Re: [Openvas-discuss] Openvas-discuss Digest, Vol 104, Issue 3

[Prasadh Nanjundan]

Hi Antu Sanadi,



       Thanks for the reply.



I tried your command,I still get the same below error in openvasmd log.   Below 
highlighted part in red is a message, part of previous OID nvti file which is 
wrongly place in the query. I belive it is because of the line break.



OUTPUT of NVTI  file

=====================================================================================================================================================================================

[root@CENTOS openvas]# cat 
/var/cache/openvas/esoft_slk_ssa_2003_337_01.nasl.nvti



[NVT Info]

OID=1.3.6.1.4.1.25623.1.0.53876

Version=$Revision: 1535 $

Name=Slackware Advisory SSA:2003-337-01 rsync security update

Summary=Slackware Advisory SSA:2003-337-01 rsync security update

Description=NODESC

Copyright=Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com

Tags=creation_date=2012-09-11 01:34:21 +0200 (Tue, 11 Sep 
2012)|last_modification=$Date: 2015-08-05 07:57:26 +0200 (Wed, 05 Aug 2015) 
$|cvss_base=7.5|cvss_base_vector=AV:N/AC:L/Au:N/C:P/I:P/A:P|solution=https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2003-337-01|insight=Rsync
 is a file transfer client and server.\n\nA security problem which may lead to 
unauthorized machine access\nor code execution has been fixed by upgrading to 
rsync-2.5.7.\nThis problem only affects machines running rsync in daemon 
mode,\nand is easier to exploit if the non-default option 'use chroot = no'\nis 
used in the /etc/rsyncd.conf config file.\n\nAny sites running an rsync server 
should upgrade immediately.\n\nFor complete information, see the rsync home 
page:\n\nhttp://rsync.samba.org|summary=The remote host is missing an update as 
announced\nvia advisory 
SSA:2003-337-01.|qod_type=package|solution_type=VendorFix

Dependencies=gather-package-list.nasl

MandatoryKeys=login/SSH/success, ssh/login/slackpack

SignKeyIDs=48479FF648DB4530

Family=Slackware Local Security Checks

src=/var/lib/openvas/plugins/esoft_slk_ssa_2003_337_01.nasl

Category=3

[root@CENTOS openvas]#

========================================================================================================================================================================================





=======================================================================================================================================================================================

/var/log/openvas/openvasmd.log





md   main:  DEBUG:2015-09-04 10h25.16 utc :25392:    sql: INSERT into nvts 
(oid, version, name, summary, description, copyright, cve, bid, xref, tag, 
sign_key_ids, category, family, cvss_base, risk_factor) VALUES 
('1.3.6.1.4.1.25623.1.0.53876', '$Revision: 1535 $', 'Slackware Advisory 
SSA:2003-337-01 rsync security update', 'Slackware Advisory SSA:2003-337-01 
rsync security update', 'NODESC', 'Copyright (c) 2012 E-Soft Inc. 
http://www.securityspace.com', 'NOCVE', 'NOBID', 'NOXREF', 
'creation_date=2012-09-11 01:34:21 +0200 (Tue, 11 Sep 
2012)|last_modification=$Date: 2015-08-05 07:57:26 +0200 (Wed, 05 Aug 2015) 
$|cvss_base_vector=AV:N/AC:L/Au:N/C:P/I:P/A:P|solution=https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2003-337-01|insight=Rsync
 is a file transfer client and server.', '48479FF648DB4530', 3, 'Slackware 
Local Security Checks', '7.5', '');



md   main:  DEBUG:2015-09-04 10h25.16 utc :25392:    sql: INSERT into nvts 
(oid, version, name, summary, description, copyright, cve, bid, xref, tag, 
sign_key_ids, category, family, cvss_base, risk_factor) VALUES ('A security 
problem which may lead to unauthorized machine access

or code execution has been fixed by upgrading to rsync-2.5.7.

This problem only affects machines running rsync in daemon mode,

and is easier to exploit if the non-default option 'use chroot = no'

is used in the /etc/rsyncd.conf config file.



Any sites running an rsync server should upgrade immediately.



