Re: [Openvas-discuss] XML error when exporting CPE definitions

[Michael . Eissele]

Dear Christian,

thank you for bringing this to our attention,
we are looking into this and have created an internal ticket.
Thank you very much.

Cheers, Michael.


On 09.06.2017 13:05, Ebert, Christian wrote:

Hi everyone,

We use OpenVAS 8 with Debian 9.

I try to export the CPE definitions to xml using the statement:

omp --username=$ADM --password=$ADMPW -iX ""

Basically it works fine. I get a XML output with the CPE definitions.

But:

(Part of the XML-Result)

  



  




cpe:/a:chialab_&_channelweb:bedita:3.0.1.2550_"betula"

When filling the , the ampersand and the quote inside the name
are escaped. But in  they are not.

So all XML tools fail, when trying to process this XML-file.

Fixing all these missing quotes with an editor helps.

Could somebody look at this, please?

Best regards

Christian Ebert

Chief Security Analyst, CISM, T.I.S.P.

Head of Penetration Testing

QSC AG

Mathias-Brüggen-Straße 55

50829 Köln

T +49 221 669-8950

F +49 221 669-85950

M +49 163 6698950

christian.eb...@qsc.de [1]

http://www.qsc.de [2]

Besuchen Sie auch unser Blog unter http://blog.qsc.de [3]

Bitte finden Sie hier die handelsrechtlichen Pflichtangaben:

http://www.qsc.de/pflichtangaben [4]



Links:
--
[1] http://webmail.dn-systems.net/christian.eb...@qsc.de
[2] http://www.qsc.de/
[3] http://blog.qsc.de/
[4] http://www.qsc.de/pflichtangaben

___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss


___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] SCAP / CERT Databases missing

[Michael . Eissele]

Dear Thijs,

sorry, i thought we was dealing with sqlite here.
No problem, maybe the issue will be gone with next update already,
as this should launch a rebuild for cert.db and hopefully getting it 
back

into a consistant state.


Cheers,
Michael.


On 09.06.2017 10:09, Thijs Stuurman wrote:

Michael,

Thank you for the reply and information.
I am however running a PostgreSQL backend.

Since everything else works and I don't see what I am missing really,
I am reluctant to mess with things at this moment.
I might give it a try later but looking at my schedule and vacaction
planning, I don't see much time for it in the coming weeks.


Thijs Stuurman
Security Operations Center | KPN Internedservices
thijs.stuur...@internedservices.nl | thijs.stuur...@kpn.com
T: +31(0)299476185 | M: +31(0)624366778
PGP Key-ID: 0x16ADC048 (https://pgp.surfnet.nl/)
Fingerprint: 2EDB 9B42 D6E8 7D4B 6E02 8BE5 6D46 8007 16AD C048

W: https://www.internedservices.nl | L: 
http://nl.linkedin.com/in/thijsstuurman



-Oorspronkelijk bericht-
Van: michael.eiss...@greenbone.net 
[mailto:michael.eiss...@greenbone.net]

Verzonden: donderdag 8 juni 2017 22:16
Aan: Thijs Stuurman 
CC: openvas-discuss@wald.intevation.org
Onderwerp: RE: [Openvas-discuss] SCAP / CERT Databases missing

Dear Thijs,

thank you for reaching back.
I am sorry for the missing field on WebGUI, i have currently no
OpenVAS installation at hand to try out.
We go an alternate way for this later.

Here is a guide, that covers the recreation of a clean CERT DB:


Please run the following commands as root user:

service openvas-manager stop
mkdir /var/lib/openvas/cert-data/bak
mv /var/lib/openvas/cert-data/cert.db /var/lib/openvas/cert-data/bak/
mv /var/lib/openvas/cert-data/timestamp*
/var/lib/openvas/cert-data/bak/ service openvas-manager start

Now we would need to trigger a Feedsync. By that, a new cert.db file
(and the timestamp files) will be created.
(please check with: ' ls -lah /var/lib/openvas/cert-data/cert.db ')

Please asure the feedsync has completed before taking next steps!

