Hello,
I came to know below error is because previous nasl script nvti had
line breaks in either tag_summary or tag_insight.
Tags=cvss_base=0.0|cvss_base_vector=AV:N/AC:L/Au:N/C:N/I:N/A:N|detection=remote
probe|last_modification=$Date: 2015-01-23 10:37:28 +0100 (Fri, 23 Jan 2015)
$|creation_date=2014-11-11 10:04:39 +0100 (Tue, 11 Nov 2014)|summary=The script
sends a connection\nrequest to the server and attempts to extract the version
number\nfrom the reply.
This problem is with new 2105 plugins updated from nvt sync.
Any idea, how to avoid this. Thanks in advance for your help.
Thanks
Prasadh.
From: Prasadh Nanjundan
Sent: Thursday, September 03, 2015 12:18 PM
To: '[email protected]'
Subject: openvasmd rebuild issue
Hello,
I am running recommend openvas version in Centos 5.7. My sqlite
version is sqlite-3.7.0.1-1.el5.art
[cid:[email protected]]
I am having trouble in rebuilding the openvasmd. When I tried to rebuild in
debug mode, below is the error. When I check the nasl script file for the OID
63730, we don't have any message like below, I don't know where this message
come from and why, any help much appreciated. Thanks in advance
md main: DEBUG:2015-09-03 06h02.57 utc :16961: sql: INSERT into nvts
(oid, version, name, summary, description, copyright, cve, bid, xref, tag,
sign_key_ids, category, family, cvss_base, risk_factor) VALUES ('A security
problem which may lead to unauthorized machine access
or code execution has been fixed by upgrading to rsync-2.5.7.
This problem only affects machines running rsync in daemon mode,
and is easier to exploit if the non-default option 'use chroot = no'
is used in the /etc/rsyncd.conf config file.
Any sites running an rsync server should upgrade immediately.
For complete information, see the rsync home page:
http://rsync.samba.org|summary=The remote host is missing an update as announced
via advisory SSA:2003-337-01.|qod_type=package|solution_type=VendorFix
1.3.6.1.4.1.25623.1.0.63730', '$Revision: 15 $', 'Debian Security Advisory DSA
1758-1 (nss-ldapd)', 'Debian Security Advisory DSA 1758-1 (nss-ldapd)', '
Summary:
The remote host is missing an update to nss-ldapd
announced via advisory DSA 1758-1.
Vulnerability Insight:
Leigh James that discovered that nss-ldapd, an NSS module for using
LDAP as a naming service, by default creates the configuration file
/etc/nss-ldapd.conf world-readable which could leak the configured
LDAP password if one is used for connecting to the LDAP server.
The old stable distribution (etch) doesn''t contain nss-ldapd.
For the stable distribution (lenny) this problem has been fixed in
version 0.6.7.1.
For the unstable distribution (sid) this problem has been fixed in
version 0.6.8.
We recommend that you upgrade your nss-ldapd package.
Solution:
https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201758-1',
'Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com', 'CVE-2009-1073',
'NOBID', 'NOXREF', 'check_type=authenticated package
test|last_modification=$Date: 2013-10-27 13:49:54 +0100 (Sun, 27 Oct 2013)
$|creation_date=2009-04-06 20:58:11 +0200 (Mon, 06 Apr
2009)|cvss_base_vector=AV:L/AC:L/Au:N/C:C/I:N/A:N', '48479FF648DB4530', 3,
'Debian Local Security Checks', '4.9', 'Medium');
md main:WARNING:2015-09-03 06h02.57 utc :16961: sql: sqlite3_prepare failed:
near "use": syntax error
md main:CRITICAL:2015-09-03 06h02.57 utc :16961: handle_sigabrt: abort
md main: DEBUG:2015-09-03 06h02.57 utc :16961: Cleaning up.
md main: DEBUG:2015-09-03 06h02.57 utc :16961: Exiting.
Thanks
Prasadh
-----------------------------------------------------------------
Prasadh Nanjundan
Software Engineer
Tel : 080-42613061
UBIqube Solutions : Agile Management Framework
www.ubiqube.com<http://www.ubiqube.com/> http://y2u.be/Nq3-ERkir5M
Confidentiality: This communication is intended for the above-named person and
may be confidential and/or legally privileged. If it has come to you in error
you must take no action based on it, nor must you copy or show it to anyone;
please delete/destroy and inform the sender immediately
_______________________________________________
Openvas-discuss mailing list
[email protected]
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