For complete information, see the rsync home page:



http://rsync.samba.org|summary=The remote host is missing an update as announced

via advisory SSA:2003-337-01.|qod_type=package|solution_type=VendorFix

1.3.6.1.4.1.25623.1.0.900340', '$Revision: 1128 $', 'Novell Multiple Products 
Version Detection', 'Set KB for the Version of Novell Products', '

  Summary:

  This script detects the installed version of Novell Products and sets the

result in KB.', 'Copyright (C) 2009 SecPod', 'NOCVE', 'NOBID', 'NOXREF', 
'cvss_base_vector=AV:N/AC:L/Au:N/C:N/I:N/A:N|last_modification=$Date: 
2015-04-02 14:15:23 +0200 (Thu, 02 Apr 2015) $|creation_date=2009-04-24 
16:23:28 +0200 (Fri, 24 Apr 2009)|detection=registry version check', 
'48479FF648DB4530', 3, 'Product detection', '0.0', 'None');



md   main:WARNING:2015-09-04 10h25.16 utc :25392: sql: sqlite3_prepare failed: 
near "use": syntax error



md   main:CRITICAL:2015-09-04 10h25.16 utc :25392: handle_sigabrt: abort



md   main:  DEBUG:2015-09-04 10h25.16 utc :25392:    Cleaning up.



md   main:  DEBUG:2015-09-04 10h25.16 utc :25392:    Exiting.



==============================================================================================================================================================================================



Thanks

Prasadh.



-----Original Message-----
From: Openvas-discuss [mailto:openvas-discuss-boun...@wald.intevation.org] On 
Behalf Of openvas-discuss-requ...@wald.intevation.org
Sent: Friday, September 04, 2015 3:30 PM
To: openvas-discuss@wald.intevation.org
Subject: Openvas-discuss Digest, Vol 104, Issue 3



Send Openvas-discuss mailing list submissions to

               
openvas-discuss@wald.intevation.org<mailto:openvas-discuss@wald.intevation.org>



To subscribe or unsubscribe via the World Wide Web, visit

               
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss



or, via email, send a message with subject or body 'help' to

               
openvas-discuss-requ...@wald.intevation.org<mailto:openvas-discuss-requ...@wald.intevation.org>



You can reach the person managing the list at

               
openvas-discuss-ow...@wald.intevation.org<mailto:openvas-discuss-ow...@wald.intevation.org>



When replying, please edit your Subject line so it is more specific than "Re: 
Contents of Openvas-discuss digest..."





Today's Topics:



   1. Re: openvasmd rebuild issue (Prasadh Nanjundan)

   2. Re: openvasmd rebuild issue (Chris)

   3. Re: openvasmd rebuild issue (Eero Volotinen)

   4. Re: openvasmd rebuild issue (Prasadh Nanjundan)

   5. Re: openvasmd rebuild issue (Antu Sanadi)





----------------------------------------------------------------------



Message: 1

Date: Thu, 3 Sep 2015 17:43:06 +0200

From: Prasadh Nanjundan <p...@ubiqube.com<mailto:p...@ubiqube.com>>

To: 
"openvas-discuss@wald.intevation.org<mailto:openvas-discuss@wald.intevation.org>"

               
<openvas-discuss@wald.intevation.org<mailto:openvas-discuss@wald.intevation.org>>

Subject: Re: [Openvas-discuss] openvasmd rebuild issue

Message-ID:

               
<558404461fb4f343ae569bbae753003901ae71d90...@vanuatu.ubiqube.com<mailto:558404461fb4f343ae569bbae753003901ae71d90...@vanuatu.ubiqube.com>>

Content-Type: text/plain; charset="us-ascii"



Hello,



       I came to know below error is because  previous nasl script nvti  had 
line breaks in  either tag_summary or tag_insight.



Tags=cvss_base=0.0|cvss_base_vector=AV:N/AC:L/Au:N/C:N/I:N/A:N|detection=remote 
probe|last_modification=$Date: 2015-01-23 10:37:28 +0100 (Fri, 23 Jan 2015) 
$|creation_date=2014-11-11 10:04:39 +0100 (Tue, 11 Nov 2014)|summary=The script 
sends a connection\nrequest to the server and attempts to extract the version 
number\nfrom the reply.



This problem is with new 2105 plugins updated from nvt sync.



   Any idea, how to avoid this.  Thanks in advance for your help.





Thanks

Prasadh.



From: Prasadh Nanjundan

Sent: Thursday, September 03, 2015 12:18 PM

To: 'openvas-discuss@wald.intevation.org'

Subject: openvasmd rebuild issue



Hello,



       I am running recommend openvas version in Centos 5.7.   My sqlite 
version is sqlite-3.7.0.1-1.el5.art



[cid:image001.png@01D0E686.8F92E7C0]



I am having trouble in rebuilding the openvasmd.  When I tried to rebuild in 
debug mode, below is the error.   When I check the nasl script file for the OID 
63730,  we don't have any message like below, I don't know where this message 
come from and why,    any help much appreciated.  Thanks in advance



md   main:  DEBUG:2015-09-03 06h02.57 utc :16961:    sql: INSERT into nvts 
(oid, version, name, summary, description, copyright, cve, bid, xref, tag, 
sign_key_ids, category, family, cvss_base, risk_factor) VALUES ('A security 
problem which may lead to unauthorized machine access

or code execution has been fixed by upgrading to rsync-2.5.7.

This problem only affects machines running rsync in daemon mode, and is easier 
to exploit if the non-default option 'use chroot = no'

is used in the /etc/rsyncd.conf config file.



Any sites running an rsync server should upgrade immediately.



For complete information, see the rsync home page:



http://rsync.samba.org|summary=The remote host is missing an update as 
announced via advisory SSA:2003-337-01.|qod_type=package|solution_type=VendorFix

1.3.6.1.4.1.25623.1.0.63730', '$Revision: 15 $', 'Debian Security Advisory DSA 
1758-1 (nss-ldapd)', 'Debian Security Advisory DSA 1758-1 (nss-ldapd)', '

Summary:

The remote host is missing an update to nss-ldapd announced via advisory DSA 
1758-1.

Vulnerability Insight:

Leigh James that discovered that nss-ldapd, an NSS module for using LDAP as a 
naming service, by default creates the configuration file /etc/nss-ldapd.conf 
world-readable which could leak the configured LDAP password if one is used for 
connecting to the LDAP server.



The old stable distribution (etch) doesn''t contain nss-ldapd.



For the stable distribution (lenny) this problem has been fixed in version 
0.6.7.1.



For the unstable distribution (sid) this problem has been fixed in version 
0.6.8.



We recommend that you upgrade your nss-ldapd package.

Solution:

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201758-1', 
'Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com', 'CVE-2009-1073', 
'NOBID', 'NOXREF', 'check_type=authenticated package 
test|last_modification=$Date: 2013-10-27 13:49:54 +0100 (Sun, 27 Oct 2013) 
$|creation_date=2009-04-06 20:58:11 +0200 (Mon, 06 Apr 
2009)|cvss_base_vector=AV:L/AC:L/Au:N/C:C/I:N/A:N', '48479FF648DB4530', 3, 
'Debian Local Security Checks', '4.9', 'Medium');



md   main:WARNING:2015-09-03 06h02.57 utc :16961: sql: sqlite3_prepare failed: 
near "use": syntax error



md   main:CRITICAL:2015-09-03 06h02.57 utc :16961: handle_sigabrt: abort



md   main:  DEBUG:2015-09-03 06h02.57 utc :16961:    Cleaning up.



md   main:  DEBUG:2015-09-03 06h02.57 utc :16961:    Exiting.





Thanks



Prasadh



-----------------------------------------------------------------

Prasadh Nanjundan

Software Engineer

Tel : 080-42613061

UBIqube Solutions :  Agile Management Framework 
www.ubiqube.com<http://www.ubiqube.com/<http://www.ubiqube.com%3chttp:/www.ubiqube.com/>>
 http://y2u.be/Nq3-ERkir5M



Confidentiality: This communication is intended for the above-named person and 
may be confidential and/or legally privileged. If it has come to you in error 
you must take no action based on it, nor must you copy or show it to anyone; 
please delete/destroy and inform the sender immediately





-------------- next part --------------

An HTML attachment was scrubbed...

URL: 
<http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20150903/0f218336/attachment-0001.html>

-------------- next part --------------

A non-text attachment was scrubbed...

Name: image001.png

Type: image/png

Size: 4263 bytes

Desc: image001.png

URL: 
<http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20150903/0f218336/attachment-0001.png>



------------------------------



Message: 2

Date: Thu, 3 Sep 2015 18:39:58 +0200

From: Chris <fisch....@gmx.de<mailto:fisch....@gmx.de>>

To: 
openvas-discuss@wald.intevation.org<mailto:openvas-discuss@wald.intevation.org>

Subject: Re: [Openvas-discuss] openvasmd rebuild issue

Message-ID: <55e877de.3030...@gmx.de<mailto:55e877de.3030...@gmx.de>>

Content-Type: text/plain; charset=windows-1252



Hi,



no issue here running sqlite3 3.8.7.1 from Debian Jessie.



> I am running recommend openvas version in Centos 5.7.   My sqlite

> version is sqlite-3.7.0.1-1.el5.art



The first thing probably would be to test this with a newer CentOS release 
providing an current version of sqlite3.





