search

greenbone / gvmd

Greenbone Vulnerability Manager - The database backend for the Greenbone Community Edition
GNU Affero General Public License v3.0
290 stars 157 forks source link

Export PDF - broken #467

Closed dgiorgio closed 3 years ago

dgiorgio commented 5 years ago

Expected behavior

PDF Export

Actual behavior

does not show the result.

Scan: image

Broken PDF, error in the summary?

This document reports on the results of an automatic security scan. All dates are displayed using the timezone America/SaoP aulo00, whichisabbreviated“ − 0300.T hetaskwas“Scan − Samaritano −
AllV alids00.T hescanstartedatMonF eb2521 : 20 : 052019 − 03andendedatMonF eb2522 : 00 : 202019 −
03.T hereportf irstsummarisestheresultsfound.T hen, foreachhost, thereportdescribeseveryissuefound.P leaseconsidertheadvicegivenineachdescription, inordertorectif ytheissue.

image

image

Texlive Installed: image

Steps to reproduce

  1. export to PDF

GVM versions

gsa: (gsad --version)

# gsad --version
Greenbone Security Assistant 9.0+alpha~git-4d71cc189-master
GIT revision 4d71cc189-master

gvm: (gvmd --version)

# gvmd --version
Greenbone Vulnerability Manager 9.0+alpha~git-b6d078e6-master
GIT revision b6d078e6-master
Manager DB revision 206

openvas-scanner: (openvassd --version)

# openvassd --version
OpenVAS Scanner 6.0+beta3
GIT revision 3e87367-master

gvm-libs: git - checkout: 61ae9c01880fe120ad6f49c73c588a6c3927858f

Environment

Operating system:

# cat /etc/debian_version
9.7

https://cloud.docker.com/u/dgiorgio/repository/docker/dgiorgio/openvas-source tag: master-2.4.3

Installation method / source: (packages, source installation)

Logfiles

No logs.

cfi-gb commented 5 years ago

@dgiorgio Most likely some fonts are just missing, please try to install the texlive-fonts-extra package.

As a side note the GSA isn't responsible for creating the PDF, this is done by the openvasmd/gmvd. As discussed with @bjoernricks we should consider to move this to the https://github.com/greenbone/gvmd/issues repo if installing the mentioned package doesn't help.

As an additional side-note please be aware the github master branches are development versions not officially released and where all the development is happening. Such versions might show unexpected behavior or could even break/be in a temporary unusable state at any time.

For productive use it is strongly suggested to stay with the official announced source code releases announced at the Community Portal

Edit

On my GVM-9 setup the following packages are installed which seems to match the ones used by the OP. So it seems this indeed should be moved to the gvmd issue tracker.

ii  texlive-base                    2016.20170123-5                   all          TeX Live: Essential programs and files
ii  texlive-binaries                2016.20160513.41080.dfsg-2+deb9u1 amd64        Binaries for TeX Live
ii  texlive-fonts-recommended       2016.20170123-5                   all          TeX Live: Recommended fonts
ii  texlive-latex-base              2016.20170123-5                   all          TeX Live: LaTeX fundamental packages
ii  texlive-latex-extra             2016.20170123-5                   all          TeX Live: LaTeX additional packages
ii  texlive-latex-recommended       2016.20170123-5                   all          TeX Live: LaTeX recommended packages
ii  texlive-pictures                2016.20170123-5                   all          TeX Live: Graphics, pictures, diagrams
dgiorgio commented 5 years ago

Same problem How can I help with this problem?

# dpkg -l | grep texlive
ii  texlive-base                     2016.20170123-5                   all          TeX Live: Essential programs and files
ii  texlive-binaries                 2016.20160513.41080.dfsg-2+deb9u1 amd64        Binaries for TeX Live
ii  texlive-extra-utils              2016.20170123-5                   all          TeX Live: TeX auxiliary programs
ii  texlive-font-utils               2016.20170123-5                   all          TeX Live: Graphics and font utilities
rc  texlive-fonts-extra              2016.20170123-5                   all          TeX Live: Additional fonts
ii  texlive-fonts-recommended        2016.20170123-5                   all          TeX Live: Recommended fonts
ii  texlive-fonts-recommended-doc    2016.20170123-5                   all          TeX Live: Documentation files for texlive-fonts-recommended
ii  texlive-generic-extra            2016.20170123-5                   all          TeX Live: Generic additional packages
ii  texlive-generic-recommended      2016.20170123-5                   all          TeX Live: Generic recommended packages
ii  texlive-latex-base               2016.20170123-5                   all          TeX Live: LaTeX fundamental packages
ii  texlive-latex-base-doc           2016.20170123-5                   all          TeX Live: Documentation files for texlive-latex-base
ii  texlive-latex-extra              2016.20170123-5                   all          TeX Live: LaTeX additional packages
ii  texlive-latex-extra-doc          2016.20170123-5                   all          TeX Live: Documentation files for texlive-latex-extra
ii  texlive-latex-recommended        2016.20170123-5                   all          TeX Live: LaTeX recommended packages
ii  texlive-latex-recommended-doc    2016.20170123-5                   all          TeX Live: Documentation files for texlive-latex-recommended
ii  texlive-pictures                 2016.20170123-5                   all          TeX Live: Graphics, pictures, diagrams
ii  texlive-pictures-doc             2016.20170123-5                   all          TeX Live: Documentation files for texlive-pictures
ii  texlive-pstricks                 2016.20170123-5                   all          TeX Live: PSTricks
ii  texlive-pstricks-doc             2016.20170123-5                   all          TeX Live: Documentation files for texlive-pstricks

I'll try with the release version.

dgiorgio commented 5 years ago

Same problem image

3 pages image

I tested it on 2 scans. 1 - in the target, I added IP, and did not resolve DNS. image image

2 - in the target, I added IP, but in the scan resolved DNS. image image

SCAN1, I can generate the PDF. SCAN2 gives this error.

when I put it to generate the PDF, SCAN1 takes time to create PDF, SCAN2 generates instantly.

SCAN1 - OK image

GVM versions

gsa: (gsad --version)

# gsad --version
Greenbone Security Assistant 8.0+beta3~git-e9b5480cf-HEAD
GIT revision e9b5480cf-HEAD

gvm: (gvmd --version)

# gvmd --version
Greenbone Vulnerability Manager 8.0+beta4
GIT revision 808ef887-HEAD
Manager DB revision 205

openvas-scanner: (openvassd --version)

# openvassd --version
OpenVAS Scanner 6.0+beta3
GIT revision 6a42e2f-HEAD

gvm-libs: git - checkout: 5370a7d60e2adc4d65f94ad00e6cf4b572e3aa23

Environment

Operating system:

FROM debian:stretch-20190204
# cat /etc/debian_version
9.7

https://cloud.docker.com/u/dgiorgio/repository/docker/dgiorgio/openvas-source tag: master-2.5.0

# dpkg -l | grep texlive
ii  texlive-base                     2016.20170123-5                   all          TeX Live: Essential programs and files
ii  texlive-binaries                 2016.20160513.41080.dfsg-2+deb9u1 amd64        Binaries for TeX Live
ii  texlive-fonts-extra              2016.20170123-5                   all          TeX Live: Additional fonts
ii  texlive-fonts-extra-doc          2016.20170123-5                   all          TeX Live: Documentation files for texlive-fonts-extra
ii  texlive-fonts-recommended        2016.20170123-5                   all          TeX Live: Recommended fonts
ii  texlive-latex-base               2016.20170123-5                   all          TeX Live: LaTeX fundamental packages
ii  texlive-latex-extra              2016.20170123-5                   all          TeX Live: LaTeX additional packages
ii  texlive-latex-recommended        2016.20170123-5                   all          TeX Live: LaTeX recommended packages
ii  texlive-pictures                 2016.20170123-5                   all          TeX Live: Graphics, pictures, diagrams
bjoernricks commented 5 years ago

I've moved this issue from gsa to gvmd because report formats are provided by gvmd.

rmaxwell72 commented 4 years ago

This is still an issue, has there been an workaround or fix to this?

greatquux commented 4 years ago

Also an issue with 9.0.0. root@openvas:/# gvmd --version Greenbone Vulnerability Manager 9.0.0 Manager DB revision 221

root@openvas:/etc/redis# dpkg -l | grep texlive ii texlive-base 2017.20180305-1 all TeX Live: Essential programs and files ii texlive-binaries 2017.20170613.44572-8ubuntu0.1 amd64 Binaries for TeX Live ii texlive-fonts-extra 2017.20180305-2 all TeX Live: Additional fonts ii texlive-fonts-extra-links 2017.20180305-2 all TeX Live: ii texlive-fonts-recommended 2017.20180305-1 all TeX Live: Recommended fonts ii texlive-latex-base 2017.20180305-1 all TeX Live: LaTeX fundamental packages ii texlive-latex-extra 2017.20180305-2 all TeX Live: LaTeX additional packages ii texlive-latex-recommended 2017.20180305-1 all TeX Live: LaTeX recommended packages ii texlive-pictures 2017.20180305-1 all TeX Live: Graphics, pictures, diagrams

image

bjoernricks commented 4 years ago

There is already a newer release 9.0.1. Maybe this is fixed in the release.

