Hello,
On 06/22/2015 06:29 PM, Jan-Oliver Wagner wrote:
On Montag, 22. Juni 2015, Public Account wrote:
On another hand, the NVT has links to the CVEs, and if you follow them it
says:
"This CVE was not found in the database. This is not necessarily an error
[...] will appear in the database."
If I need that information now (and the information is available in NVD and
mitre), should I insert the CVE mannually and then remove it when it comes
in the feed? Shoul I contribute to the feed (how)?
What is the reccomended approach?
well, wait for it to appear. We run the SCAP update for the OpenVAS community
feed not on a daily basis as it would blow up our download service.
However, I doubt this is your current problem.
Can you provide a sample CVE where you oberserved this case?
I tried for CVE-2015-0051 and the CVE information is present in
my database.
If you like, you can check here for presence: https://secinfo.greenbone.net
If you don't find it there, then indeed a feed uptodateness issue is present.
If you find it there, but not in your OpenVAS, check the publication date.
If like for CVE-2015-0051 it is a very old one (from Feb 2015), then something
in your installation must be wrong about the updating as it should be in the
OpenVAS Feed since a long time.
I agree with Jan here. The CVEs you listed should be in the feed
already, so it looks like there is something wrong with your local SCAP
database.
Assuming you are using SQLite as the database backend, you can try
fixing this by deleting the scap.db file (found in
"$PREFIX/var/lib/openvas/scap-data/", with "$PREFIX" being the prefix of
your OpenVAS installation) and running openvas-scapdata-sync again.
If you encounter an issue like this again, please let us know.
Best regards
Timo Pollmeier
--
Timo Pollmeier | Greenbone Networks GmbH | http://www.greenbone.net/
Neuer Graben 17, 49074 Osnabrück, Germany | AG Osnabrück, HR B 202460
Executive Directors: Lukas Grunwald, Dr. Jan-Oliver Wagner
_______________________________________________
Openvas-discuss mailing list
[email protected]
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