------------------------------



Message: 3

Date: Thu, 3 Sep 2015 20:46:50 +0300

From: Eero Volotinen <eero.voloti...@iki.fi<mailto:eero.voloti...@iki.fi>>

To: Prasadh Nanjundan <p...@ubiqube.com<mailto:p...@ubiqube.com>>

Cc: 
openvas-discuss@wald.intevation.org<mailto:openvas-discuss@wald.intevation.org>

Subject: Re: [Openvas-discuss] openvasmd rebuild issue

Message-ID:

               
<cabzzrxd9iz16pcqsmv-j-dcoxnrapjr0cosfp-y7trmycf1...@mail.gmail.com<mailto:cabzzrxd9iz16pcqsmv-j-dcoxnrapjr0cosfp-y7trmycf1...@mail.gmail.com>>

Content-Type: text/plain; charset="utf-8"



Please install centos 7 and latest stable version of openvas (8).



Eero

3.9.2015 6.44 ip. "Prasadh Nanjundan" 
<p...@ubiqube.com<mailto:p...@ubiqube.com>> kirjoitti:



> Hello,

>

>

>

>        I came to know below error is because  previous nasl script

> nvti  had line breaks in  either tag_summary or tag_insight.

>

>

>

> Tags=cvss_base=0.0|cvss_base_vector=AV:N/AC:L/Au:N/C:N/I:N/A:N|detecti

> on=remote

> probe|last_modification=$Date: 2015-01-23 10:37:28 +0100 (Fri, 23 Jan

> probe|2015)

> $|creation_date=2014-11-11 10:04:39 +0100 (Tue, 11 Nov

> 2014)|summary=The script sends a connection*\n*request to the server

> and attempts to extract the version number*\n*from the reply.

>

>

>

> This problem is with new 2105 plugins updated from nvt sync.

>

>

>

>    Any idea, how to avoid this.  Thanks in advance for your help.

>

>

>

>

>

> Thanks

>

> Prasadh.

>

>

>

> *From:* Prasadh Nanjundan

> *Sent:* Thursday, September 03, 2015 12:18 PM

> *To:* 'openvas-discuss@wald.intevation.org'

> *Subject:* openvasmd rebuild issue

>

>

>

> Hello,

>

>

>

>        I am running recommend openvas version in Centos 5.7.   My sqlite

> version is sqlite-3.7.0.1-1.el5.art

>

>

>

>

>

> I am having trouble in rebuilding the openvasmd.  When I tried to rebuild

> in debug mode, below is the error.   When I check the nasl script file for

> the OID *63730,  *we don?t have any message like below, I don?t know

> where this message come from and why,    any help much appreciated.  Thanks

> in advance

>

>

>

> *md   main:  DEBUG:2015-09-03 06h02.57 utc :16961:    sql: INSERT into

> nvts (oid, version, name, summary, description, copyright, cve, bid,

> xref, tag, sign_key_ids, category, family, cvss_base, risk_factor)

> VALUES ('A security problem which may lead to unauthorized machine

> access*

>

> *or code execution has been fixed by upgrading to rsync-2.5.7.*

>

> *This problem only affects machines running rsync in daemon mode,*

>

> *and is easier to exploit if the non-default option 'use chroot = no'*

>

> *is used in the /etc/rsyncd.conf config file.*

>

>

>

> *Any sites running an rsync server should upgrade immediately.*

>

>

>

> *For complete information, see the rsync home page:*

>

>

>

> *http://rsync.samba.org|summary=The remote host is missing an update

> as

> announced*

>

> *via advisory

> SSA:2003-337-01.|qod_type=package|solution_type=VendorFix*

>

> *1.3.6.1.4.1.25623.1.0.63730', '$Revision: 15 $', 'Debian Security

> Advisory DSA 1758-1 (nss-ldapd)', 'Debian Security Advisory DSA 1758-1

> (nss-ldapd)', '*

>

> *Summary:*

>

> *The remote host is missing an update to nss-ldapd*

>

> *announced via advisory DSA 1758-1.*

>

> *Vulnerability Insight:*

>

> *Leigh James that discovered that nss-ldapd, an NSS module for using*

>

> *LDAP as a naming service, by default creates the configuration file*

>

> */etc/nss-ldapd.conf world-readable which could leak the configured*

>

> *LDAP password if one is used for connecting to the LDAP server.*

>

>

>

> *The old stable distribution (etch) doesn''t contain nss-ldapd.*

>

>

>

> *For the stable distribution (lenny) this problem has been fixed in*

>

> *version 0.6.7.1.*

>

>

>

> *For the unstable distribution (sid) this problem has been fixed in*

>

> *version 0.6.8.*

>

>

>

> *We recommend that you upgrade your nss-ldapd package.*

>

> *Solution:*

>

> *https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201758-

> 1

> <https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201758-

> 1>', 'Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com

> <http://www.securityspace.com>', 'CVE-2009-1073', 'NOBID', 'NOXREF',

> 'check_type=authenticated package test|last_modification=$Date:

