View Issue Details

IDProjectCategoryView StatusLast Update
0008800Kali LinuxTool Upgrade Requestpublic2024-07-04 13:49
ReporterMenbere Assigned Tosbrun  
PrioritynormalSeverityminorReproducibilityhave not tried
Status resolvedResolutionfixed 
Fixed in Version2024.3 
Summary0008800: Greenbone - Openvas - GVM - Report outdated / end-of-life Scan Engine
Description

From any scan report:

Severity: High (CVSS: 10.0)
NVT: Report outdated / end-of-life Scan Engine / Environment (local)

Vulnerability Detection Result
Version of installed component: 22.7.9
Latest available openvas-scanner version: 23.0.1

Summary
This script checks and reports an outdated or end-of-life scan engine for the following environments:

  • Greenbone Community Edition
  • Greenbone Enterprise TRIAL (formerly Greenbone Security Manager TRIAL / Greenbone Community Edition VM) used for this scan. NOTE: While this is not, in and of itself, a security vulnerability, a severity is reported to make you aware of a possible decreased scan coverage or missing detection of vulnerabilities on the target due to e.g.:
  • missing functionalities
  • missing bugfixes
  • incompatibilities within the feed

Solution type: VendorFix
Vendorfix
Update to the latest available stable release for your scan environment. Note: It is NOT enough to only update the scanner component. All components should be updated to the most recent and stable versions. Possible solution options depends on the installation method:

  • If using the Greenbone Enterprise TRIAL: Please do a new installation with the newest available version
  • If using the official Greenbone Community Containers: Please see the references on how to do an update of these
  • If the Greenbone Community Edition was build from sources by following the official source build documentation: Please see the references on how to do an update of all components
  • If using packages provided by your Linux distribution: Please contact the maintainer of the used distribution / repository and request updated packages
  • If using any other installation method: Please contact the provider of this solution Please check the references for more information. If you want to accept the risk of a possible decreased scan coverage or missing detection of vulnerabilities on the target you can set a global override for this script as described in the linked GSM manual.

Vulnerability Detection Method
Details:
Report outdated / end-of-life Scan Engine / Environment (local)

Activities

kali-bugreport

kali-bugreport

2024-06-22 19:53

reporter   ~0019464

Use Kali rolling: 0008761, 0008761:0019302

sbrun

sbrun

2024-06-25 13:44

manager   ~0019473

I have updated the GVM packages. They will be available in few hours (after the mirrors sync).
New versions are:
openvas-scanner 23.4.1-1
gsad 22.9.1-2
notus-scanner 22.6.3-2
gvm-libs 22.10.0-1
gvmd 23.6.2-1

sbrun

sbrun

2024-06-26 08:10

manager   ~0019477

To update Kali, please follow the documentation:
https://www.kali.org/docs/general-use/updating-kali/

If GVM suit is already installed, it will updated with the command apt full-upgrade

You can check the installed version of a package with
dpkg -s gvmd (for example)

Menbere

Menbere

2024-07-03 20:04

reporter   ~0019498

Thank you sbrun, after updating/upgrading the package the error is removed or fixed. Thank you for your support.

Issue History

Date Modified Username Field Change
2024-06-21 19:11 Menbere New Issue
2024-06-22 19:53 kali-bugreport Note Added: 0019464
2024-06-24 08:18 sbrun Assigned To => sbrun
2024-06-24 08:18 sbrun Status new => assigned
2024-06-25 13:44 sbrun Note Added: 0019473
2024-06-26 08:10 sbrun Note Added: 0019477
2024-07-03 20:04 Menbere Note Added: 0019498
2024-07-04 13:49 sbrun Status assigned => resolved
2024-07-04 13:49 sbrun Resolution open => fixed
2024-07-04 13:49 sbrun Fixed in Version => 2024.3