Re: [Openvas-discuss] Running a script: how to specify a parameter

2016-05-25 Thread Sebastien Aucouturier
That's a very new nice feature for openvas-nasl, it will definitively save time when debugging pluging. is it available in openvas9 official release? or from trunk ? GSM: 06.20.60.77.24 On Wed, May 25, 2016 at 6:50 PM, Michael Meyer wrote: > *** Corti Matteo (ID

[Openvas-discuss] Having a problem scanning services on nonstandard ports

2016-05-25 Thread Allyn Baskerville
Having just setup OpenVAS, I test scanned the local machine, and a couple issues were noted. I tried to scan my server that is only listening on two obscure ports, and I setup a port list with only these two ports in it, bound it to a target (the IP of this host), and then I ran a "full and fast"

Re: [Openvas-discuss] New to OpenVAS, possible issue with new installation

2016-05-25 Thread Allyn Baskerville
I worked on this a couple hours before I mailed this office, and 15 minutes afterwards I issued the "openvasmd -rebuild" command, and the system is operational. Thanks From: Openvas-discuss [mailto:openvas-discuss-boun...@wald.intevation.org] On Behalf Of Allyn Baskerville Sent: Wednesday, May

[Openvas-discuss] New to OpenVAS, possible issue with new installation

2016-05-25 Thread Allyn Baskerville
I've gone through the installation and synchronized with the NVT feed (a message is returned that the feed is already current, no synchronization is necessary), but what seems strange to me is that if I go to Configuration | Scan Configurations, there is a number under Families | Total column, but

Re: [Openvas-discuss] Running a script: how to specify a parameter

2016-05-25 Thread Michael Meyer
*** Corti Matteo (ID BD) wrote: > I would like to run a single test on the command line, for example > (http://plugins.openvas.org/nasl.php?oid=803477) > > openvas-nasl -X -t IP -i /var/lib/openvas/plugins > /var/lib/openvas/plugins/2013/gb_miniweb_file_upload_n_dir_trav_vuln.nasl -T > - > >

Re: [Openvas-discuss] Web app scan config empty

2016-05-25 Thread Michael . Eissele
Dear Ahamd, we've recently been in touch via the Greenbone Support portal. In meanwhile we was able to reproduce the problem, therefore we will take care of a fix now. Thank you very much for your initial report! We will inform you as soon as the fix becomes availible. Kind Regards, Michael

[Openvas-discuss] Running a script: how to specify a parameter

2016-05-25 Thread Corti Matteo (ID BD)
Hi I would like to run a single test on the command line, for example (http://plugins.openvas.org/nasl.php?oid=803477) openvas-nasl -X -t IP -i /var/lib/openvas/plugins /var/lib/openvas/plugins/2013/gb_miniweb_file_upload_n_dir_trav_vuln.nasl -T - Seems to work but I did not find out how to

Re: [Openvas-discuss] openvasmd regular tasks.db corruption issue

2016-05-25 Thread tatooin
On Wed, 2016-05-25 at 16:12 +0200, Michael Meyer wrote: > *** tatooin wrote: > > > Thanks for your reply. I use the default redis configuration file > > shipped with Kali Rolling. In my redis.conf file, all lines beginning > > with "save" are NOT commented out: > > > > save 900 1 > > save 300 10

Re: [Openvas-discuss] openvasmd regular tasks.db corruption issue

2016-05-25 Thread Ryan Schulze
A corruption in the database should be easy to find. Have you bumped up the logging level to see which SQL fails when you kick off the task? That would make it easier to pinpoint what is going wrong. On 5/25/2016 5:06 AM, tato...@free.fr wrote: Thank you Tyler for the reply, but

[Openvas-discuss] Web app scan config empty

2016-05-25 Thread Ahmad Jawad
Hi, I installed OpenVas 8 on Fedora 23. GSA Version 6.0.10. I want to scan websites. I am following the link http://www.greenbone.net/learningcenter/task_webappscan.html I downloaded web-app-scan.xml file. But when I Import it I see no Families or NVTs in the config file. I am attaching the

Re: [Openvas-discuss] openvasmd regular tasks.db corruption issue

2016-05-25 Thread Michael Meyer
*** tatooin wrote: > Thanks for your reply. I use the default redis configuration file > shipped with Kali Rolling. In my redis.conf file, all lines beginning > with "save" are NOT commented out: > > save 900 1 > save 300 10 > save 60 1 Stop redis, comment them out and delete the dump.rdb.