> 2013-10-27

> 13:49:54 +0100 (Sun, 27 Oct 2013) $|creation_date=2009-04-06 20:58:11

> +0200 (Mon, 06 Apr 2009)|cvss_base_vector=AV:L/AC:L/Au:N/C:C/I:N/A:N',

> '48479FF648DB4530', 3, 'Debian Local Security Checks', '4.9',

> 'Medium');*

>

>

>

> *md   main:WARNING:2015-09-03 06h02.57 utc :16961: sql: sqlite3_prepare

> failed: near "use": syntax error*

>

>

>

> *md   main:CRITICAL:2015-09-03 06h02.57 utc :16961: handle_sigabrt: abort*

>

>

>

> *md   main:  DEBUG:2015-09-03 06h02.57 utc :16961:    Cleaning up.*

>

>

>

> *md   main:  DEBUG:2015-09-03 06h02.57 utc :16961:    Exiting.*

>

>

>

>

>

> Thanks

>

>

>

> Prasadh

>

>

>

> -----------------------------------------------------------------

>

> *Prasadh Nanjundan*Software Engineer

>

> Tel : 080-42613061

> UBIqube Solutions :  *Agile Management Framework*

>

> www.ubiqube.com<http://www.ubiqube.com> http://y2u.be/Nq3-ERkir5M

>

>

>

> *Confidentiality*: This communication is intended for the above-named

> person and may be confidential and/or legally privileged. If it has

> come to you in error you must take no action based on it, nor must you

> copy or show it to anyone; please delete/destroy and inform the sender

> immediately

>

>

>

>

>

> _______________________________________________

> Openvas-discuss mailing list

> Openvas-discuss@wald.intevation.org<mailto:Openvas-discuss@wald.intevation.org>

> https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-dis

> cuss

>

-------------- next part --------------

An HTML attachment was scrubbed...

URL: 
<http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20150903/a3d53eb6/attachment-0001.html>

-------------- next part --------------

A non-text attachment was scrubbed...

Name: image001.png

Type: image/png

Size: 4263 bytes

Desc: not available

URL: 
<http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20150903/a3d53eb6/attachment-0001.png>



------------------------------



Message: 4

Date: Fri, 4 Sep 2015 09:32:06 +0200

From: Prasadh Nanjundan <p...@ubiqube.com<mailto:p...@ubiqube.com>>

To: Eero Volotinen <eero.voloti...@iki.fi<mailto:eero.voloti...@iki.fi>>

Cc: 
"openvas-discuss@wald.intevation.org<mailto:openvas-discuss@wald.intevation.org>"

               
<openvas-discuss@wald.intevation.org<mailto:openvas-discuss@wald.intevation.org>>

Subject: Re: [Openvas-discuss] openvasmd rebuild issue

Message-ID:

               
<558404461fb4f343ae569bbae753003901ae71d90...@vanuatu.ubiqube.com<mailto:558404461fb4f343ae569bbae753003901ae71d90...@vanuatu.ubiqube.com>>

Content-Type: text/plain; charset="utf-8"



Hello Eero,



        Thanks a lot for your prompt response.



I am in situation that I can?t upgrade to Centos 7 now, because we have many 
application running on the same platform 32 bit.



If I remove all new plugins, openvasmd rebuilds fine. But it doesn?t make sense 
to run scan without new plugins.



I just want check is there any quick workaround to avoid this rebuild issue. 
Thanks again for the help.







Thanks

Prasadh.



From: eero.t.voloti...@gmail.com<mailto:eero.t.voloti...@gmail.com> 
[mailto:eero.t.voloti...@gmail.com] On Behalf Of Eero Volotinen

Sent: Thursday, September 03, 2015 11:17 PM

To: Prasadh Nanjundan

Cc: 
openvas-discuss@wald.intevation.org<mailto:openvas-discuss@wald.intevation.org>

Subject: Re: [Openvas-discuss] openvasmd rebuild issue





Please install centos 7 and latest stable version of openvas (8).



Eero

3.9.2015 6.44 ip. "Prasadh Nanjundan" 
<p...@ubiqube.com<mailto:p...@ubiqube.com<mailto:p...@ubiqube.com%3cmailto:p...@ubiqube.com>>>
 kirjoitti:

Hello,



       I came to know below error is because  previous nasl script nvti  had 
line breaks in  either tag_summary or tag_insight.



