Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Bug] Report outdated / end-of-life Scan Engine / Environment (local) #312

Open
sephirothac opened this issue Nov 22, 2021 · 29 comments
Open

[Bug] Report outdated / end-of-life Scan Engine / Environment (local) #312

sephirothac opened this issue Nov 22, 2021 · 29 comments
Assignees
@Dexus @pixelsquared
Labels
bug Something isn't working

Comments

@sephirothac
Copy link

Describe the bug
Good evening, all scans on any host always return the same warning message.
Report outdated / end-of-life Scan Engine / Environment (local)

Summary

This script checks and reports an outdated or end-of-life scan engine for the following environments:

  • Greenbone Source Edition (GSE)

  • Greenbone Security Manager TRIAL (formerly Greenbone Community Edition (GCE))

used for this scan.

NOTE: While this is not, in and of itself, a security vulnerability, a severity is reported to
make you aware of a possible decreased scan coverage or missing detection of vulnerabilities on
the target due to e.g.:

  • missing functionalities

  • missing bugfixes

  • incompatibilities within the feed

Detection Result

Version of installed component:           21.4.2 (Installed component: openvas-libraries on OpenVAS <= 9, openvas-scanner on GVM >= 10)

Latest available openvas-scanner version: 21.4.3

Reference URL(s) for the latest available version: https://community.greenbone.net/t/gvm-21-04-stable-initial-release-2021-04-16/8942

Detection Method

Details: Report outdated / end-of-life Scan Engine / Environment (local) OID: 1.3.6.1.4.1.25623.1.0.108560
Version used: 2021-11-17T00:00:37Z

Solution

Solution Type:
Vendorfix
Update to the latest available stable release for your scan environment. Please check the references for more information. If you're using packages provided by your Linux distribution please contact the maintainer of the used distribution / repository and request updated packages.

If you want to accept the risk of a possible decreased scan coverage or missing detection of
vulnerabilities on the target you can set a global override for this script as described in the
linked GSM manual.

Screenshots

Host Device:
VERSION="2021.3"
VERSION_ID="2021.3"
VERSION_CODENAME="kali-rolling"
ID_LIKE=debian

docker image inspect

version: "3"
services:
gvm:
image: securecompliance/gvm
volumes:
- ./postgres:/opt/database
- ./gvm:/var/lib/gvm
- ./plugins:/var/lib/openvas/plugins
environment:
- USERNAME="admin"
- PASSWORD="admin"
- RELAYHOST="smtp"
- SMTPPORT=25
- AUTO_SYNC=true
- HTTPS=true
- TZ=""
- SSHD=false
- DB_PASSWORD="none"
ports:
- "8099:9392" # Web interface
#- "5432:5432" # Access PostgreSQL database from external tools
#- "2222:22" # SSH for remote sensors
restart: unless-stopped
@sephirothac sephirothac added the bug Something isn't working label Nov 22, 2021
@markdesilva
Copy link

See #299, #300 and #302

Have you pulled the latest 21.4.4-v1? Its supposed to address this.

@austinsonger
Copy link
Contributor

It's already pushed to Docker Hub.

docker pull securecompliance/gvm:debian-master-data-full
docker pull securecompliance/gvm:debian-master-data
docker pull securecompliance/gvm:debian-master-full
docker pull securecompliance/gvm:debian-master

@markdesilva
Copy link

Thank you @austinsonger.

So its back to debian and not alpine anymore?

I'm also looking at the documentation at https://securecompliance.gitbook.io/projects/ but I can't find reference to what "master", "data" and "full" are or have I missed it in the docs?

Will the scanners (https://github.com/Secure-Compliance-Solutions-LLC/OpenVAS-Docker) be similarly updated to 21.4.4?

Thank you!

@austinsonger
Copy link
Contributor

Documentation will be updated in next release and OpenVAS repo is being worked on.

@markdesilva
Copy link

Documentation will be updated in next release and OpenVAS repo is being worked on.

Thank you!

@sephirothac
Copy link
Author

sephirothac commented Nov 23, 2021
edited
Loading

See #299, #300 and #302

Have you pulled the latest 21.4.4-v1? Its supposed to address this.

Hello,

Thank you for your feedback, I have to with version 21.4.3-v1 since it is 3 months old

securecompliance/gvm latest ed6308f4227f 3 months ago 486MB

Labels": {
"org.opencontainers.image.created": "2021-08-08T20:27:54.303Z",
"org.opencontainers.image.description": "Greenbone Vulnerability Management Docker Image with OpenVAS",
"org.opencontainers.image.licenses": "MIT",
"org.opencontainers.image.revision": "45166f1b9bc1c5314303b99ee1a94bb7552bc153",
"org.opencontainers.image.source": "https://github.com/Secure-Compliance-Solutions-LLC/GVM-Docker",
"org.opencontainers.image.title": "GVM-Docker",
"org.opencontainers.image.url": "https://github.com/Secure-Compliance-Solutions-LLC/GVM-Docker",
"org.opencontainers.image.version": "21.4.3-v1"

@markdesilva markdesilva mentioned this issue Nov 24, 2021
Closed
@netbix
Copy link
Contributor

netbix commented Nov 26, 2021

It's already pushed to Docker Hub.

docker pull securecompliance/gvm:debian-master-data-full
docker pull securecompliance/gvm:debian-master-data
docker pull securecompliance/gvm:debian-master-full
docker pull securecompliance/gvm:debian-master

but what are the differences between the images?

