[Openvas-discuss] Fresh install and problem with openvas-scapdata-sync

Michal Chrobak Michal.Chrobak at sansec.com
Thu Jan 26 15:16:18 CET 2017


Today I'm trying to install openvas. I downloaded Ubuntu Core 16.04 LTS and install it on KVM virtual machine. Then I add new repository (ppa:mrazavi/openvas from https://launchpad.net/~mrazavi/+archive/ubuntu/openvas) and install openvas 8. Then I run openvas-nvt-sync and openvas-scapdata-sync. And here is my problem, after executing openvas-scap-sync, I've got following error:

user at openvas:~$ sudo openvas-scapdata-sync
[i] This script synchronizes a SCAP data directory with the OpenVAS one.
[i] This script is for the SQLite3 backend.
[i] SCAP dir: /var/lib/openvas/scap-data
[i] Will use rsync
[i] Using rsync: /usr/bin/rsync
[i] Configured SCAP data rsync feed: rsync://feed.openvas.org:/scap-data
OpenVAS community feed server - http://www.openvas.org/
*rsync cut*

sent 1,236 bytes  received 748,765,593 bytes  815,206.13 bytes/sec
total size is 748,578,705  speedup is 1.00
[i] Initializing scap database
[i] Updating CPEs
[i] Updating /var/lib/openvas/scap-data/nvdcve-2.0-2002.xml
[i] Updating /var/lib/openvas/scap-data/nvdcve-2.0-2003.xml
[i] Updating /var/lib/openvas/scap-data/nvdcve-2.0-2004.xml
[i] Updating /var/lib/openvas/scap-data/nvdcve-2.0-2005.xml
[i] Updating /var/lib/openvas/scap-data/nvdcve-2.0-2006.xml
[i] Updating /var/lib/openvas/scap-data/nvdcve-2.0-2007.xml
[i] Updating /var/lib/openvas/scap-data/nvdcve-2.0-2008.xml
[i] Updating /var/lib/openvas/scap-data/nvdcve-2.0-2009.xml
[i] Updating /var/lib/openvas/scap-data/nvdcve-2.0-2010.xml
[i] Updating /var/lib/openvas/scap-data/nvdcve-2.0-2011.xml
-:515359: parser error : expected '>'
-:515359: parser error : Premature end of data in tag vulnerable-software-list line 513948
-:515359: parser error : Premature end of data in tag entry line 512501
-:515359: parser error : Premature end of data in tag nvd line 2
unable to parse -
[e] Update of CVEs failed at file '/var/lib/openvas/scap-data/nvdcve-2.0-2011.xml': xsltproc exited with code 137

When I rerun command, it looks that everything is ok, but I'm not convinced that it is true:
user at openvas:~$ sudo openvas-nvt-sync
[i] This script synchronizes an NVT collection with the 'OpenVAS NVT Feed'.
[i] The 'OpenVAS NVT Feed' is provided by 'The OpenVAS Project'.
[i] Online information about this feed: 'http://www.openvas.org/openvas-nvt-feed.html'.
[i] NVT dir: /var/lib/openvas/plugins
OpenVAS community feed server - http://www.openvas.org/
This service is hosted by Greenbone Networks - http://www.greenbone.net/

All transactions are logged.

If you have any questions, please use the OpenVAS mailing lists
or the OpenVAS IRC chat. See http://www.openvas.org/ for details.

By using this service you agree to our terms and conditions.

Only one sync per time, otherwise the source ip will be blocked.

[i] Feed is already current, no synchronization necessary.
user at openvas:~$

My scap-data looks like that:
user at openvas:~$ ls /var/lib/openvas/scap-data/nvdcve-2.0-20*xml -lh
-rw-r--r-- 1 root root  19M Jan 20 09:28 /var/lib/openvas/scap-data/nvdcve-2.0-2002.xml
-rw-r--r-- 1 root root 5.5M Jan  3 09:25 /var/lib/openvas/scap-data/nvdcve-2.0-2003.xml
-rw-r--r-- 1 root root  12M Jan 20 09:26 /var/lib/openvas/scap-data/nvdcve-2.0-2004.xml
-rw-r--r-- 1 root root  18M Jan 20 09:25 /var/lib/openvas/scap-data/nvdcve-2.0-2005.xml
-rw-r--r-- 1 root root  27M Jan 20 09:22 /var/lib/openvas/scap-data/nvdcve-2.0-2006.xml
-rw-r--r-- 1 root root  25M Jan 20 09:20 /var/lib/openvas/scap-data/nvdcve-2.0-2007.xml
-rw-r--r-- 1 root root  31M Jan 20 09:17 /var/lib/openvas/scap-data/nvdcve-2.0-2008.xml
-rw-r--r-- 1 root root  31M Jan 20 09:14 /var/lib/openvas/scap-data/nvdcve-2.0-2009.xml
-rw-r--r-- 1 root root  45M Jan 18 09:09 /var/lib/openvas/scap-data/nvdcve-2.0-2010.xml
-rw-r--r-- 1 root root 109M Jan  7 09:14 /var/lib/openvas/scap-data/nvdcve-2.0-2011.xml
-rw-r--r-- 1 root root  42M Jan 20 09:12 /var/lib/openvas/scap-data/nvdcve-2.0-2012.xml
-rw-r--r-- 1 root root  44M Jan 25 09:58 /var/lib/openvas/scap-data/nvdcve-2.0-2013.xml
-rw-r--r-- 1 root root  40M Jan 25 09:07 /var/lib/openvas/scap-data/nvdcve-2.0-2014.xml
-rw-r--r-- 1 root root  30M Jan 25 09:04 /var/lib/openvas/scap-data/nvdcve-2.0-2015.xml
-rw-r--r-- 1 root root  30M Jan 25 09:02 /var/lib/openvas/scap-data/nvdcve-2.0-2016.xml
-rw-r--r-- 1 root root 442K Jan 25 09:00 /var/lib/openvas/scap-data/nvdcve-2.0-2017.xml

My question is: what go wrong with sync scap-data and how can I correct it?

Michal Chrobak

Michal Chrobak
IT Security Systems Engineer
tel. +48 22 122 09 42
tel. +48 503 555 769

SANSEC Poland S.A. NIP: 7010352299, KRS: 0000429238, REGON: 146270315, Spółka zarejestrowana przez Sąd Rejonowy dla M. St. Warszawy w Warszawie, XII Wydział Gospodarczy Krajowego Rejestru Sądowego, Kapitał zakładowy: 1 000 000 PLN.
Niniejsza wiadomość zawiera informacje zastrzeżone i stanowiące tajemnicę przedsiębiorstwa SANSEC Poland S.A.

More information about the Openvas-discuss mailing list