To expand, On a fresh OS/OpenVAS install (following instructions on www.openvas.org/install-packages.html for ubuntu OBS), I can query openvas with omp just fine using the admin:password credentials.
omp -v -h 192.168.1.155 -u admin -w password -X "<get_nvts details=\"1\" preferences=\"0\" preference_count=\"0\" timeout=\"0\" family=\"Buffer overflow\" />" #all good, returns well-formed XML Once I create a second client cert, for a new openvas user that I am consuming in my client, the XML for the command breaks: openvasad -c add_user -n openvas -r Admin openvas-mkcert-client -n openvas -i omp -v -h 192.168.1.155 -u openvas -w openvas -X "<get_nvts details=\"1\" preferences=\"0\" preference_count=\"0\" timeout=\"0\" family=\"Buffer overflow\" />" #this will return broken xml On Sun, Dec 11, 2011 at 2:32 PM, Brandon Perry <bperry.volat...@gmail.com> wrote: > It starts breaking XML after I create a second client certificate for > my user (the first being created for the om user, the second for > admin) > > On Sun, Dec 11, 2011 at 1:48 PM, Brandon Perry > <bperry.volat...@gmail.com> wrote: >> I Get the same results with my own custom client. I am running this >> server in a virtual machine in virtualbox (ubuntu 11.10 host, 11.10 >> guest). I would like to mention: I did a fresh install on the VM of >> 11.10, and went to OBS 5.0 for 11.04 as that is the latest release of >> ubuntu they have builds for. After initially installing, the command >> actually spit out everything it was supposed to. However, at some >> point in time it stopped sending all the data. I am going through and >> trying to reproduce exactly what needs to happen to cause this. >> >> Thoughts? >> bperry@bperry-laptop:~/Downloads$ omp -v -h 192.168.1.155 -u admin -w >> openvas -X "<get_nvts details=\"1\" preferences=\"0\" >> preference_count=\"0\" timeout=\"0\" family=\"Buffer overflow\" />" >> [..]snip[..] >> CVSS Score: CVSS Base Score : 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C) >> CVSS Temporal Score : 9.0</description><summary>Check for the >> version of Adobe Reader/Acrobat</summary><family>Buffer >> overflow</family><version>$Revision: 12215 >> $</version><cvss_base>9.3</cvss_base><risk_factor>Critical</risk_factor><cve_id>CVE-2009-4324</cve_id><bugtraq_id>37331</bugtraq_id><xrefs>NOXREF</xrefs><fingerprints>48479FF648DB4530</fingerprints><tags>last_modification=$Date: >> 2011-11-29 17:59:09 +0100 (Di, 29. Nov 2011) >> $|creation_date=2009-12-21 07:14:17 +0100 (Mon, 21 Dec >> 2009)</tags><preference_count>-1</preference_count><timeout></timeout><checksum><algorithm>md5</algorithm>2397586ea5cd3a69f953836f7be9ef7b</checksum></nvt><nvt >> oid="1.3.6.1.4.1.25623.1.0.800585"><name>Adobe Reader/Acrobat Multiple >> BOF Vulnerabilities - Jun09 >> (Win)</name><category>infos</category><copyright>Copyright (C) 2009 >> Greenbone Networks GmbH</copyright><description> >> Overview: This host has Adobe Reader/Acrobat installed, which is/are >> prone to multiple buffer overflow vulnerabilities. >> Vulnerability >> lib xml-Message: asking for 1048576 >> lib xml-Message: Error: Error on line 498 char 18: Document ended >> unexpectedly with elements still open - 'description' was the last >> element opened >> lib xml-Message: End error: Error on line 498 char 18: Document >> ended unexpectedly with elements still open - 'description' was the >> last element opened >> Failed to read response.bperry@bperry-laptop:~/Downloads$ >> >> -- >> http://volatile-minds.blogspot.com -- blog >> http://www.volatileminds.net -- website > > > > -- > http://volatile-minds.blogspot.com -- blog > http://www.volatileminds.net -- website -- http://volatile-minds.blogspot.com -- blog http://www.volatileminds.net -- website _______________________________________________ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss
