greenbone / gvm-tools

Remote control your Greenbone Community Edition or Greenbone Enterprise Appliance
https://greenbone.github.io/gvm-tools/
GNU General Public License v3.0
166 stars 89 forks source link

follow-up issue "Fix: Fix scan config creation from CERT-Bunds." #1129

Open Brom2023 opened 2 months ago

Brom2023 commented 2 months ago

Expected behavior

using script cfg-gen.gmp.py results in generating a configuration with all nvts selected for cve's within a specific cert-advisory.

Current behavior

A new configuration is created. The two basic port-NVT's(oid=1.3.6.1.4.1.25623.1.0.14259 & 1.3.6.1.4.1.25623.1.0.100315) needed by each scan configuration are set. Any other modification either fails silently or with an error the last commit tried to fix.

Creating scan config for WID-SEC-2024-1071
gvmerr=<GvmResponseError status="400" message="Attempt to modify NVT in whole-only family SuSE Local Security Checks">
gvmerr=<GvmResponseError status="400" message="Attempt to modify NVT in whole-only family Mageia Linux Local Security Checks">
gvmerr=<GvmResponseError status="400" message="Attempt to modify NVT in whole-only family Ubuntu Local Security Checks">

Steps to reproduce

  1. downloading https://github.com/greenbone/gvm-tools/blob/main/scripts/cfg-gen-for-certs.gmp.py

2.Creating scan config for WID-SEC-2024-1071 e.g. gvm-script --timeout -1 ssh ./cfg-gen.gmp.py WID-SEC-2024-1071

GVM versions

gvm-tools: gvm-cli 24.7.0 (API version 24.7.0) on GEA and on client

Environment

Operating system: GEA 650 Version 22.04.22

Logfiles

Aug 02 14:48:53 GSMSMPB sshd[3347]: pam_unix(sshd:session): session opened for user gmp(uid=108) by (uid=0)
Aug 02 14:48:56 GSMSMPB gvmd[3356]: Scan config scanconfig_for_WID-SEC-2024-1071 (a8a665ba-e834-4f3c-8673-034d41896a63) has been created by <user>
Aug 02 14:48:56 GSMSMPB gvmd[3356]: Scan config scanconfig_for_WID-SEC-2024-1071 (a8a665ba-e834-4f3c-8673-034d41896a63) could not be modified by <user>
Aug 02 14:48:56 GSMSMPB gvmd[3356]: Scan config scanconfig_for_WID-SEC-2024-1071 (a8a665ba-e834-4f3c-8673-034d41896a63) could not be modified by <user>
Aug 02 14:48:56 GSMSMPB gvmd[3356]: Scan config scanconfig_for_WID-SEC-2024-1071 (a8a665ba-e834-4f3c-8673-034d41896a63) could not be modified by <user>
Aug 02 14:48:56 GSMSMPB gvmd[3356]: Scan Config scanconfig_for_WID-SEC-2024-1071 (a8a665ba-e834-4f3c-8673-034d41896a63) has been modified by <user>
Aug 02 14:48:56 GSMSMPB sshd[3347]: pam_unix(sshd:session): session closed for user gmp