alternatively you can continue with the Greenbone Commun= ity Fee! >> d (see FREE COMMUNITY SOLUTION). >> PROFESSIONAL SOLUTION (Upgrading to full coverage scanning) >> We are happy that our technology already today helps you to reduce the at= tack su! >> rface of your corporate IT infrastructure. Our enterprise products close b= lind s! >> pots of the community feed and give access to Greenbone service desk. >> Please contact >> upgrade@greenbone.net >> and provide the following details (use copy&paste). Please understand tha= t we wi! >> ll not reply to you if you do not provide all the details. >> - Company name: >> - Company homepage: >> - Your name: >> - Your position in the company: >> - The number of IP addresses you are scanning with Greenbone (ca.): >> - The number of scanner instances you are using to scan: >> - Are you using a master-sensor configuration: yes/no >> Feel free to add any additional information you regard helpful to underst= and you! >> r setup. >> Our team will recommend to you a suitable commercial option. We are happy= to dis! >> cuss larger setups in direct communication. >> You can inform yourself about our standard products here: >> https://www.greenbone.net/en/products-solutions/ >> FREE COMMUNITY SOLUTION: Continue scanning with community feed >> The Greenbone Community Feed is still available and updated daily. You ma= y have ! >> just missed the technical notes and announcement here: >> https://community.greenbone.net/t/community-feed-url-consolidation/5338 >> Vulnerability Detection Method: >> Details: >> Important Announcement >> (OID: 1.3.6.1.4.1.25623.1.0.999998) >> Version used: 2020-07-14T11:31:48+0000 >> References: >> Other: >> https://community.greenbone.net/t/community-feed-url-consolidation/5338= >=20 >> _______________________________________________ >> freebsd-pkg@freebsd.org mailing list >> https://lists.freebsd.org/mailman/listinfo/freebsd-pkg >> To unsubscribe, send any mail to "freebsd-pkg-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?C0D660A2-9A41-4077-9C10-1092FB68E189>