Tags=cvss_base=0.0|cvss_base_vector=AV:N/AC:L/Au:N/C:N/I:N/A:N|detection=remote 
probe|last_modification=$Date: 2015-01-23 10:37:28 +0100 (Fri, 23 Jan 2015) 
$|creation_date=2014-11-11 10:04:39 +0100 (Tue, 11 Nov 2014)|summary=The script 
sends a connection\nrequest to the server and attempts to extract the version 
number\nfrom the reply.



This problem is with new 2105 plugins updated from nvt sync.



   Any idea, how to avoid this.  Thanks in advance for your help.





Thanks

Prasadh.



From: Prasadh Nanjundan

Sent: Thursday, September 03, 2015 12:18 PM

To: 
'openvas-discuss@wald.intevation.org<mailto:openvas-discuss@wald.intevation.org>'

Subject: openvasmd rebuild issue



Hello,



       I am running recommend openvas version in Centos 5.7.   My sqlite 
version is sqlite-3.7.0.1-1.el5.art



[cid:image001.png@01D0E706.E31EA200]



I am having trouble in rebuilding the openvasmd.  When I tried to rebuild in 
debug mode, below is the error.   When I check the nasl script file for the OID 
63730,  we don?t have any message like below, I don?t know where this message 
come from and why,    any help much appreciated.  Thanks in advance



md   main:  DEBUG:2015-09-03 06h02.57 utc :16961:    sql: INSERT into nvts 
(oid, version, name, summary, description, copyright, cve, bid, xref, tag, 
sign_key_ids, category, family, cvss_base, risk_factor) VALUES ('A security 
problem which may lead to unauthorized machine access

or code execution has been fixed by upgrading to rsync-2.5.7.

This problem only affects machines running rsync in daemon mode, and is easier 
to exploit if the non-default option 'use chroot = no'

is used in the /etc/rsyncd.conf config file.



Any sites running an rsync server should upgrade immediately.



For complete information, see the rsync home page:



http://rsync.samba.org|summary=The remote host is missing an update as 
announced via advisory SSA:2003-337-01.|qod_type=package|solution_type=VendorFix

1.3.6.1.4.1.25623.1.0.63730', '$Revision: 15 $', 'Debian Security Advisory DSA 
1758-1 (nss-ldapd)', 'Debian Security Advisory DSA 1758-1 (nss-ldapd)', '

Summary:

The remote host is missing an update to nss-ldapd announced via advisory DSA 
1758-1.

Vulnerability Insight:

Leigh James that discovered that nss-ldapd, an NSS module for using LDAP as a 
naming service, by default creates the configuration file /etc/nss-ldapd.conf 
world-readable which could leak the configured LDAP password if one is used for 
connecting to the LDAP server.



The old stable distribution (etch) doesn''t contain nss-ldapd.



For the stable distribution (lenny) this problem has been fixed in version 
0.6.7.1.



For the unstable distribution (sid) this problem has been fixed in version 
0.6.8.



We recommend that you upgrade your nss-ldapd package.

Solution:

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201758-1', 
'Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com', 'CVE-2009-1073', 
'NOBID', 'NOXREF', 'check_type=authenticated package 
test|last_modification=$Date: 2013-10-27 13:49:54 +0100 (Sun, 27 Oct 2013) 
$|creation_date=2009-04-06 20:58:11 +0200 (Mon, 06 Apr 
2009)|cvss_base_vector=AV:L/AC:L/Au:N/C:C/I:N/A:N', '48479FF648DB4530', 3, 
'Debian Local Security Checks', '4.9', 'Medium');



md   main:WARNING:2015-09-03 06h02.57 utc :16961: sql: sqlite3_prepare failed: 
near "use": syntax error



md   main:CRITICAL:2015-09-03 06h02.57 utc :16961: handle_sigabrt: abort



md   main:  DEBUG:2015-09-03 06h02.57 utc :16961:    Cleaning up.



md   main:  DEBUG:2015-09-03 06h02.57 utc :16961:    Exiting.





Thanks



Prasadh



-----------------------------------------------------------------

Prasadh Nanjundan

Software Engineer

Tel : 080-42613061

UBIqube Solutions :  Agile Management Framework 
www.ubiqube.com<http://www.ubiqube.com/<http://www.ubiqube.com%3chttp:/www.ubiqube.com/>>
 http://y2u.be/Nq3-ERkir5M



Confidentiality: This communication is intended for the above-named person and 
may be confidential and/or legally privileged. If it has come to you in error 
you must take no action based on it, nor must you copy or show it to anyone; 
please delete/destroy and inform the sender immediately







_______________________________________________

Openvas-discuss mailing list

Openvas-discuss@wald.intevation.org<mailto:Openvas-discuss@wald.intevation.org<mailto:Openvas-discuss@wald.intevation.org%3cmailto:Openvas-discuss@wald.intevation.org>>

https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

-------------- next part --------------

An HTML attachment was scrubbed...

