View Issue Details
|ID||Project||Category||View Status||Date Submitted||Last Update|
|0005797||Kali Linux||[All Projects] Tool Upgrade||public||2019-11-18 18:56||2020-05-27 17:04|
|Target Version||Fixed in Version|
|Summary||0005797: OpenVAS Vulnerability Assessment System|
|Description||OpenVAS, the FLOSS successor to nessus, is maintained since years ago by a developer group at "greenbone", and they also maintain a (or the?) community and a community version, e.g. a VM made from the source code of the community version.|
The OpenVAS Vulnerability Assessment System and the accompanying "greenbone security assistant" which are already in kali seem to be seriously out of sync with upstream.
I just installed Kali 2019.3 which upgraded itself quite naturally to 2019.4, but the OpenVAS/greenbone system is still 2 (!) major versions behind, if I read the data correctly.
Please integrate the current tool's versions available here: https://github.com/greenbone/
|Steps To Reproduce||Install kali 2019.3 and apt dist-upgrade to 2019.4, then use the tool and check the versions against the current community edition.|
|Additional Information||There are different and also improved tools which should be in kali, and they all have some version and are under developtment with a clean schedule, but for instance openvas-scanner my current kali rolling release 2019.4 is 5.1.3-2, while the released current version at https://github.com/greenbone/openvas is 7.0.0!|
This might be useful to integrate new versions into kali rolling:
Beyond OpenVAS itself, I suppose it's a good idea to include the complete "GVM 11" release of the "Greenbone Source Edition (GSE)" into kali, as the "GVM" seems to be a renamed thing formerly known as "GSA", included in current kali 2019.4 as gsad (available on the CLI, that is, and used when starting OpenVAS in kali from the Applications menu).
As far as I can see, these tools look like extremely important tools for the whole pentesting ecosystem and greenbone seems to be very actively developing these tools.
This might also be useful: https://community.greenbone.net/t/which-gvm-variant-is-kali-shipping/2642
and this: https://community.greenbone.net/t/about-the-greenbone-source-edition-gse-category/176
The updated tutorial https://www.kali.org/tutorials/configuring-and-tuning-openvas-in-kali-linux/also from 2017 looks quite old now, 2 years seem like approaching eternity in InfoSec.
The community forum the upstream coordinates looks welcoming and helpful and might give advice if running into packaging difficulties.
The newer versions seem to have updated protocols and new facilities for easier integration of remote sensors.
The name changes might actually help in case you want to offer the "legacy" OpenVAS besides the newer, better tools without packaging conflicts and help people in transitioning custom scripts they might use.
||Thanks for your report. We started to work on the update.|
Note that an update of the manager database from GVM-9 (previously OpenVAS 9) currently shipped in Kali to the most recent version GVM-11 isn't directly possible:
and first need an intermediate step to GVM-10.
This might be interesting concerning the required GVM parts and their setup:
||Is there an estimate on when KALI is about to update its distribution to include the last version of the scanner?|
||When can we expect an update of the openvas scanner, the error has been there for some time now !|
> OpenVAS is packaged in the pkg-security team in Debian (we are involved in that team). Some OpenVAS components changed a lot and are hard to package properly. We don't have any ETA currently.
Do you have any predictions for GVM11 no kali? I'm having problems with openvas, all reports are returning this message that is attached.
High (CVSS: 10.0)
NVT: Report outdated / end-of-life Scan Engine / Environment (local)
This script checks and reports an outdated or end-of-life scan engine for the following environ-
- Greenbone Source Edition (GSE)
- Greenbone Community Edition (GCE)
. . . continues on next page . . .
2 RESULTS PER HOST 3
. . . continued from previous page . . .
used for this scan.
NOTE: While this is not, in and of itself, a security vulnerability, a severity is reported to make
you aware of a possible decreased scan coverage or missing detection of vulnerabilities on the
target due to e.g.:
- missing functionalities
- missing bugxes
- incompatibilities within the feed.
Vulnerability Detection Result
Installed GVM Libraries (gvm-libs) version: 9.0.3
Latest available GVM Libraries (gvm-libs) version: 10.0.1
Reference URL(s) for the latest available version: https://community.greenbone.n
,!et/t/gvm-11-stable-initial-release-2019-10-14/3674 / https://community.greenbo
Solution type: VendorFix
Update to the latest available stable release for your scan environment. Please check the refer-
ences for more information. If you're using packages provided by your Linux distribution please
contact the maintainer of the used distribution / repository and request updated packages.
If you want to accept the risk of a possible decreased scan coverage or missing detection of
vulnerabilities on the target you can set a global override for this script as described in the
Vulnerability Detection Method
Details: Report outdated / end-of-life Scan Engine / Environment (local)
Version used: 2020-05-12T05:51:55+0000
|2019-11-18 18:56||peerj||New Issue|
|2019-11-18 18:56||peerj||Status||new => assigned|
|2019-11-18 18:56||peerj||Assigned To||=> sbrun|
|2019-11-19 12:27||peerj||Note Added: 0011327|
|2019-11-19 13:04||peerj||Note Added: 0011328|
|2019-11-19 14:30||sbrun||Note Added: 0011330|
|2019-11-25 13:34||sbrun||Relationship added||has duplicate 0005755|
|2020-01-26 08:32||kali-bugreport||Note Added: 0011961|
|2020-05-23 11:59||pleontios||Note Added: 0012826|
|2020-05-24 19:18||rhertzog||Relationship added||has duplicate 0006405|
|2020-05-25 11:26||kennikvik||Note Added: 0012834|
|2020-05-25 12:10||kali-bugreport||Note Added: 0012835|
|2020-05-27 17:04||ghostpapper||Note Added: 0012844|