search

Secure-Compliance-Solutions-LLC / GVM-Docker

Greenbone Vulnerability Management Docker Image with OpenVAS
https://securecompliance.gitbook.io/projects/
MIT License
249 stars 91 forks source link

[Bug] Report outdated / end-of-life Scan Engine / Environment (local) #312

Open sephirothac opened 3 years ago

sephirothac commented 3 years ago

Describe the bug Good evening, all scans on any host always return the same warning message. Report outdated / end-of-life Scan Engine / Environment (local)

Summary

This script checks and reports an outdated or end-of-life scan engine for the following environments: - Greenbone Source Edition (GSE) - Greenbone Security Manager TRIAL (formerly Greenbone Community Edition (GCE)) used for this scan. NOTE: While this is not, in and of itself, a security vulnerability, a severity is reported to make you aware of a possible decreased scan coverage or missing detection of vulnerabilities on the target due to e.g.: - missing functionalities - missing bugfixes - incompatibilities within the feed

Detection Result

Version of installed component:           21.4.2 (Installed component: openvas-libraries on OpenVAS <= 9, openvas-scanner on GVM >= 10)
Latest available openvas-scanner version: 21.4.3
Reference URL(s) for the latest available version: https://community.greenbone.net/t/gvm-21-04-stable-initial-release-2021-04-16/8942

Detection Method

Details: Report outdated / end-of-life Scan Engine / Environment (local) OID: 1.3.6.1.4.1.25623.1.0.108560
Version used: 2021-11-17T00:00:37Z

Solution

Solution Type:
Vendorfix
Update to the latest available stable release for your scan environment. Please check the references for more information. If you're using packages provided by your Linux distribution please contact the maintainer of the used distribution / repository and request updated packages.

If you want to accept the risk of a possible decreased scan coverage or missing detection of vulnerabilities on the target you can set a global override for this script as described in the linked GSM manual.

Screenshots

Host Device: VERSION="2021.3" VERSION_ID="2021.3" VERSION_CODENAME="kali-rolling" ID_LIKE=debian

docker image inspect

version: "3" services: gvm: image: securecompliance/gvm volumes:

markdesilva commented 3 years ago

See #299, #300 and #302

Have you pulled the latest 21.4.4-v1? Its supposed to address this.

austinsonger commented 3 years ago

It's already pushed to Docker Hub.

docker pull securecompliance/gvm:debian-master-data-full
docker pull securecompliance/gvm:debian-master-data
docker pull securecompliance/gvm:debian-master-full
docker pull securecompliance/gvm:debian-master
markdesilva commented 3 years ago

Thank you @austinsonger.

So its back to debian and not alpine anymore?

I'm also looking at the documentation at https://securecompliance.gitbook.io/projects/ but I can't find reference to what "master", "data" and "full" are or have I missed it in the docs?

Will the scanners (https://github.com/Secure-Compliance-Solutions-LLC/OpenVAS-Docker) be similarly updated to 21.4.4?

Thank you!

austinsonger commented 3 years ago

Documentation will be updated in next release and OpenVAS repo is being worked on.

markdesilva commented 3 years ago

Documentation will be updated in next release and OpenVAS repo is being worked on.

Thank you!

sephirothac commented 3 years ago

See #299, #300 and #302

Have you pulled the latest 21.4.4-v1? Its supposed to address this.

Hello,

Thank you for your feedback, I have to with version 21.4.3-v1 since it is 3 months old

securecompliance/gvm latest ed6308f4227f 3 months ago 486MB

Labels": { "org.opencontainers.image.created": "2021-08-08T20:27:54.303Z", "org.opencontainers.image.description": "Greenbone Vulnerability Management Docker Image with OpenVAS", "org.opencontainers.image.licenses": "MIT", "org.opencontainers.image.revision": "45166f1b9bc1c5314303b99ee1a94bb7552bc153", "org.opencontainers.image.source": "https://github.com/Secure-Compliance-Solutions-LLC/GVM-Docker", "org.opencontainers.image.title": "GVM-Docker", "org.opencontainers.image.url": "https://github.com/Secure-Compliance-Solutions-LLC/GVM-Docker", "org.opencontainers.image.version": "21.4.3-v1"

netbix commented 2 years ago

It's already pushed to Docker Hub.

docker pull securecompliance/gvm:debian-master-data-full
docker pull securecompliance/gvm:debian-master-data
docker pull securecompliance/gvm:debian-master-full
docker pull securecompliance/gvm:debian-master

but what are the differences between the images?

austinsonger commented 2 years ago

@netbix https://github.com/Secure-Compliance-Solutions-LLC/GVM-Docker/pull/262

Please read this pull request.

markdesilva commented 2 years ago

Do we still need the mounted volumes ./storage/* or gvm when using the debian-master pull?

antonisnyc94 commented 2 years ago

@austinsonger Would it be easy to tag the dockerhub image with it's version number so that production systems wont break in case you update the master again?

thanks, Tony

meetgyn commented 2 years ago

Which one do I tide download? Can the old Docker image delete it?

markdesilva commented 2 years ago

Which one do I tide download? Can the old Docker image delete it?