URL: 
<http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20150904/5ca987ef/attachment-0001.html>

-------------- next part --------------

A non-text attachment was scrubbed...

Name: image001.png

Type: image/png

Size: 4263 bytes

Desc: image001.png

URL: 
<http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20150904/5ca987ef/attachment-0001.png>



------------------------------



Message: 5

Date: Fri, 4 Sep 2015 13:20:53 +0530

From: Antu Sanadi <sa...@secpod.com<mailto:sa...@secpod.com>>

To: 
openvas-discuss@wald.intevation.org<mailto:openvas-discuss@wald.intevation.org>

Subject: Re: [Openvas-discuss] openvasmd rebuild issue

Message-ID: <55e94d5d.9090...@secpod.com<mailto:55e94d5d.9090...@secpod.com>>

Content-Type: text/plain; charset="windows-1252"; Format="flowed"



Hi,



Try try,  openvasmd  --rebuild --listen 127.0.0.1 --progress



you can see here status of rebuild, (Rebuilding NVT cache... ) try 2 ore

3 times till it's get done.



Even if did  not work , Please let us know.



Thanks,

Antu Sanadi











On Friday 04 September 2015 01:02 PM, Prasadh Nanjundan wrote:

>

> Hello Eero,

>

> Thanks a lot for your prompt response.

>

> I am in situation that I can?t upgrade to Centos 7 now, because we

> have many application running on the same platform 32 bit.

>

> If I remove all new plugins, openvasmd rebuilds fine. But it doesn?t

> make sense to run scan without new plugins.

>

> I just want check is there any quick workaround to avoid this rebuild

> issue. Thanks again for the help.

>

> Thanks

>

> Prasadh.

>

> *From:*eero.t.voloti...@gmail.com [mailto:eero.t.voloti...@gmail.com]

> *On Behalf Of *Eero Volotinen

> *Sent:* Thursday, September 03, 2015 11:17 PM

> *To:* Prasadh Nanjundan

> *Cc:* 
> openvas-discuss@wald.intevation.org<mailto:openvas-discuss@wald.intevation.org>

> *Subject:* Re: [Openvas-discuss] openvasmd rebuild issue

>

> Please install centos 7 and latest stable version of openvas (8).

>

> Eero

>

> 3.9.2015 6.44 ip. "Prasadh Nanjundan" <p...@ubiqube.com

> <mailto:p...@ubiqube.com>> kirjoitti:

>

> Hello,

>

>        I came to know below error is because  previous nasl script

> nvti  had line breaks in  either tag_summary or tag_insight.

>

> Tags=cvss_base=0.0|cvss_base_vector=AV:N/AC:L/Au:N/C:N/I:N/A:N|detecti

> on=remote

> probe|last_modification=$Date: 2015-01-23 10:37:28 +0100 (Fri, 23 Jan

> 2015) $|creation_date=2014-11-11 10:04:39 +0100 (Tue, 11 Nov

> 2014)|summary=The script sends a connection*\n*request to the server

> and attempts to extract the version number*\n*from the reply.

>

> This problem is with new 2105 plugins updated from nvt sync.

>

>    Any idea, how to avoid this. Thanks in advance for your help.

>

> Thanks

>

> Prasadh.

>

> *From:*Prasadh Nanjundan

> *Sent:* Thursday, September 03, 2015 12:18 PM

> *To:* 'openvas-discuss@wald.intevation.org

> <mailto:openvas-discuss@wald.intevation.org>'

> *Subject:* openvasmd rebuild issue

>

> Hello,

>

> I am running recommend openvas version in Centos 5.7. My sqlite

> version is sqlite-3.7.0.1-1.el5.art

>

> I am having trouble in rebuilding the openvasmd.  When I tried to

> rebuild in debug mode, below is the error.   When I check the nasl

> script file for the OID *63730, *we don?t have any message like below,

> I don?t know where this message come from and why,    any help much

> appreciated.  Thanks in advance

>

> *md main:  DEBUG:2015-09-03 06h02.57 utc :16961:    sql: INSERT into

> nvts (oid, version, name, summary, description, copyright, cve, bid,

> xref, tag, sign_key_ids, category, family, cvss_base, risk_factor)