@austinsonger
Copy link
Contributor

@netbix #262

Please read this pull request.

@markdesilva
Copy link

Do we still need the mounted volumes ./storage/* or gvm when using the debian-master pull?

@antonisnyc94
Copy link

@austinsonger Would it be easy to tag the dockerhub image with it's version number so that production systems wont break in case you update the master again?

thanks,
Tony

@markdesilva markdesilva mentioned this issue Dec 20, 2021
Closed
@meetgyn
Copy link

meetgyn commented Dec 20, 2021

Which one do I tide download? Can the old Docker image delete it?

@markdesilva
Copy link

Which one do I tide download? Can the old Docker image delete it?

I can't get my old databases to work with these latest debian versions, so it becomes a clean install for me.

From the main page of this github repo for gvm-docker, under "Quick Start":

Now all -data images are full pre-initialized (with available data from the build time)
Pre Initialized (-data) images, have a web ui password: adminpassword and should be changed after the deployment. Also the Postgres got a default password: none

If you don't want to spend a lot of time downloading from scratch all the necessary data, get the "gvm:debian-master-data-full" just remember the initial setup password is "adminpassword" and you should change it once you log into the system. From what I understand you can't use the environment argument "PASSWORD=xxxxxx" to set the password on startup, but you can use the environment argument "DB_PASSWORD=yyyyyyy" to set the postgres db password (initial password is empty).

Cheers!

@ciscoqid
Copy link
Contributor

It is possible to migrate, but it is somewhat of a pain. You have to dump the database, then edit the dump file a bit since the newer image is running an older PostgreSQL version (LOCALE -> LC_COLLATE in the create database statement). Then you have to start the new container, get into a shell, stop the various services and load the database. I ran into various problems along the way, but ultimately was able to retain the original database contents moving from latest to debian-master.

@markdesilva
Copy link

It is possible to migrate, but it is somewhat of a pain. You have to dump the database, then edit the dump file a bit since the newer image is running an older PostgreSQL version (LOCALE -> LC_COLLATE in the create database statement). Then you have to start the new container, get into a shell, stop the various services and load the database.

Ah, so you just needed to sed -i 's/LOCALE/LC_COLLATE/g' dump_file and import it. I was trying to import directly. Still don't get why they went back to an older version of postgres.

Which services did you stop and how exactly did you stop the services? I tried to stop gvmd and it kept respawning.

I ran into various problems along the way

What other problems? I'm trying to script a restore for previous versions of the db right into the image using environment variables, any suggestions would be welcome!

Thanks!

@neverov1987
Copy link

It is possible to migrate, but it is somewhat of a pain. You have to dump the database, then edit the dump file a bit since the newer image is running an older PostgreSQL version (LOCALE -> LC_COLLATE in the create database statement). Then you have to start the new container, get into a shell, stop the various services and load the database.

Ah, so you just needed to sed -i 's/LOCALE/LC_COLLATE/g' dump_file and import it. I was trying to import directly. Still don't get why they went back to an older version of postgres.

Which services did you stop and how exactly did you stop the services? I tried to stop gvmd and it kept respawning.

I ran into various problems along the way

What other problems? I'm trying to script a restore for previous versions of the db right into the image using environment variables, any suggestions would be welcome!

Thanks!

Hi. After downgrade from PG 13 (21.4.3-v1-data-full) to PG 11(debian-master-data-full), I change patch for scanner. I get Interrupted at 0 % all time.
Work for me:
gvmd --get-scanners (get uid)
ps aux | grep ospd.sock (get path)
gvmd --modify-scanner=<OpenVAS scaner uid> --scanner-host=<ospd.sock full path>

@meetgyn
Copy link

meetgyn commented Dec 22, 2021

Can anyone help me install the new zero docker?
Do I need the old one made in Alpine first?
I do not understand how to solve this issue.

@neverov1987
Copy link

Can anyone help me install the new zero docker? Do I need the old one made in Alpine first? I do not understand how to solve this issue.

https://github.com/Secure-Compliance-Solutions-LLC/gitbook

@markdesilva
Copy link

markdesilva commented Dec 22, 2021
edited
Loading

Can anyone help me install the new zero docker? Do I need the old one made in Alpine first? I do not understand how to solve this issue.

