Well the only thing I see is the NVT timeout error, which seems to happen fairly often on many different NVTs. I have added "plugins_timeout = 1500" in /etc/openvas/openvassd.conf to raise the default timeout. I suppose it should fix the issue for new scans ?
Thanks -----Original Message----- From: Christian Fischer <[email protected]> To: [email protected] Subject: Re: [Openvas-discuss] NVT with error severity level Date: Tue, 24 Jan 2017 08:40:17 +0100 Hi, On 23.01.2017 19:12, [email protected] wrote: > Hello, > > I'm trying to get a list of hosts vulnerable to a particular NVT. In this case, 1.3.6.1.4.1.25623.1.0.100610 (JBoss Enterprise Application Platform Multiple Vulnerabilities). Looking at this particular NVT in GSA, and clicking on the "Show scan results for this NVT" menu, takes me to the list of hosts vulnerable to this NVT, as expected. > > However, on the listing, the vulnerability appears with a severity set to "Error" on all vulnerable hosts (see attached screenshot if it goes through), while on the NVT page detail, the severity score is set to 5.0 (Medium). I also notice that the location is set to "General/TCP", while I would expect here to see the application port (8080). Is this a bug or am I missing something ? And in that particular case, are the results reliable ? > > Thank you > > System Info: > openvas-manager-6.0.9-0kali1 > openvas-scanner-5.0.7-3 > > On Kali Linux Rolling. All packages up to date. an "Error" severity mostly means that e.g. the NVT timed out after a specific time or similar. You can get this information if you open the Reports page for that specific report where the error happened: http://docs.greenbone.net/GSM-Manual/gos-3.1/en/scanning.html#reports Then open the "Report: Error Messages" link as shown on the "Different views of the same report." image. Regards,
_______________________________________________ Openvas-discuss mailing list [email protected] https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