After the Feedsync has completed, please run the following commands,
preferable via copy&paste:

chmod 640 /var/lib/openvas/cert-data/cert.db
sqlite3 /var/lib/openvas/cert-data/cert.db 'PRAGMA journal_mode=WAL'

Now reboot the machine and see if the problem has solved.
If so, we would next go and remove the ../bak folder like this:

cd /var/lib/openvas/cert-data
rm -r bak

Explanation:
Withing this guide, we backup the current state, and remove the db
from it's original location.
The scanner will then think he has this db missing and therefore
creates a new one. This process is triggered by running a feedupdate.
With a newly created certs.db the problem should be gone.

Cheers,
Michael.



On 08.06.2017 10:52, Thijs Stuurman wrote:

Michael,

Outputs:

"""

~# ls -lah /opt/openvas/var/lib/openvas/cert-data/
/opt/openvas/var/lib/openvas/scap-data/

/opt/openvas/var/lib/openvas/cert-data/:

total 35M

drwxr-xr-x 2 root root 4.0K May 11 16:49 .

drwxr-xr-x 10 root root 4.0K May 10 10:12 ..

-rw-r--r-- 1 root root 1.4M Nov 29 2016 CB-K13.xml

-rw-r--r-- 1 root root 181 May 11 08:08 CB-K13.xml.asc

-rw-r--r-- 1 root root 4.6M Jan 25 09:59 CB-K14.xml

-rw-r--r-- 1 root root 181 May 11 08:08 CB-K14.xml.asc

-rw-r--r-- 1 root root 5.9M Jan 25 09:59 CB-K15.xml

-rw-r--r-- 1 root root 181 May 11 08:08 CB-K15.xml.asc

-rw-r--r-- 1 root root 7.9M Jan 25 09:59 CB-K16.xml

-rw-r--r-- 1 root root 181 May 11 08:08 CB-K16.xml.asc

-rw-r--r-- 1 root root 551K Jan 25 09:59 CB-K17.xml

-rw-r--r-- 1 root root 181 May 11 08:08 CB-K17.xml.asc

-rw-r--r-- 1 root root 25K May 11 16:49 cert.db

-rw-r--r-- 1 root root 1.1K Sep 20 2016 COPYING

-rw-r--r-- 1 root root 181 May 11 08:08 COPYING.asc

-rw-r--r-- 1 root root 3.0K Sep 20 2016 dfn-cert-2008.xml

-rw-r--r-- 1 root root 181 May 11 08:08 dfn-cert-2008.xml.asc

-rw-r--r-- 1 root root 662K Sep 20 2016 dfn-cert-2009.xml

-rw-r--r-- 1 root root 181 May 11 08:08 dfn-cert-2009.xml.asc

-rw-r--r-- 1 root root 1.4M Sep 20 2016 dfn-cert-2010.xml

-rw-r--r-- 1 root root 181 May 11 08:08 dfn-cert-2010.xml.asc

-rw-r--r-- 1 root root 1.6M Sep 20 2016 dfn-cert-2011.xml

-rw-r--r-- 1 root root 181 May 11 08:08 dfn-cert-2011.xml.asc

-rw-r--r-- 1 root root 1.7M Sep 20 2016 dfn-cert-2012.xml

-rw-r--r-- 1 root root 181 May 11 08:08 dfn-cert-2012.xml.asc

-rw-r--r-- 1 root root 1.6M Nov 7 2016 dfn-cert-2013.xml

-rw-r--r-- 1 root root 181 May 11 08:08 dfn-cert-2013.xml.asc

-rw-r--r-- 1 root root 1.5M Apr 13 08:53 dfn-cert-2014.xml

-rw-r--r-- 1 root root 181 May 11 08:08 dfn-cert-2014.xml.asc

-rw-r--r-- 1 root root 2.0M May 10 07:52 dfn-cert-2015.xml

-rw-r--r-- 1 root root 181 May 11 08:08 dfn-cert-2015.xml.asc

-rw-r--r-- 1 root root 2.6M May 11 08:08 dfn-cert-2016.xml

-rw-r--r-- 1 root root 181 May 11 08:08 dfn-cert-2016.xml.asc

-rw-r--r-- 1 root root 1.1M May 11 08:08 dfn-cert-2017.xml

-rw-r--r

Re: [Openvas-discuss] cant run scheduled task

[Christian Fischer]

Hi,

On 09.06.2017 10:58, Eli Migdal - TowerWatch Solutions wrote:
> Hi,
> 
> What is the procedure to remove and reinstall while keeping the data safe?

CCing the openvas-discuss ML. Some one there might be able to answer
your question.