If you can live without your old reports and start clean from scratch (create all the targets, scans, etc again) then delete your current docker image and pul and start the new one:

docker run --detach --publish 8080:9392 --publish 5432:5432 --publish 2222:22 --volume ./storage/postgres-db:/opt/database --volume ./storage/openvas-plugins:/var/lib/openvas/plugins --volume ./storage/gvm:/var/lib/gvm --volume ./storage/ssh:/etc/ssh --name gvm securecompliance/gvm:debian-master-data-full

And then go to your site port 8080 and log in as administrator with password 'adminpassword'. Remember to change your password after you log in.

@meetgyn
Copy link

meetgyn commented Dec 22, 2021

Can anyone help me install the new zero docker? Do I need the old one made in Alpine first? I do not understand how to solve this issue.

If you can live without your old reports and start clean from scratch (create all the targets, scans, etc again) then delete your current docker image and pul and start the new one:

docker run --detach --publish 8080:9392 --publish 5432:5432 --publish 2222:22 --volume ./storage/postgres-db:/opt/database --volume ./storage/openvas-plugins:/var/lib/openvas/plugins --volume ./storage/gvm:/var/lib/gvm --volume ./storage/ssh:/etc/ssh --name gvm securecompliance/gvm:debian-master-data-full

And then go to your site port 8080 and log in as administrator with password 'adminpassword'. Remember to change your password after you log in.

image

@Dexus
Copy link
Contributor

Dexus commented Dec 22, 2021 via email

@markdesilva
Copy link

English might not be his strong suite.

@meetgyn instead of using "./storage...." try using an absolute path, such as "/home/<myusername>/storage..." just make sure docker can read and write to the path. Safest bet is to put it all in /var/lib/docker/volumes/gvm/storage, so

docker run --detach --publish 8080:9392 --publish 5432:5432 --publish 2222:22 --volume /var/lib/docker/volumes/gvm/storage/postgres-db:/opt/database --volume /var/lib/docker/volumes/gvm/storage/openvas-plugins:/var/lib/openvas/plugins --volume /var/lib/docker/volumes/gvm/storage/gvm:/var/lib/gvm --volume /var/lib/docker/volumes/gvm/storage/ssh:/etc/ssh --name gvm securecompliance/gvm:debian-master-data-full

Hope that helps.

@meetgyn
Copy link

meetgyn commented Dec 22, 2021
edited
Loading

Thanks for your help. I really am horrible in English, and I apologize for it.

@markdesilva
Copy link

Thanks for your help. I really am horrible in English, and I apologize for it.

No apologies necessary, we help each other when we can. Hope you got it running.

Cheers!

@Dexus
Copy link
Contributor

Dexus commented Mar 14, 2022

You can now use the https://hub.docker.com/r/deineagenturug/gvm images, which are using the latest gvmd and components releases.

It use POSTGRESQL 13.

What are meaning the tags:

docker pull deineagenturug/gvm:latest               # is an not initialized basic image, that first start its initialization on the first start (short: no db & no PDF report support)
docker pull deineagenturug/gvm:latest-full          # is an not initialized basic image, that first start its initialization on the first start (short: no db, PDF report is support)
docker pull deineagenturug/gvm:latest-data          # is an initialized basic image, that can run directly without extra VOLUMES added (short: included db, but no PDF report support)
docker pull deineagenturug/gvm:latest-data-full     # is an initialized basic image, that can run directly without extra VOLUMES added (short: included db & PDF report is support)

It can be used as direct replacement for the here provided image, with the same arguments on docker run.

@meetgyn
Copy link

meetgyn commented Mar 23, 2022

I am trying to reinstall Greenbone, I managed with the command: Docker Run --Detach --Publish 8080: 9392 --publish 5432: 5432 --Publish 2222: 22 --Volume / VAR / LIB / Docker / Volumes / GVM / Storage / Postgres-DB: / opt / database --volume / var / lib / docker / volumes / gvm / storage / openvas-plugins: / var / lib / openvas / plugins - vector GVM / Storage / GVM: / var / lib / gvm --volume / var / lib / docker / volumes / gvm / storage / ssh: / etc / ssh - Name GVM SecureCompliance / GVM: Debian-Master-Data-Full

Now I'm getting the following message:
image
image

@Dexus
Copy link
Contributor

Dexus commented Mar 24, 2022
edited
Loading

@meetgyn if you read here, you know whats wrong.

by the way: with usage of volumes, you don't get the benefits of the -data(-full) images. so you can use the latestor latest-full with volumes.

@markdesilva
Copy link

@meetgyn think you’re using the wrong image.

Use deineagenturug/gvm:latest-data-full

not secure compliance/gvm

@Dexus
Copy link
Contributor

Dexus commented Mar 24, 2022

For further support, use https://github.com/DeineAgenturUG/greenbone-gvm-openvas-for-docker

@Zero-Yu-Jie
Copy link

Why the docker image I pull on June 20 is still openvas-scanner version:21.4.2

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@Dexus Dexus

@pixelsquared pixelsquared

Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests