Hi Kevin,
I feel your pain. Version numbers actually change on Redhat and CentOS, but
they do not match the upstream versions. Myself ended up creating 100s of
overrides per host. For old CVEs which I'm sure got fixed, I do a global
override.
Once I had checked and created an override for all
trying to test the whether or not credentialed scans would affect the
CentOS issue I am having (as mentioned in the other thread), I have also
run into this. I don't often do credential scans, but when I do, they are
passphrase-protected keys. These worked previously, but they are failing
now.
That didn't work. First there wasn't a key_om.pem or cert_om.pem file in
there, there was an admin_key.pem and an admin_cert.pem file. I copied
those, successfully. Still didn't launch.
Attached is my log file.
How can I save the scheduled jobs and the tasks?
Randy Dover
*** Kevin T. Neely wrote:
As a result, I am running into an increasing number of false positives when
scanning CentOS systems
What kind of false positives? Please give some examples...
Micha
--
Michael Meyer OpenPGP Key: 0xAF069E9152A6EFA6
http://www.greenbone.net/
Hi Randy,
How can I start the OMP service?
How can I start the OpenVAS Manager?
OMP is part of the OpenVAS manager. The log file might tell you the
reason.
How can I see the OpenVAS Manager log file?
Depending on your installation, it's most likely /var/log/openvas/openvasmd.log
or
Are these authenticated or unauthenticated scans?
On Thu, Feb 5, 2015 at 12:22 PM, Kevin T. Neely ktne...@astroturfgarden.com
wrote:
Michael,
Pretty much any check that uses presented banner information on RedHat or
CentOS will trigger this. The one I was specifically looking at yesterday
Am 05.02.2015 um 19:22 schrieb Kevin T. Neely:
Pretty much any check that uses presented banner information on RedHat
or CentOS will trigger this. The one I was specifically looking at
yesterday is PHP version 5.3 5.3.6 (OID: 1.3.6.1.4.1.25623.1.0.110013)
which lists a large number of CVEs
We like to keep things interesting!
On Thu, Feb 5, 2015 at 10:31 AM, Reindl Harald h.rei...@thelounge.net
wrote:
Am 05.02.2015 um 19:22 schrieb Kevin T. Neely:
Pretty much any check that uses presented banner information on RedHat
or CentOS will trigger this. The one I was specifically
Michael,
Pretty much any check that uses presented banner information on RedHat or
CentOS will trigger this. The one I was specifically looking at yesterday
is PHP version 5.3 5.3.6 (OID: 1.3.6.1.4.1.25623.1.0.110013) which lists
a large number of CVEs from 2011, but we have applied the latest
Are these false positives still present when performing authenticated
scans? Or are you unable to do authenticated patch scans for
technical/political reasons?
On Thu, Feb 5, 2015 at 12:26 PM, Kevin T. Neely ktne...@astroturfgarden.com
wrote:
These are unauthenticated scans.
On Thu, Feb 5,
10 matches
Mail list logo