> Thank you
> 
> Eli Migdal -  TowerWatch Solutions - Sent from mobile

Regards,

> 
> From: Christian Fischer 
> Sent: 8 Jun 2017 23:30
> To: openvas-discuss@wald.intevation.org
> Subject: Re: [Openvas-discuss] cant run scheduled task
> 
> Hi,
> 
> On 07.06.2017 12:34, Eli Migdal - TowerWatch Solutions wrote:
>> Hello Everyone,
>>
>> I have OPENVAS9 on Kali,
>> And no matter what I try - I can't run a scheduled task, manual tasks works 
>> ok but not scheduled,
>>
>> This is the error I get:
>>
>> Any advice on how to fix ?
> 
> there was a user in IRC yesterday reporting that switching from the Kali
> builds to the Ubuntu 16.04 builds of:
> 
> https://launchpad.net/~mrazavi/+archive/ubuntu/openvas
> 
> fixed such issues.
> 
>> Getting this errors:
>> manage_schedule: child failed
>> md manage:WARNING:2017-06-05 14h28.21 utc:3841: reschedule_task: 
>> rescheduling task '06fa198f-d961-4691-8f73-15967cdfb3c2'
>> md manage:WARNING:2017-06-05 14h28.37 utc:3844: manage_schedule: child failed
>> md manage:WARNING:2017-06-05 14h28.37 utc:3844: reschedule_task: 
>> rescheduling task '06fa198f-d961-4691-8f73-15967cdfb3c2'
>> md manage:WARNING:2017-06-05 14h28.52 utc:3847: manage_schedule: child failed
>> md manage:WARNING:2017-06-05 14h28.52 utc:3847: reschedule_task: 
>> rescheduling task '06fa198f-d961-4691-8f73-15967cdfb3c2'
>> md manage:WARNING:2017-06-05 14h29.08 utc:3850: manage_schedule: child failed
>> md manage:WARNING:2017-06-05 14h29.08 utc:3850: reschedule_task: 
>> rescheduling task '06fa198f-d961-4691-8f73-15967cdfb3c2'
>> md manage:WARNING:2017-06-05 14h29.23 utc:3853: manage_schedule: child failed
>> md manage:WARNING:2017-06-05 14h29.23 utc:3853: reschedule_task: 
>> rescheduling task '06fa198f-d961-4691-8f73-15967cdfb3c2'
>> md manage:WARNING:2017-06-05 14h29.39 utc:3856: manage_schedule: child failed
>> md manage:WARNING:2017-06-05 14h29.39 utc:3856: reschedule_task: 
>> rescheduling task '06fa198f-d961-4691-8f73-15967cdfb3c2'
>> md manage:WARNING:2017-06-05 14h29.54 utc:3859: manage_schedule: child failed
>> md manage:WARNING:2017-06-05 14h29.54 utc:3859: reschedule_task: 
>> rescheduling task '06fa198f-d961-4691-8f73-15967cdfb3c2'
>> md manage:WARNING:2017-06-05 14h30.10 utc:3862: manage_schedule: child failed
>> md manage:WARNING:2017-06-05 14h30.10 utc:3862: reschedule_task: 
>> rescheduling task '06fa198f-d961-4691-8f73-15967cdfb3c2'
>> md manage:WARNING:2017-06-05 14h30.25 utc:3865: manage_schedule: child failed
>> md manage:WARNING:2017-06-05 14h30.25 utc:3865: reschedule_task: 
>> rescheduling task '06fa198f-d961-4691-8f73-15967cdfb3c2'
>>
>>
>>
>>
>> ___
>> Openvas-discuss mailing list
>> Openvas-discuss@wald.intevation.org
>> https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
>>
> 
> --
> 
> Christian Fischer | PGP Key: 0x54F3CE5B76C597AD
> Greenbone Networks GmbH | http://greenbone.net
> Neumarkt 12, 49074 Osnabrück, Germany | AG Osnabrück, HR B 202460
> Geschäftsführer: Lukas Grunwald, Dr. Jan-Oliver Wagner
> ___
> Openvas-discuss mailing list
> Openvas-discuss@wald.intevation.org
> https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
> 

-- 

Christian Fischer | PGP Key: 0x54F3CE5B76C597AD
Greenbone Networks GmbH | http://greenbone.net
Neumarkt 12, 49074 Osnabrück, Germany | AG Osnabrück, HR B 202460
Geschäftsführer: Lukas Grunwald, Dr. Jan-Oliver Wagner
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Target MAC Address

[Turner,Jonas]

My guess would be a definite no.  is there a reason you wanted to scan the MAC 
over an IP address?

