[Openvas-discuss] latest OpenSSL holes

Daniel Malament daniel.j.malament at gmail.com
Mon Jun 16 17:11:41 CEST 2014


I have all three syncs running every night.  I don't see any of those NVTs.
 Also, these two CVEs aren't in that list:

CVE-2014-0198

CVE-2010-5298


Latest update output:

----

[i] This script synchronizes a CERT advisory directory with the OpenVAS one.
[i] CERT dir: /var/lib/openvas/cert-data
[i] Will use rsync
[i] Using rsync: /usr/bin/rsync
[i] Configured CERT data rsync feed: rsync://feed.openvas.org:/cert-data
OpenVAS feed server - http://www.openvas.org/
This service is hosted by Intevation GmbH - http://intevation.de/
All transactions are logged.

Please report synchronization problems to openvas-feed at intevation.de.
If you have any other questions, please use the OpenVAS mailing lists
or the OpenVAS IRC chat. See http://www.openvas.org/ for details.

receiving incremental file list
./

sent 62 bytes  received 716 bytes  311.20 bytes/sec
total size is 8,743,560  speedup is 11,238.51
[i] Skipping /var/lib/openvas/cert-data/dfn-cert-2008.xml, file is
older than last revision
[i] Skipping /var/lib/openvas/cert-data/dfn-cert-2009.xml, file is
older than last revision
[i] Skipping /var/lib/openvas/cert-data/dfn-cert-2010.xml, file is
older than last revision
[i] Skipping /var/lib/openvas/cert-data/dfn-cert-2011.xml, file is
older than last revision
[i] Skipping /var/lib/openvas/cert-data/dfn-cert-2012.xml, file is
older than last revision
[i] Skipping /var/lib/openvas/cert-data/dfn-cert-2013.xml, file is
older than last revision
[i] Skipping /var/lib/openvas/cert-data/dfn-cert-2014.xml, file is
older than last revision
[i] This script synchronizes an NVT collection with the 'OpenVAS NVT Feed'.
[i] The 'OpenVAS NVT Feed' is provided by 'The OpenVAS Project'.
[i] Online information about this feed:
'http://www.openvas.org/openvas-nvt-feed.html'.
[i] NVT dir: /var/lib/openvas/plugins
[i] Will use rsync
[i] Using rsync: /usr/bin/rsync
[i] Configured NVT rsync feed: rsync://feed.openvas.org:/nvt-feed
[e] Private directory 'private' not found. Aborting to prevent loss of
user NVTs.
[i] Please run this script on an interactive console or migrate NVTs
by running this script with option --migrate-to-private.
[i] This script synchronizes a SCAP data directory with the OpenVAS one.
[i] SCAP dir: /var/lib/openvas/scap-data
[i] Will use rsync
[i] Using rsync: /usr/bin/rsync
[i] Configured SCAP data rsync feed: rsync://feed.openvas.org:/scap-data
OpenVAS feed server - http://www.openvas.org/
This service is hosted by Intevation GmbH - http://intevation.de/
All transactions are logged.

Please report synchronization problems to openvas-feed at intevation.de.
If you have any other questions, please use the OpenVAS mailing lists
or the OpenVAS IRC chat. See http://www.openvas.org/ for details.

