Re: [Openvas-discuss] Openvas scanner won't start

Hi, I know they read the list. Sometimes it takes some time, but they read it. Best regards Christian Ebert Chief Security Analyst, CISM, T.I.S.P. Head of Penetration Testing QSC AG Mathias-Brüggen-Straße 55 50829 Köln T +49 221 669-8950 F +49 221 669-85950 M +49

Re: [Openvas-discuss] Keep report after deleting task

Hi everyone, we had a similar problem: We had to modify the port list of *many* targets without loosing the results oft he previous scans. Our solution works as follows (OpenVAS 8): - Make sure, all task are created as „alterable“ - Create a dummy target - Modify

Re: [Openvas-discuss] nic definition blanked for all tasks if undefined in Web UI dialog for a single NEW task during creation

mation would be very valuable too because it could give some hints if it is a general bug or if it only happens in some configuration. Many thanks in advance! > On 09.06.2017 10:33, Ebert, Christian wrote: > Hi everyone, > > we experienced exactly the same problem here. It ha

[Openvas-discuss] XML error when exporting CPE definitions

Hi everyone, We use OpenVAS 8 with Debian 9. I try to export the CPE definitions to xml using the statement: omp --username=$ADM --password=$ADMPW -iX "" Basically it works fine. I get a XML output with the CPE definitions. But: (Part of the XML-Result)

Re: [Openvas-discuss] nic definition blanked for all tasks if undefined in Web UI dialog for a single NEW task during creation

Hi everyone, we experienced exactly the same problem here. It happens in OpenVAS 8 (Debian8, Debian 9) as well as in OpenVAS 9 (Kali rolling release). I did report that to this mailing list, but didn't get any response. Best regards Christian Ebert Chief Security Analyst, CISM, T.I.S.P. Head

[Openvas-discuss] Bug in Handling Network Source Interface

Hi everyone, we found a strange behaviour in OpenVAS 8 (under Debian 9 as well as under Kali) AND OpenVAS 9 (under Kali): 1) Use alterable tasks 2) For task A, define network source interface eth0 3) Create task B without network source interface 4) Look at task A,

Re: [Openvas-discuss] CVE-2017-5638

italisierung unter http://digitales-wirtschaftswunder.de<http://digitales-wirtschaftswunder.de/> Bitte finden Sie hier die handelsrechtlichen Pflichtangaben: http://www.qsc.de/pflichtangaben Von: Antu Sanadi [mailto:sa...@secpod.com] Gesendet: Freitag, 17. März 2017 13:05 An: Ebert, Chris

[Openvas-discuss] CVE-2017-5638

Hi everyone, is there any possibility to use OpenVAS to check against the Apache Struts2 vulnerability CVE-2017-5638? There is an NMAP NSE: https://nmap.org/nsedoc/scripts/http-vuln-cve2017-5638.html Does anybody have experience with this NSE? Is it reliable? Best regards Christian Ebert

[Openvas-discuss] CSV reports

Dear OpenVAS Developer, using the report format „CSV Results“ I found, that this report does NOT export the notes, the original CVSS and the override notes. Why not? Wouldn’t it be a good idea to export these data too? Best regards Christian Ebert Chief Security Analyst, CISM,

Re: [Openvas-discuss] Strange error extracting reports

rei...@thelounge.net>: > Am 20.02.2017 um 15:18 schrieb Ebert, Christian: > But with huge reports (the xml file is about 13 Mbytes) xmlstarlet crashes: > -:2.10003842: xmlSAX2Characters: huge text node: out of memory surely, forgt openvas with less then 3 GB RAM right

[Openvas-discuss] Strange error extracting reports

Hi, Using OpenVAS 8 under Debian 8/9, all patches applied. I try to export some reports using the built-in report format “CSV Results” omp --username=$USERNAME --password=$PASSWORD -iX "" >test.xml Now I extract the report for further base64-decoding using: xmlstarlet

Re: [Openvas-discuss] Error in exporting result "preload" Missing in HSTS Header to CSV Results

: [Openvas-discuss] Error in exporting result "preload" Missing in HSTS Header to CSV Results *** Ebert, Christian wrote: > 2)Substitute the " with ' in the NVT name Done in r4523 using ` as workaround for the moment. Micha -- Michael Meyer OpenPGP Key: 0xAF06

[Openvas-discuss] Error in exporting result "preload" Missing in HSTS Header to CSV Results

Hi, we found a problem in OpenVAS 8, when we tried to get a CSV Results report from a scan containing a result with: "preload" Missing in HSTS Header (OID: 1.3.6.1.4.1.25623.1.0.105878)

Re: [Openvas-discuss] Scans in slave-mode - permission problem?

dmins") in our team and we are not sure how to set the right permissions. Kind regards Christian Ebert Von: Thijs Stuurman [mailto:thijs.stuur...@internedservices.nl] Gesendet: Freitag, 4. November 2016 11:52 An: openvas-discuss@wald.intevation.org Cc: Ebert, Christian Betreff: RE: Scans in

[Openvas-discuss] Scans in slave-mode - permission problem?

Hi everybody! We have got some trouble with scans in slave-mode. We have two Debian 8.6 systems with OpenVAS 8.0 installed and want to scan some targets in slave mode. In preparation we added the slave system with user "master". Following situation: User A (role Admin) creates a target "T1"

Re: [Openvas-discuss] Custom report formats in openvas

[mailto:fabiogfernan...@gmail.com] Gesendet: Donnerstag, 13. Oktober 2016 18:13 An: Ebert, Christian Cc: openvas-discuss@wald.intevation.org Betreff: Re: [Openvas-discuss] Custom report formats in openvas I had some problems importing report formats too. Can you tell what is the report format you

[Openvas-discuss] Custom report formats in openvas

Hi everyone, did anybody manage to create and install custom report formats in OpenVAS 8.0? I'm completely lost. I followed the instructions in: https://svn.wald.intevation.org/svn/openvas/trunk/openvas-manager/doc/report-format-HOWTO and http://www.openvas.org/trusted-nvts.html The report