From: Openvas-discuss [mailto:openvas-discuss-boun...@wald.intevation.org] On 
Behalf Of Brent Vertin
Sent: Friday, June 09, 2017 1:02 PM
To: openvas-discuss@wald.intevation.org
Subject: [Openvas-discuss] Target MAC Address

Will OpenVAS allow you to scan a target via MAC address instead of by IP 
address?

Thanks.
Brent

[https://ipmcdn.avast.com/images/icons/icon-envelope-tick-round-orange-animated-no-repeat-v1.gif]

Virus-free. 
www.avast.com




___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

[Openvas-discuss] Target MAC Address

[Brent Vertin]

Will OpenVAS allow you to scan a target via MAC address instead of by IP
address?

Thanks.
Brent


Virus-free.
www.avast.com

<#DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2>
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

[Openvas-discuss] XML error when exporting CPE definitions

[Ebert, Christian]

Hi everyone,

 

We use OpenVAS 8 with Debian 9.

 

I try to export the CPE definitions to xml using the statement:

 

omp --username=$ADM --password=$ADMPW -iX ""

 

Basically it works fine. I get a XML output with the CPE definitions.

 

But:

(Part of the XML-Result)

 

  



  



 
cpe:/a:chialab_&_channelweb:bedita:3.0.1.2550_"betula"

 

When filling the , the ampersand and the quote inside the name are
escaped. But in  they are not.

 

So all XML tools fail, when trying to process this XML-file.

 

Fixing all these missing quotes with an editor helps. 

 

Could somebody look at this, please?

 

Best regards

 

Christian Ebert

Chief Security Analyst, CISM, T.I.S.P.

Head of Penetration Testing

 

QSC AG

Mathias-Brüggen-Straße 55

50829 Köln

 

T   +49 221 669-8950

F   +49 221 669-85950

M   +49 163 6698950

christian.eb...@qsc.de

http://  www.qsc.de 

 

Besuchen Sie auch unser Blog unter   http://blog.qsc.de


Bitte finden Sie hier die handelsrechtlichen Pflichtangaben:

  http://www.qsc.de/pflichtangaben

 



smime.p7s
Description: S/MIME cryptographic signature
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] nic definition blanked for all tasks if undefined in Web UI dialog for a single NEW task during creation

[Ebert, Christian]

Hi everyone,

we experienced exactly the same problem here. It happens in OpenVAS 8 (Debian8, 
Debian 9) as well as in OpenVAS 9 (Kali rolling release).

I did report that to this mailing list, but didn't get any response.

Best regards

Christian Ebert
Chief Security Analyst, CISM, T.I.S.P.
Head of Penetration Testing
 
QSC AG
Mathias-Brüggen-Straße 55
50829 Köln
 
T  +49 221 669-8950
F  +49 221 669-85950
M  +49 163 6698950
christian.eb...@qsc.de
http://www.qsc.de 
 
Besuchen Sie unsere Blogs:
Corporate Blog unter http://blog.qsc.de 
Themen-Blog zur Digitalisierung unter http://digitales-wirtschaftswunder.de

 
Bitte finden Sie hier die handelsrechtlichen Pflichtangaben:
http://www.qsc.de/pflichtangaben
 

Am 09.06.2017 um 08:46 schrieb r.m6 :

Dear openVAS Community,

we are using an openVAS 8 installation (ubuntu 16.04 server) with
multiple scan interfaces (eth0, gre1, gre2) for vulnerability scanning.

Some tasks are configured for "Network Source Interface" (in the Web UI
"Edit Task" dialog) eth0, some others for gre

We have observed that if the field "Network Source Interface" is (by
accident) left blank when creating a new or editing an existing task,
openVAS resets ALL other existing tasks for all OTHER openVAS user
accounts on this openVAS instance to blank. This results in scanning
from eth0 (the default) for ALL existing tasks - which is extremely
annoying for scheduled tasks because the results are messed up, alerts
are sent (because of the changed scan score) and each user has to repair
each single task.

Did anyone else observe this behavior or - preferred :) - has a solution
for this problem?

Many thanks in advance!