receiving incremental file list
./

sent 71 bytes  received 1,567 bytes  655.20 bytes/sec
total size is 624,880,035  speedup is 381,489.64
[i] Skipping CPEs, file is older than last revision
[i] Skipping /var/lib/openvas/scap-data/nvdcve-2.0-2002.xml, file is
older than last revision
[i] Skipping /var/lib/openvas/scap-data/nvdcve-2.0-2003.xml, file is
older than last revision
[i] Skipping /var/lib/openvas/scap-data/nvdcve-2.0-2004.xml, file is
older than last revision
[i] Skipping /var/lib/openvas/scap-data/nvdcve-2.0-2005.xml, file is
older than last revision
[i] Skipping /var/lib/openvas/scap-data/nvdcve-2.0-2006.xml, file is
older than last revision
[i] Skipping /var/lib/openvas/scap-data/nvdcve-2.0-2007.xml, file is
older than last revision
[i] Skipping /var/lib/openvas/scap-data/nvdcve-2.0-2008.xml, file is
older than last revision
[i] Skipping /var/lib/openvas/scap-data/nvdcve-2.0-2009.xml, file is
older than last revision
[i] Skipping /var/lib/openvas/scap-data/nvdcve-2.0-2010.xml, file is
older than last revision
[i] Skipping /var/lib/openvas/scap-data/nvdcve-2.0-2011.xml, file is
older than last revision
[i] Skipping /var/lib/openvas/scap-data/nvdcve-2.0-2012.xml, file is
older than last revision
[i] Skipping /var/lib/openvas/scap-data/nvdcve-2.0-2013.xml, file is
older than last revision
[i] Skipping /var/lib/openvas/scap-data/nvdcve-2.0-2014.xml, file is
older than last revision
[i] No CVEs updated, skipping CVSS and CVE recount.
[i] Updating OVAL data
egrep: character class syntax is [[:space:]], not [:space:]
egrep: character class syntax is [[:space:]], not [:space:]
egrep: character class syntax is [[:space:]], not [:space:]
egrep: character class syntax is [[:space:]], not [:space:]
egrep: character class syntax is [[:space:]], not [:space:]
egrep: character class syntax is [[:space:]], not [:space:]
egrep: character class syntax is [[:space:]], not [:space:]
egrep: character class syntax is [[:space:]], not [:space:]
egrep: character class syntax is [[:space:]], not [:space:]
[i] Skipping /var/lib/openvas/scap-data/oval/5.10/org.mitre.oval/c/oval.xml,
file is older than last revision.
[i] Skipping /var/lib/openvas/scap-data/oval/5.10/org.mitre.oval/i/oval.xml,
file is older than last revision.
[i] Skipping /var/lib/openvas/scap-data/oval/5.10/org.mitre.oval/m/oval.xml,
file is older than last revision.
[i] Skipping /var/lib/openvas/scap-data/oval/5.10/org.mitre.oval/p/oval.xml,
file is older than last revision.
[i] Skipping /var/lib/openvas/scap-data/oval/5.10/org.mitre.oval/v/family/ios.xml,
file is older than last revision.
[i] Skipping /var/lib/openvas/scap-data/oval/5.10/org.mitre.oval/v/family/macos.xml,
file is older than last revision.
[i] Skipping /var/lib/openvas/scap-data/oval/5.10/org.mitre.oval/v/family/pixos.xml,
file is older than last revision.
[i] Skipping /var/lib/openvas/scap-data/oval/5.10/org.mitre.oval/v/family/unix.xml,
file is older than last revision.
[i] Skipping /var/lib/openvas/scap-data/oval/5.10/org.mitre.oval/v/family/windows.xml,
file is older than last revision.
[i] No user data directory '/var/lib/openvas/scap-data/private' found.
Restarting OpenVAS Scanner: openvassd.

----




On Sat, Jun 14, 2014 at 3:21 AM, Michael Meyer <michael.meyer at greenbone.net>
wrote:

> *** Daniel Malament wrote:
>
> > I don't seem to be finding the CVEs from this:
> > https://www.openssl.org/news/secadv_20140605.txt
> > in the CVE DB on my OpenVAS install, and I don't see anything more recent
> > than a month ago as far as OpenSSL-related vulnerabilities.  Is there
> > currently a way to scan for these vulnerabilities?
>
> http://openvas.komma-nix.de/index.php?cve=CVE-2014-0224
>
> Plugins are up to date in your installation (openvas-nvt-sync)?
> Did you run openvas-certdata-sync and openvas-scapdata-sync recently?
>
> Micha
>
> --
> Michael Meyer                  OpenPGP Key: 0xAF069E9152A6EFA6
> http://www.greenbone.net/
> Greenbone Networks GmbH, Neuer Graben 17, 49074 Osnabrück | AG
> Osnabrück, HR B 202460
> Geschäftsführer: Lukas Grunwald, Dr. Jan-Oliver Wagner
> _______________________________________________
> Openvas-discuss mailing list
> Openvas-discuss at wald.intevation.org
> https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20140616/e2920206/attachment.html>


More information about the Openvas-discuss mailing list