I can't get my old databases to work with these latest debian versions, so it becomes a clean install for me.

From the main page of this github repo for gvm-docker, under "Quick Start":

Now all -data images are full pre-initialized (with available data from the build time)
Pre Initialized (-data) images, have a web ui password: adminpassword and should be changed after the deployment. Also the Postgres got a default password: none

If you don't want to spend a lot of time downloading from scratch all the necessary data, get the "gvm:debian-master-data-full" just remember the initial setup password is "adminpassword" and you should change it once you log into the system. From what I understand you can't use the environment argument "PASSWORD=xxxxxx" to set the password on startup, but you can use the environment argument "DB_PASSWORD=yyyyyyy" to set the postgres db password (initial password is empty).

Cheers!

ciscoqid commented 2 years ago

It is possible to migrate, but it is somewhat of a pain. You have to dump the database, then edit the dump file a bit since the newer image is running an older PostgreSQL version (LOCALE -> LC_COLLATE in the create database statement). Then you have to start the new container, get into a shell, stop the various services and load the database. I ran into various problems along the way, but ultimately was able to retain the original database contents moving from latest to debian-master.

markdesilva commented 2 years ago

It is possible to migrate, but it is somewhat of a pain. You have to dump the database, then edit the dump file a bit since the newer image is running an older PostgreSQL version (LOCALE -> LC_COLLATE in the create database statement). Then you have to start the new container, get into a shell, stop the various services and load the database.

Ah, so you just needed to sed -i 's/LOCALE/LC_COLLATE/g' dump_file and import it. I was trying to import directly. Still don't get why they went back to an older version of postgres.

Which services did you stop and how exactly did you stop the services? I tried to stop gvmd and it kept respawning.

I ran into various problems along the way

What other problems? I'm trying to script a restore for previous versions of the db right into the image using environment variables, any suggestions would be welcome!

Thanks!

neverov1987 commented 2 years ago

It is possible to migrate, but it is somewhat of a pain. You have to dump the database, then edit the dump file a bit since the newer image is running an older PostgreSQL version (LOCALE -> LC_COLLATE in the create database statement). Then you have to start the new container, get into a shell, stop the various services and load the database.

Ah, so you just needed to sed -i 's/LOCALE/LC_COLLATE/g' dump_file and import it. I was trying to import directly. Still don't get why they went back to an older version of postgres.

Which services did you stop and how exactly did you stop the services? I tried to stop gvmd and it kept respawning.

I ran into various problems along the way

What other problems? I'm trying to script a restore for previous versions of the db right into the image using environment variables, any suggestions would be welcome!

Thanks!

Hi. After downgrade from PG 13 (21.4.3-v1-data-full) to PG 11(debian-master-data-full), I change patch for scanner. I get Interrupted at 0 % all time. Work for me: gvmd --get-scanners (get uid) ps aux | grep ospd.sock (get path) gvmd --modify-scanner=<OpenVAS scaner uid> --scanner-host=<ospd.sock full path>

meetgyn commented 2 years ago

Can anyone help me install the new zero docker? Do I need the old one made in Alpine first? I do not understand how to solve this issue.

neverov1987 commented 2 years ago

Can anyone help me install the new zero docker? Do I need the old one made in Alpine first? I do not understand how to solve this issue.

https://github.com/Secure-Compliance-Solutions-LLC/gitbook

markdesilva commented 2 years ago

Can anyone help me install the new zero docker? Do I need the old one made in Alpine first? I do not understand how to solve this issue.

If you can live without your old reports and start clean from scratch (create all the targets, scans, etc again) then delete your current docker image and pul and start the new one:

docker run --detach --publish 8080:9392 --publish 5432:5432 --publish 2222:22 --volume ./storage/postgres-db:/opt/database --volume ./storage/openvas-plugins:/var/lib/openvas/plugins --volume ./storage/gvm:/var/lib/gvm --volume ./storage/ssh:/etc/ssh --name gvm securecompliance/gvm:debian-master-data-full

And then go to your site port 8080 and log in as administrator with password 'adminpassword'. Remember to change your password after you log in.

meetgyn commented 2 years ago

Can anyone help me install the new zero docker? Do I need the old one made in Alpine first? I do not understand how to solve this issue.