___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss


smime.p7s
Description: S/MIME cryptographic signature
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] SCAP / CERT Databases missing

[Thijs Stuurman]

Michael,

Thank you for the reply and information.
I am however running a PostgreSQL backend.

Since everything else works and I don't see what I am missing really, I am 
reluctant to mess with things at this moment.
I might give it a try later but looking at my schedule and vacaction planning, 
I don't see much time for it in the coming weeks.


Thijs Stuurman
Security Operations Center | KPN Internedservices
thijs.stuur...@internedservices.nl | thijs.stuur...@kpn.com
T: +31(0)299476185 | M: +31(0)624366778
PGP Key-ID: 0x16ADC048 (https://pgp.surfnet.nl/)
Fingerprint: 2EDB 9B42 D6E8 7D4B 6E02 8BE5 6D46 8007 16AD C048

W: https://www.internedservices.nl | L: http://nl.linkedin.com/in/thijsstuurman


-Oorspronkelijk bericht-
Van: michael.eiss...@greenbone.net [mailto:michael.eiss...@greenbone.net] 
Verzonden: donderdag 8 juni 2017 22:16
Aan: Thijs Stuurman 
CC: openvas-discuss@wald.intevation.org
Onderwerp: RE: [Openvas-discuss] SCAP / CERT Databases missing

Dear Thijs,

thank you for reaching back.
I am sorry for the missing field on WebGUI, i have currently no OpenVAS 
installation at hand to try out.
We go an alternate way for this later.

Here is a guide, that covers the recreation of a clean CERT DB:


Please run the following commands as root user:

service openvas-manager stop
mkdir /var/lib/openvas/cert-data/bak
mv /var/lib/openvas/cert-data/cert.db /var/lib/openvas/cert-data/bak/ mv 
/var/lib/openvas/cert-data/timestamp* /var/lib/openvas/cert-data/bak/ service 
openvas-manager start

Now we would need to trigger a Feedsync. By that, a new cert.db file (and the 
timestamp files) will be created.
(please check with: ' ls -lah /var/lib/openvas/cert-data/cert.db ')

Please asure the feedsync has completed before taking next steps!

After the Feedsync has completed, please run the following commands, preferable 
via copy&paste:

chmod 640 /var/lib/openvas/cert-data/cert.db
sqlite3 /var/lib/openvas/cert-data/cert.db 'PRAGMA journal_mode=WAL'

Now reboot the machine and see if the problem has solved.
If so, we would next go and remove the ../bak folder like this:

cd /var/lib/openvas/cert-data
rm -r bak

Explanation:
Withing this guide, we backup the current state, and remove the db from it's 
original location.
The scanner will then think he has this db missing and therefore creates a new 
one. This process is triggered by running a feedupdate. With a newly created 
certs.db the problem should be gone.

Cheers,
Michael.