greatquux commented 4 years ago

I wound up compiling everything in gvm-11.0.1 (it would be nice to sync the version numbers of the components) and it does actually export the results now, though the Summary is still broken as above.
Also, PDF export is kinda fragile... at first I got 0-byte PDF files despite having all fonts and scripts installed. I had to to turn debugging mode on at level=128 just to see that the generate script couldn't overwrite a file /tmp/err.log because it was owned by nobody, once I removed it, PDF export worked. Why can't we just have everything run as root again? :) Any ideas on how to go about troubleshooting the Summary issue above?

bjoernricks commented 4 years ago

it would be nice to sync the version numbers of the components)

Of course. GVM 11 is the last version with this numbering scheme. The next version will use calendar versioning. This is already in place in all master branches of our components.

acosonic commented 4 years ago

For me, the problem resolved after installing missing fonts and imagemagick inside docker container running Ubuntu, which had gsa installed...

apt install imagemagick texlive-fonts-recommended

Schadrac96 commented 4 years ago

Hello dear computer scientists, I congratulate you very much on this subject. As I read what you did, I thought to myself that you can help me. I just want to know if there is a possibility to automatically export the report of vulnerabilities detected by GVM? I am working on an automatic vulnerability correction solution with GVM and ANSIBLE.

cfi-gb commented 4 years ago

@Schadrac96 Please note that this issue tracker is used for reporting and tracking bugs in GVM and shouldn't be used to ask random usage questions (especially not in open issues completely unrelated to the asked question).

If you have questions on the usage of GVM or one of its components please raise your question at https://community.greenbone.net/

Thanks.

bmomartins commented 3 years ago

For me, the problem resolved after installing missing fonts and imagemagick inside docker container running Ubuntu, which had gsa installed...

apt install imagemagick texlive-fonts-recommended

Worked for me, thanks!

nigerninja commented 2 years ago

Cross posting from CVE report has no host result greenbone/gvmd#1894 as it seems the issued is not truly resolved.

Please any help resolving this? Dependencies / packages from greenbone/gvmd#467 are installed as well and other formats export properly, thanks.

gsad --version
Greenbone Security Assistant 21.4.4

gvmd --version
Greenbone Vulnerability Manager 21.4.5
Manager DB revision 242
Copyright (C) 2009-2021 Greenbone Networks GmbH
License: AGPL-3.0-or-later
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

cat /etc/debian_version
kali-rolling

cat /etc/*-release
PRETTY_NAME="Kali GNU/Linux Rolling"
NAME="Kali GNU/Linux"
ID=kali
VERSION="2022.1"
VERSION_ID="2022.1"
VERSION_CODENAME="kali-rolling"
ID_LIKE=debian
ANSI_COLOR="1;31"
HOME_URL="https://www.kali.org/"
SUPPORT_URL="https://forums.kali.org/"
BUG_REPORT_URL="https://bugs.kali.org/"

dpkg -l | grep texlive
ii  texlive-base                                     2021.20220204-1                      all          TeX Live: Essential programs and files
ii  texlive-bibtex-extra                             2021.20220204-1                      all          TeX Live: BibTeX additional styles
ii  texlive-binaries                                 2021.20210626.59705-1                amd64        Binaries for TeX Live
ii  texlive-extra-utils                              2021.20220204-1                      all          TeX Live: TeX auxiliary programs
ii  texlive-font-utils                               2021.20220204-1                      all          TeX Live: Graphics and font utilities
ii  texlive-fonts-extra                              2021.20220204-1                      all          TeX Live: Additional fonts
ii  texlive-fonts-extra-doc                          2021.20220204-1                      all          TeX Live: Documentation files for texlive-fonts-extra
ii  texlive-fonts-extra-links                        2021.20220204-1                      all          TeX Live: Setup of fonts for TeX Live and search via kpathsea
ii  texlive-fonts-recommended                        2021.20220204-1                      all          TeX Live: Recommended fonts
ii  texlive-fonts-recommended-doc                    2021.20220204-1                      all          TeX Live: Documentation files for texlive-fonts-recommended
ii  texlive-formats-extra                            2021.20220204-1                      all          TeX Live: Additional formats
ii  texlive-full                                     2021.20220204-1                      all          TeX Live: metapackage pulling in all components of TeX Live
ii  texlive-games                                    2021.20220204-1                      all          TeX Live: Games typesetting
ii  texlive-humanities                               2021.20220204-1                      all          TeX Live: Humanities packages
ii  texlive-humanities-doc                           2021.20220204-1                      all          TeX Live: Documentation files for texlive-humanities
ii  texlive-lang-arabic                              2021.20220204-1                      all          TeX Live: Arabic
ii  texlive-lang-chinese                             2021.20220204-1                      all          TeX Live: Chinese
ii  texlive-lang-cjk                                 2021.20220204-1                      all          TeX Live: Chinese/Japanese/Korean (base)
ii  texlive-lang-cyrillic                            2021.20220204-1                      all          TeX Live: Cyrillic
ii  texlive-lang-czechslovak                         2021.20220204-1                      all          TeX Live: Czech/Slovak
ii  texlive-lang-english                             2021.20220204-1                      all          TeX Live: US and UK English
ii  texlive-lang-european                            2021.20220204-1                      all          TeX Live: Other European languages
ii  texlive-lang-french                              2021.20220204-1                      all          TeX Live: French
ii  texlive-lang-german                              2021.20220204-1                      all          TeX Live: German
ii  texlive-lang-greek                               2021.20220204-1                      all          TeX Live: Greek
ii  texlive-lang-italian                             2021.20220204-1                      all          TeX Live: Italian
ii  texlive-lang-japanese                            2021.20220204-1                      all          TeX Live: Japanese
ii  texlive-lang-korean                              2021.20220204-1                      all          TeX Live: Korean
ii  texlive-lang-other                               2021.20220204-1                      all          TeX Live: Other languages
ii  texlive-lang-polish                              2021.20220204-1                      all          TeX Live: Polish
ii  texlive-lang-portuguese                          2021.20220204-1                      all          TeX Live: Portuguese
ii  texlive-lang-spanish                             2021.20220204-1                      all          TeX Live: Spanish
ii  texlive-latex-base                               2021.20220204-1                      all          TeX Live: LaTeX fundamental packages
ii  texlive-latex-base-doc                           2021.20220204-1                      all          TeX Live: Documentation files for texlive-latex-base
ii  texlive-latex-extra                              2021.20220204-1                      all          TeX Live: LaTeX additional packages
ii  texlive-latex-extra-doc                          2021.20220204-1                      all          TeX Live: Documentation files for texlive-latex-extra
ii  texlive-latex-recommended                        2021.20220204-1                      all          TeX Live: LaTeX recommended packages
ii  texlive-latex-recommended-doc                    2021.20220204-1                      all          TeX Live: Documentation files for texlive-latex-recommended
ii  texlive-luatex                                   2021.20220204-1                      all          TeX Live: LuaTeX packages
ii  texlive-metapost                                 2021.20220204-1                      all          TeX Live: MetaPost and Metafont packages
ii  texlive-metapost-doc                             2021.20220204-1                      all          TeX Live: Documentation files for texlive-metapost
ii  texlive-music                                    2021.20220204-1                      all          TeX Live: Music packages
ii  texlive-pictures                                 2021.20220204-1                      all          TeX Live: Graphics, pictures, diagrams
ii  texlive-pictures-doc                             2021.20220204-1                      all          TeX Live: Documentation files for texlive-pictures
ii  texlive-plain-generic                            2021.20220204-1                      all          TeX Live: Plain (La)TeX packages
ii  texlive-pstricks                                 2021.20220204-1                      all          TeX Live: PSTricks
ii  texlive-pstricks-doc                             2021.20220204-1                      all          TeX Live: Documentation files for texlive-pstricks
ii  texlive-publishers                               2021.20220204-1                      all          TeX Live: Publisher styles, theses, etc.
ii  texlive-publishers-doc                           2021.20220204-1                      all          TeX Live: Documentation files for texlive-publishers
ii  texlive-science                                  2021.20220204-1                      all          TeX Live: Mathematics, natural sciences, computer science packages
ii  texlive-science-doc                              2021.20220204-1                      all          TeX Live: Documentation files for texlive-science
ii  texlive-xetex                                    2021.20220204-1                      all          TeX Live: XeTeX and packages