If you can live without your old reports and start clean from scratch (create all the targets, scans, etc again) then delete your current docker image and pul and start the new one:

docker run --detach --publish 8080:9392 --publish 5432:5432 --publish 2222:22 --volume ./storage/postgres-db:/opt/database --volume ./storage/openvas-plugins:/var/lib/openvas/plugins --volume ./storage/gvm:/var/lib/gvm --volume ./storage/ssh:/etc/ssh --name gvm securecompliance/gvm:debian-master-data-full

And then go to your site port 8080 and log in as administrator with password 'adminpassword'. Remember to change your password after you log in.

image

Dexus commented 2 years ago

If you can read, you can fix it your self!

Absolute path not relative path!

Von meinem iPhone gesendet

Am 22.12.2021 um 15:27 schrieb Fantasmagyn @.***>:

 Can anyone help me install the new zero docker? Do I need the old one made in Alpine first? I do not understand how to solve this issue.

If you can live without your old reports and start clean from scratch (create all the targets, scans, etc again) then delete your current docker image and pul and start the new one:

docker run --detach --publish 8080:9392 --publish 5432:5432 --publish 2222:22 --volume ./storage/postgres-db:/opt/database --volume ./storage/openvas-plugins:/var/lib/openvas/plugins --volume ./storage/gvm:/var/lib/gvm --volume ./storage/ssh:/etc/ssh --name gvm securecompliance/gvm:debian-master-data-full

And then go to your site port 8080 and log in as administrator with password 'adminpassword'. Remember to change your password after you log in.

— Reply to this email directly, view it on GitHub, or unsubscribe. You are receiving this because you were assigned.

markdesilva commented 2 years ago

English might not be his strong suite.

@meetgyn instead of using "./storage...."try using an absolute path, such as "/home/<myusername>/storage..." just make sure docker can read and write to the path. Safest bet is to put it all in /var/lib/docker/volumes/gvm/storage, so

docker run --detach --publish 8080:9392 --publish 5432:5432 --publish 2222:22 --volume /var/lib/docker/volumes/gvm/storage/postgres-db:/opt/database --volume /var/lib/docker/volumes/gvm/storage/openvas-plugins:/var/lib/openvas/plugins --volume /var/lib/docker/volumes/gvm/storage/gvm:/var/lib/gvm --volume /var/lib/docker/volumes/gvm/storage/ssh:/etc/ssh --name gvm securecompliance/gvm:debian-master-data-full

Hope that helps.

meetgyn commented 2 years ago

Thanks for your help. I really am horrible in English, and I apologize for it.

markdesilva commented 2 years ago

Thanks for your help. I really am horrible in English, and I apologize for it.

No apologies necessary, we help each other when we can. Hope you got it running.

Cheers!

Dexus commented 2 years ago

You can now use the https://hub.docker.com/r/deineagenturug/gvm images, which are using the latest gvmd and components releases.

It use POSTGRESQL 13.

What are meaning the tags:

docker pull deineagenturug/gvm:latest               # is an not initialized basic image, that first start its initialization on the first start (short: no db & no PDF report support)
docker pull deineagenturug/gvm:latest-full          # is an not initialized basic image, that first start its initialization on the first start (short: no db, PDF report is support)
docker pull deineagenturug/gvm:latest-data          # is an initialized basic image, that can run directly without extra VOLUMES added (short: included db, but no PDF report support)
docker pull deineagenturug/gvm:latest-data-full     # is an initialized basic image, that can run directly without extra VOLUMES added (short: included db & PDF report is support)

It can be used as direct replacement for the here provided image, with the same arguments on docker run.

meetgyn commented 2 years ago

I am trying to reinstall Greenbone, I managed with the command: Docker Run --Detach --Publish 8080: 9392 --publish 5432: 5432 --Publish 2222: 22 --Volume / VAR / LIB / Docker / Volumes / GVM / Storage / Postgres-DB: / opt / database --volume / var / lib / docker / volumes / gvm / storage / openvas-plugins: / var / lib / openvas / plugins - vector GVM / Storage / GVM: / var / lib / gvm --volume / var / lib / docker / volumes / gvm / storage / ssh: / etc / ssh - Name GVM SecureCompliance / GVM: Debian-Master-Data-Full

Now I'm getting the following message:
image image

Dexus commented 2 years ago

@meetgyn if you read here, you know whats wrong.

by the way: with usage of volumes, you don't get the benefits of the -data(-full) images. so you can use the latestor latest-full with volumes.

markdesilva commented 2 years ago

@meetgyn think you’re using the wrong image.

Use deineagenturug/gvm:latest-data-full

not secure compliance/gvm

Dexus commented 2 years ago

For further support, use https://github.com/DeineAgenturUG/greenbone-gvm-openvas-for-docker

Zero-Yu-Jie commented 2 years ago

Why the docker image I pull on June 20 is still openvas-scanner version:21.4.2