On 08.06.2017 10:52, Thijs Stuurman wrote:
> Michael,
> 
> Outputs:
> 
> """
> 
> ~# ls -lah /opt/openvas/var/lib/openvas/cert-data/
> /opt/openvas/var/lib/openvas/scap-data/
> 
> /opt/openvas/var/lib/openvas/cert-data/:
> 
> total 35M
> 
> drwxr-xr-x 2 root root 4.0K May 11 16:49 .
> 
> drwxr-xr-x 10 root root 4.0K May 10 10:12 ..
> 
> -rw-r--r-- 1 root root 1.4M Nov 29 2016 CB-K13.xml
> 
> -rw-r--r-- 1 root root 181 May 11 08:08 CB-K13.xml.asc
> 
> -rw-r--r-- 1 root root 4.6M Jan 25 09:59 CB-K14.xml
> 
> -rw-r--r-- 1 root root 181 May 11 08:08 CB-K14.xml.asc
> 
> -rw-r--r-- 1 root root 5.9M Jan 25 09:59 CB-K15.xml
> 
> -rw-r--r-- 1 root root 181 May 11 08:08 CB-K15.xml.asc
> 
> -rw-r--r-- 1 root root 7.9M Jan 25 09:59 CB-K16.xml
> 
> -rw-r--r-- 1 root root 181 May 11 08:08 CB-K16.xml.asc
> 
> -rw-r--r-- 1 root root 551K Jan 25 09:59 CB-K17.xml
> 
> -rw-r--r-- 1 root root 181 May 11 08:08 CB-K17.xml.asc
> 
> -rw-r--r-- 1 root root 25K May 11 16:49 cert.db
> 
> -rw-r--r-- 1 root root 1.1K Sep 20 2016 COPYING
> 
> -rw-r--r-- 1 root root 181 May 11 08:08 COPYING.asc
> 
> -rw-r--r-- 1 root root 3.0K Sep 20 2016 dfn-cert-2008.xml
> 
> -rw-r--r-- 1 root root 181 May 11 08:08 dfn-cert-2008.xml.asc
> 
> -rw-r--r-- 1 root root 662K Sep 20 2016 dfn-cert-2009.xml
> 
> -rw-r--r-- 1 root root 181 May 11 08:08 dfn-cert-2009.xml.asc
> 
> -rw-r--r-- 1 root root 1.4M Sep 20 2016 dfn-cert-2010.xml
> 
> -rw-r--r-- 1 root root 181 May 11 08:08 dfn-cert-2010.xml.asc
> 
> -rw-r--r-- 1 root root 1.6M Sep 20 2016 dfn-cert-2011.xml
> 
> -rw-r--r-- 1 root root 181 May 11 08:08 dfn-cert-2011.xml.asc
> 
> -rw-r--r-- 1 root root 1.7M Sep 20 2016 dfn-cert-2012.xml
> 
> -rw-r--r-- 1 root root 181 May 11 08:08 dfn-cert-2012.xml.asc
> 
> -rw-r--r-- 1 root root 1.6M Nov 7 2016 dfn-cert-2013.xml
> 
> -rw-r--r-- 1 root root 181 May 11 08:08 dfn-cert-2013.xml.asc
> 
> -rw-r--r-- 1 root root 1.5M Apr 13 08:53 dfn-cert-2014.xml
> 
> -rw-r--r-- 1 root root 181 May 11 08:08 dfn-cert-2014.xml.asc
> 
> -rw-r--r-- 1 root root 2.0M May 10 07:52 dfn-cert-2015.xml
> 
> -rw-r--r-- 1 root root 181 May 11 08:08 dfn-cert-2015.xml.asc
> 
> -rw-r--r-- 1 root root 2.6M May 11 08:08 dfn-cert-2016.xml
> 
> -rw-r--r-- 1 root root 181 May 11 08:08 dfn-cert-2016.xml.asc
> 
> -rw-r--r-- 1 root root 1.1M May 11 08:08 dfn-cert-2017.xml
> 
> -rw-r--r-- 1 root root 181 May 11 08:08 dfn-cert-2017.xml.asc
> 
> -rw-r--r-- 1 root root 2.0K May 11 08:08 sha1sums
> 
> -rw-r--r-- 1 

[Openvas-discuss] BUG?: check_omp - override switch not working as expected

[AM2]

Hi all,

I recently upgraded openvas from v8 to v9.
We monitor the scan results with check_omp from icinga/check_mk.
False positives are filtered via overrides by openvas.

Before the upgrade, check_omp showed the correct results, including the applied 
overrides.
After the upgrade the overrides are ignored and I get critical/warning alerts 
for most of our machines.

Example:
--
check_omp -H myopenvasserver --verbose --status --last-report --overrides=1 
--username=myuser --password=mypass --task=mytask --details
Will try to connect to host myopenvasserver, port 9390...
OMP CRITICAL: 7 vulnerabilities found - High: 1 Medium: 5 Low: 1
Report did contain 1 errors
|High=1 Medium=5 Low=1
GSM_Host: myopenvasserver:9390
OMP_User: myuser
Task: mytask
Command failed
--

The „--override=1“ switch seems to have no influence anymore. Additionally the 
command shows the infos “Report did contain 1 errors” and “command failed”. I 
have no idea what could be the report error and what failed exactly or how to 
debug that.
I installed openvas 9 twice from scratch, all default settings, fresh db, no 
imports, no migration, but same behavior.

Do I miss something obvious? Someone having the same problem or can confirm it 
as a bug (check_omp can be run locally, you don’t have to have icinga to do a 
test)?

If it is a bug, is this the right place to post or is there a better place?

System Infos:
-
Debian 8.8 Jessie
OpenVAS Manager 7.0.1 / Manager DB revision 184
OpenVAS Scanner 5.1.1
OMP Command Line Interface 1.4.5
Check-OMP Nagios Command Plugin 1.4.5

Kind Regards
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss