Scans using both stock and customized scan configurations produce results with no vulnerability title, which cannot be expanded within the GSA report display. XML report format has mostly empty <nvt> section. One example plugin oid is 1.3.6.1.4.1.25623.1.0.103440:
<result id="2635fad3-c1a2-461b-9f9c-205343c89c8c"><user_tags><count>0</count></user_tags><host>10.0.0.14</host><port>443/tcp</port><nvt oid="1.3.6.1.4.1.25623.1.0.103440"><name/><family/><cvss_base/><cve/><bid/><tags/><cert/><xref/></nvt><scan_nvt_version>$Revision: 733 $</scan_nvt_version><threat>Medium</threat><severity>4.3</severity><description>Weak ciphers offered by this service:
SSL3_RSA_RC4_128_MD5
SSL3_RSA_RC4_128_SHA
SSL3_RSA_WITH_SEED_SHA
SSL3_ECDHE_RSA_WITH_RC4_128_SHA
TLS1_RSA_RC4_128_MD5
TLS1_RSA_RC4_128_SHA
TLS1_ECDHE_RSA_WITH_RC4_128_SHA</description><original_threat>Medium</original_threat><original_severity>4.3</original_severity><notes/><overrides/></result>
Environment is
* CentOS 6.5 32-bit with selinux disabled
* VirtualBox virtual machine (boot from USB with raw VMDK link; also
tested on bare metal hardware booting from same USB device)
* OpenVAS installed from Atomic repo
(openvas-cli-1.3.1-6.el6.art.i686, openvas-1.0-15.el6.art.noarch,
openvas-scanner-4.0.6-19.el6.art.i686,
openvas-manager-5.0.9-28.el6.art.i686,
openvas-libraries-7.0.9-18.el6.art.i686)
* All software up to date (recent yum -y update)
* Plugins fully up to date and synchronized using
o [services down]
o openvasad --sync-feed
o openvas-scapdata-sync
o openvasmd --update
o [services up]
<<attachment: arob.vcf>>
_______________________________________________ Openvas-discuss mailing list [email protected] https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