Re: [Openvas-discuss] openvasmd regular tasks.db corruption issue

2016-05-25 Thread tatooin
On Wed, 2016-05-25 at 12:27 +0200, Michael Meyer wrote: > *** tatooin wrote: > > > When this happens, openvas continue to work correclty except that I > > cannot run any tasks. I can still create / delete tasks and targets, but > > I cannot run any scans. > > Could be a redis issue. Did you use

Re: [Openvas-discuss] Reg Apache Vulnerability

2016-05-25 Thread Michael Meyer
*** Sai Ravi wrote: > It shows "windows" as the affected OS.But our scan was on > "Enterprise Linux".We are unsure on how to proceed further with this > vulnerability. Which OS has been detected in this scan? Micha -- Michael Meyer OpenPGP Key: 0xAF069E9152A6EFA6

Re: [Openvas-discuss] Reg Apache Vulnerability

2016-05-25 Thread Sai Ravi
It shows "windows" as the affected OS.But our scan was on "Enterprise Linux".We are unsure on how to proceed further with this vulnerability. On Wednesday, 25 May 2016 3:23 PM, Michael Meyer wrote: *** Reindl Harald wrote: > Am 25.05.2016 um 10:54 schrieb

Re: [Openvas-discuss] openvasmd regular tasks.db corruption issue

2016-05-25 Thread Michael Meyer
*** tatooin wrote: > When this happens, openvas continue to work correclty except that I > cannot run any tasks. I can still create / delete tasks and targets, but > I cannot run any scans. Could be a redis issue. Did you use the example_redis_2_{4,6}.conf shipped with openvas

Re: [Openvas-discuss] openvasmd regular tasks.db corruption issue

2016-05-25 Thread tatooin
Thank you Tyler for the reply, but unfortunately this is workaround, not a solution suitable for production uses. If OpenVAS cannot run properly without corrupting it's database regularly -especially on a fresh new install system- then it means this application is really just in a beta testing

Re: [Openvas-discuss] Reg Apache Vulnerability

2016-05-25 Thread Michael Meyer
*** Reindl Harald wrote: > Am 25.05.2016 um 10:54 schrieb Michael Meyer: > >*** Reindl Harald wrote: > > > >>i find it just somehow laughable to scan in 2016/05 a 2.4.7 httpd > > > >man backports > > you missed that he talks about windows as OS and not a enterprise linux Damn...:) Micha --

Re: [Openvas-discuss] Reg Apache Vulnerability

2016-05-25 Thread Reindl Harald
Am 25.05.2016 um 10:54 schrieb Michael Meyer: *** Reindl Harald wrote: i find it just somehow laughable to scan in 2016/05 a 2.4.7 httpd man backports you missed that he talks about windows as OS and not a enterprise linux signature.asc Description: OpenPGP digital signature

Re: [Openvas-discuss] Reg Apache Vulnerability

2016-05-25 Thread Michael Meyer
*** Reindl Harald wrote: > i find it just somehow laughable to scan in 2016/05 a 2.4.7 httpd man backports Micha -- Michael Meyer OpenPGP Key: 0xAF069E9152A6EFA6 http://www.greenbone.net/ Greenbone Networks GmbH, Neuer Graben 17, 49074 Osnabrück | AG Osnabrück, HR B 202460

Re: [Openvas-discuss] Reg Apache Vulnerability

2016-05-25 Thread Reindl Harald
Am 25.05.2016 um 09:33 schrieb Sai Ravi: Can you be more clear? Our query is that we have same version 2.4.7 in both the servers (server 1 and server 2) but still we could find vulnerability only in server 1 and not in server 2. *Solution for the vulnerability:* Upgrade to version 2.4.14 or

Re: [Openvas-discuss] Reg Apache Vulnerability

2016-05-25 Thread Sai Ravi
Hi      Can you be more clear? Our query is that we have same version 2.4.7 in both the servers (server 1 and server 2) but still we could find vulnerability only in server 1 and not in server 2. Solution for the vulnerability:Upgrade to version 2.4.14 or later, We need to know why there is a