Kali 2 OpenVAS 8 I'am scanning 2 clients in a domain. Both Win7-pro, firewall off Both have Adobe Reader 11.0.13 installed. Scan with (the same) domain admin credentials (SMB log in: "It was possible to log into the remote host using the SMB protocol.")
Client 1: (real Hardware) OpenVAS found "Adobe Reader Multiple Vulnerabilities - 01 January16 (Windows)" Client 2: (virtual maschine) OpenVAS found nothing OpenVAS act, as if there are no credentials. /var/log/openvas/openvassd.messages say: -- client 2 -- snip ---- [Fri Jan 29 16:20:23 2016][23681] Starts a new scan. Target(s) : klatsch, with max_hosts = 20 and max_checks = 4 [Fri Jan 29 16:20:23 2016][23681] exclude_hosts: Skipped 0 host(s). [Fri Jan 29 16:20:23 2016][23681] Testing klatsch (::ffff:192.168.1.152) [23699] [Fri Jan 29 16:20:50 2016][24005] win_cmd_exec: WinCMD Connect failed [Fri Jan 29 16:20:59 2016][24006] [24006](:0) Negative integer index are not supported yet! [Fri Jan 29 16:20:59 2016][24006] [24006](/var/lib/openvas/plugins/smb_enum_services.nasl:0) ord() usage : ord(char) [Fri Jan 29 16:20:59 2016][24006] [24006](:0) Negative integer index are not supported yet! [Fri Jan 29 16:20:59 2016][24006] [24006](/var/lib/openvas/plugins/smb_enum_services.nasl:0) ord() usage : ord(char) [Fri Jan 29 16:20:59 2016][24006] [24006](:0) Negative integer index are not supported yet! [Fri Jan 29 16:20:59 2016][24006] [24006](/var/lib/openvas/plugins/smb_enum_services.nasl:0) ord() usage : ord(char) [Fri Jan 29 16:20:59 2016][24006] [24006](:0) Negative integer index are not supported yet! [Fri Jan 29 16:20:59 2016][24006] [24006](/var/lib/openvas/plugins/smb_enum_services.nasl:0) ord() usage : ord(char) [Fri Jan 29 16:22:50 2016][23699] Finished testing 192.168.1.152. Time : 146.34 secs [Fri Jan 29 16:22:50 2016][23681] Test complete [Fri Jan 29 16:22:50 2016][23681] Total time to scan all hosts : 154 seconds ---- snap --- -- client 1 -- snip ---- [Fri Jan 29 16:27:37 2016][24733] Starts a new scan. Target(s) : hel-wvi, with max_hosts = 20 and max_checks = 4 [Fri Jan 29 16:27:37 2016][24733] exclude_hosts: Skipped 0 host(s). [Fri Jan 29 16:27:37 2016][24733] Testing hel-wvi (::ffff:192.168.1.121) [24752] [Fri Jan 29 16:28:15 2016][25087] win_cmd_exec: WinCMD Connect failed [Fri Jan 29 16:28:16 2016][25096] [25096](:0) nasl_array_iterator: unhandled type 57 (0x39) [Fri Jan 29 16:28:22 2016][24752] Process 25109 (OID: 1.3.6.1.4.1.25623.1.0.900025) seems to have died too early [Fri Jan 29 16:28:50 2016][25411] [25411](/var/lib/openvas/plugins/2015/gb_office_infopath_ms15-116.nasl:164) get_array_elem: requesting character after end of string data (0 >= 0) [Fri Jan 29 16:29:37 2016][25915] nasl_wmi_connect: WMI Connect failed [Fri Jan 29 16:30:59 2016][27081] [27081](:0) nasl_array_iterator: unhandled type 57 (0x39) [Fri Jan 29 16:31:18 2016][27432] [27432](/var/lib/openvas/plugins/2012/secpod_ms11-020_remote.nasl:0) Usage: substr(string, idx_start [,idx_end]) [Fri Jan 29 16:31:37 2016][27459] open_sock_tcp: 192.168.1.121:10443 time-out. [Fri Jan 29 16:31:59 2016][24752] Finished testing 192.168.1.121. Time : 262.39 secs [Fri Jan 29 16:31:59 2016][24733] Test complete [Fri Jan 29 16:31:59 2016][24733] Total time to scan all hosts : 267 seconds ---- snap ---- A third (real) PC act like the virtual one (no vulnarabilities) but the log is different: --- snip --- [Fri Jan 29 17:12:48 2016][31237] Starts a new scan. Target(s) : boe-wvi.wvi.lan, with max_hosts = 20 and max_checks = 4 [Fri Jan 29 17:12:48 2016][31237] exclude_hosts: Skipped 0 host(s). [Fri Jan 29 17:12:48 2016][31237] Testing boe-wvi.wvi.lan (::ffff:192.168.1.117) [31278] [Fri Jan 29 17:13:18 2016][31634] win_cmd_exec: WinCMD Connect failed [Fri Jan 29 17:14:43 2016][31278] Finished testing 192.168.1.117. Time : 115.14 secs [Fri Jan 29 17:14:43 2016][31237] Test complete [Fri Jan 29 17:14:43 2016][31237] Total time to scan all hosts : 119 seconds --- snap --- Strange behavier. Any ideas? Thank you. Mit freundlichen Grüßen i.A. Michael Helms --------------------- E-Mail: [email protected] Telefon: +49-531-3 87 37-22 Telefax: +49-531-3 87 37-33 WVI Prof. Dr. Wermuth Verkehrsforschung und Infrastrukturplanung GmbH Nordstr. 11 38106 Braunschweig Sitz Braunschweig Amtsgericht Braunschweig HRB 2805 Geschäftsführer Dr.-Ing. Tobias Wermuth Internet: www.wvigmbh.de _______________________________________________ Openvas-discuss mailing list [email protected] https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
