On Tue, Sep 14, 2010 at 4:10 AM, Jan-Oliver Wagner <jan-oliver.wag...@greenbone.net> wrote: > On Montag, 13. September 2010, Kaushal Shriyan wrote: >> I get the below error in /var/log/openvas/openvassd.dump, I am on >> debian 5.0.6 OS. Please suggest >> >> [12700](/var/lib/openvas/plugins/remote-pwcrack-options.nasl) >> script_get_preference_file_location: could not get local file name >> from preference Passwords file : >> [12706](/var/lib/openvas/plugins/ssh_authorization.nasl) >> gnutls_x509_privkey_import_pkcs8: Decryption has failed. (-24) > > Just a quick guess: > > Debian carries 2 versions (internal IDs: 13 and 26) of gnutls. > Maybe you applied the old version?
Hi Jan-Oliver Wagner I am no more able to reproduce that error now. Also I have a concern I still get "It was not possible to login using the SSH crendentials supplied. Hence local security checks are not enabled." As kost suggested below on the openvas-discuss mailing list "I guess you're using remote checks which often can be unaccurate (especially if they rely on version check only) as linux distributions doesn't update the version if they fix only vulnerabilities. If you want more accurate results, I would suggest using local security checks. That means you need to provide credentials of target machines to OpenVAS. " I am using openvas scanner which is a component in OSSIM (http://www.alienvault.com/community.php?section=Home) The OSSIM software is build on top of debian OS 5.0.6. I have the latest update and the openvas signatures are updated frequently on a daily basis invoked by cron. Also the target machine is Ubuntu 10.04.1 server and there are no USN (http://www.ubuntu.com/usn/usn-908-1) for Apache in Ubuntu 10.04 server , even which the scanner reports vulnerabilities in Apache2 which are detailed below. Overview: Apache is prone to multiple vulnerabilities. These issues may lead to information disclosure or other attacks. Apache versions prior to 2.2.15-dev are affected. Solution: These issues have been addressed in Apache 2.2.15-dev. Apache 2.2.15 including fixes will become available in the future as well. Please see the references for more information. References: http://www.securityfocus.com/bid/38494 http://httpd.apache.org/security/vulnerabilities_22.html http://httpd.apache.org/ https://issues.apache.org/bugzilla/show_bug.cgi?id=48359 http://svn.apache.org/viewvc?view=revision&revision=917870 Risk factor : Medium CVE : CVE-2010-0425, CVE-2010-0434, CVE-2010-0408 BID : 38494, 38491 OID : 1.3.6.1.4.1.25623.1.0.100514 Overview: Apache HTTP Server is prone to multiple remote denial-of-service vulnerabilities. An attacker can exploit these issues to deny service to legitimate users. Versions prior to Apache 2.2.16 are vulnerable. Solution: These issues have been fixed in Apache 2.2.16. Please see the references for more information. References: https://www.securityfocus.com/bid/41963 http://httpd.apache.org/download.cgi http://httpd.apache.org/ http://www.apache.org/dist/httpd/Announcement2.2.html http://www.apache.org/dist/httpd/CHANGES_2.2.16 CVE : CVE-2010-1452 BID : 41963 OID : 1.3.6.1.4.1.25623.1.0.100725 Overview: This host is running Apache HTTP Server and is prone to Denial of Service vulnerability. Vulnerability Insight: The flaw is due to error in 'stream_reqbody_cl' function in 'mod_proxy_http.c' in the mod_proxy module. When a reverse proxy is configured, it does not properly handle an amount of streamed data that exceeds the Content-Length value via crafted requests. Impact: Successful exploitation will allow remote attackers to cause Denial of Service to the legitimate user by CPU consumption. Impact Level: Application Affected Software/OS: Apache HTTP Server version prior to 2.3.3 Fix: Fixed in the SVN repository. http://svn.apache.org/viewvc?view=rev&revision=790587 References: http://secunia.com/advisories/35691 http://www.vupen.com/english/advisories/2009/1773 http://svn.apache.org/viewvc/httpd/httpd/trunk/CHANGES?r1=790587&r2=790586&pathrev=790587 CVSS Score: CVSS Base Score : 5.0 (AV:N/AC:L/Au:NR/C:N/I:N/A:P) CVSS Temporal Score : 3.7 Risk factor : Medium CVE : CVE-2009-1890 BID : 35565 OID : 1.3.6.1.4.1.25623.1.0.800827 Please suggest/guide in this context. Thanks and Regards Kaushal _______________________________________________ Openvas-devel mailing list Openvas-devel@wald.intevation.org http://lists.wald.intevation.org/mailman/listinfo/openvas-devel
