[Openvas-discuss] NVT with error severity level

tatooin tatooin at free.fr
Wed Jan 25 16:03:08 CET 2017


Well the only thing I see is the NVT timeout error, which seems to
happen fairly often on many different NVTs. I have added
"plugins_timeout = 1500" in /etc/openvas/openvassd.conf to raise the
default timeout. 
I suppose it should fix the issue for new scans ?

Thanks

-----Original Message-----
From: Christian Fischer <christian.fischer at greenbone.net>
To: openvas-discuss at wald.intevation.org
Subject: Re: [Openvas-discuss] NVT with error severity level
Date: Tue, 24 Jan 2017 08:40:17 +0100


Hi,

On 23.01.2017 19:12, tatooin at free.fr wrote:
> Hello,
>
> I'm trying to get a list of hosts vulnerable to a particular NVT. In
this case, 1.3.6.1.4.1.25623.1.0.100610 (JBoss Enterprise Application
Platform Multiple Vulnerabilities). Looking at this particular NVT in
GSA, and clicking on the "Show scan results for this NVT" menu, takes me
to the list of hosts vulnerable to this NVT, as expected.
>
> However, on the listing, the vulnerability appears with a severity set
to "Error" on all vulnerable hosts (see attached screenshot if it goes
through), while on the NVT page detail, the severity score is set to 5.0
(Medium). I also notice that the location is set to "General/TCP", while
I would expect here to see the application port (8080). Is this a bug or
am I missing something ? And in that particular case, are the results
reliable ?
>
> Thank you
>
> System Info:
> openvas-manager-6.0.9-0kali1
> openvas-scanner-5.0.7-3
>
> On Kali Linux Rolling. All packages up to date.

an "Error" severity mostly means that e.g. the NVT timed out after a
specific time or similar. You can get this information if you open the
Reports page for that specific report where the error happened:

http://docs.greenbone.net/GSM-Manual/gos-3.1/en/scanning.html#reports

Then open the "Report: Error Messages" link as shown on the "Different
views of the same report." image.

Regards,

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20170125/17a16f6c/attachment.html>


More information about the Openvas-discuss mailing list