> VALUES ('A security problem which may lead to unauthorized machine

> access*

>

> *or code execution has been fixed by upgrading to rsync-2.5.7.*

>

> *This problem only affects machines running rsync in daemon mode,*

>

> *and is easier to exploit if the non-default option 'use chroot = no'*

>

> *is used in the /etc/rsyncd.conf config file.*

>

> **

>

> *Any sites running an rsync server should upgrade immediately.*

>

> **

>

> *For complete information, see the rsync home page:*

>

> **

>

> *http://rsync.samba.org|summary=The

> <http://rsync.samba.org%7Csummary=The> remote host is missing an

> update as announced*

>

> *via advisory

> SSA:2003-337-01.|qod_type=package|solution_type=VendorFix*

>

> *1.3.6.1.4.1.25623.1.0.63730', '$Revision: 15 $', 'Debian Security

> Advisory DSA 1758-1 (nss-ldapd)', 'Debian Security Advisory DSA 1758-1

> (nss-ldapd)', '*

>

> *Summary:*

>

> *The remote host is missing an update to nss-ldapd*

>

> *announced via advisory DSA 1758-1.*

>

> *Vulnerability Insight:*

>

> *Leigh James that discovered that nss-ldapd, an NSS module for using*

>

> *LDAP as a naming service, by default creates the configuration file*

>

> */etc/nss-ldapd.conf world-readable which could leak the configured*

>

> *LDAP password if one is used for connecting to the LDAP server.*

>

> **

>

> *The old stable distribution (etch) doesn''t contain nss-ldapd.*

>

> **

>

> *For the stable distribution (lenny) this problem has been fixed in*

>

> *version 0.6.7.1.*

>

> **

>

> *For the unstable distribution (sid) this problem has been fixed in*

>

> *version 0.6.8.*

>

> **

>

> *We recommend that you upgrade your nss-ldapd package.*

>

> *Solution:*

>

> *https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201758-

> 1', 'Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com',

> 'CVE-2009-1073', 'NOBID', 'NOXREF', 'check_type=authenticated package

> test|last_modification=$Date: 2013-10-27 13:49:54 +0100 (Sun, 27 Oct

> 2013) $|creation_date=2009-04-06 20:58:11 +0200 (Mon, 06 Apr

> 2009)|cvss_base_vector=AV:L/AC:L/Au:N/C:C/I:N/A:N',

> '48479FF648DB4530', 3, 'Debian Local Security Checks', '4.9',

> 'Medium');*

>

> **

>

> *md main:WARNING:2015-09-03 06h02.57 utc :16961: sql: sqlite3_prepare

> failed: near "use": syntax error*

>

> **

>

> *md main:CRITICAL:2015-09-03 06h02.57 utc :16961: handle_sigabrt:

> abort*

>

> **

>

> *md main:  DEBUG:2015-09-03 06h02.57 utc :16961: Cleaning up.*

>

> **

>

> *md main:  DEBUG:2015-09-03 06h02.57 utc :16961: Exiting.*

>

> Thanks

>

> Prasadh

>

> -----------------------------------------------------------------

> *Prasadh Nanjundan

> *Software Engineer

>

> Tel : 080-42613061

> UBIqube Solutions : /Agile Management Framework/

>

> www.ubiqube.com<http://www.ubiqube.com> 
> <http://www.ubiqube.com/>http://y2u.be/Nq3-ERkir5M

>

> *Confidentiality*: This communication is intended for the above-named

> person and may be confidential and/or legally privileged. If it has

> come to you in error you must take no action based on it, nor must you

> copy or show it to anyone; please delete/destroy and inform the sender

> immediately

>

>

> _______________________________________________

> Openvas-discuss mailing list

> Openvas-discuss@wald.intevation.org<mailto:Openvas-discuss@wald.intevation.org>

> <mailto:Openvas-discuss@wald.intevation.org>

> https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-dis

> cuss

>

>

>

> _______________________________________________

> Openvas-discuss mailing list

> Openvas-discuss@wald.intevation.org<mailto:Openvas-discuss@wald.intevation.org>

> https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-dis

> cuss





--

Saner Personal

A free vulnerability mitigation

software. Build strong defense.

http://www.secpod.com/saner-personal.html



-------------- next part --------------

An HTML attachment was scrubbed...

URL: 
<http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20150904/61cec419/attachment-0001.html>

-------------- next part --------------

A non-text attachment was scrubbed...

Name: not available

Type: image/png

Size: 4263 bytes

Desc: not available

URL: 
<http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20150904/61cec419/attachment-0001.png>



------------------------------



Subject: Digest Footer



_______________________________________________

Openvas-discuss mailing list

Openvas-discuss@wald.intevation.org<mailto:Openvas-discuss@wald.intevation.org>

https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss



------------------------------



End of Openvas-discuss Digest, Vol 104, Issue 3

***********************************************

_______________________________________________
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss