search

immauss / openvas

Containers for running the Greenbone Vulnerability Manager. Run as a single container with all services or separate single applications containers via docker-compose.
GNU Affero General Public License v3.0
353 stars 101 forks source link

update_scap_cpes_from_file: Failed to parse element #192

Closed Afaq-Hashmi closed 1 year ago

Afaq-Hashmi commented 1 year ago

Hi Everyone,

I'm experiencing issue in updating my feeds, and I've encountered the below error. Despite attempting to resolve the issue by restarting the containers and creating new ones, I'm consistently faced with this problem. I would greatly appreciate any suggestions or guidance to address this issue effectively.

` noname.xml:669951: parser error : EndTag: '</' not found

^

==> /usr/local/var/log/gvm/gvmd.log <== md manage:WARNING:2023-06-21 12h58.55 UTC:907: update_scap_cpes_from_file: Failed to parse element md manage: INFO:2023-06-21 12h58.58 UTC:1067: update_scap: Updating data from feed md manage: INFO:2023-06-21 12h58.58 UTC:1067: Updating CPEs md main:MESSAGE:2023-06-21 12h59.36 utc:1096: Greenbone Vulnerability Manager version 22.4.2 (DB revision 250) md manage: INFO:2023-06-21 12h59.36 utc:1096: Getting scanners. md main:MESSAGE:2023-06-21 12h59.37 utc:1104: Greenbone Vulnerability Manager version 22.4.2 (DB revision 250) md manage: INFO:2023-06-21 12h59.37 utc:1104: Verifying scanner.

==> /usr/local/var/log/gvm/healthchecks.log <== Healthchecks completed with no issues. noname.xml:669951: parser error : internal error: Huge input lookup ss%5B%5D=security&edition%5B%5D=cre&edition%5B%5D=cee&edition%5B%5D= ^ noname.xml:669951: parser error : attributes construct error

^ noname.xml:669951: parser error : Couldn't find end of Start Tag reference line 669951

^ noname.xml:669951: parser error : EndTag: '</' not found

^

==> /usr/local/var/log/gvm/gvmd.log <== md manage:WARNING:2023-06-21 13h00.27 UTC:1067: update_scap_cpes_from_file: Failed to parse element md manage: INFO:2023-06-21 13h00.37 UTC:1180: update_scap: Updating data from feed md manage: INFO:2023-06-21 13h00.37 UTC:1180: Updating CPEs md main:MESSAGE:2023-06-21 13h00.38 utc:1201: Greenbone Vulnerability Manager version 22.4.2 (DB revision 250) md manage: INFO:2023-06-21 13h00.38 utc:1201: Getting scanners. md main:MESSAGE:2023-06-21 13h00.39 utc:1207: Greenbone Vulnerability Manager version 22.4.2 (DB revision 250) md manage: INFO:2023-06-21 13h00.39 utc:1207: Verifying scanner. `

2023-06-21 17_57_58-Termius - OpenVAS

righter83 commented 1 year ago

Got the same, it was fixed by Greenbone, should be integrated in a new image here: https://github.com/greenbone/gvm-libs/pull/774

Afaq-Hashmi commented 1 year ago

@righter83 Thanks for your reply. Could you please provide me with detailed steps to resolve this issue? I have the latest Docker image from @immauss . Do I need to execute any specific commands within the container to address this problem, or is there another recommended approach?

righter83 commented 1 year ago

@Afaq-Hashmi No idea how to fix it The fix is in the xmlutils.c file but I found only that one in the docker container: ./usr/local/include/gvm/util/xmlutils.h

immauss commented 1 year ago

So that type of fix will require an image rebuild, which I'm in the process doing at the moment. There is 22.4.17-beta which will likely end up as 22.5.01 as the final since the latest on the gvmd in the new image is 22.5. Feel free to give it a try, but know that I've not done much (any) testing on it yet.

-Scott

righter83 commented 1 year ago

Hi @immauss

Thanks I just pulled the beta., The error is gone, thanks for the fix!

Afaq-Hashmi commented 1 year ago

@immauss @righter83 I am getting the below error while running SYNC on the Beta Container.

root@c329d9eca771://scripts# ./sync.sh 
 Pulling NVTs from greenbone
Trying to acquire lock on /var/lib/openvas/feed-update.lock
Acquired lock on /var/lib/openvas/feed-update.lock
⠼ Downloading Notus files from rsync://feed.community.greenbone.net/community/vulnerability-feed/22.04/vt-data/notus/ to 
/var/lib/notus
⠼ Downloading NASL files from rsync://feed.community.greenbone.net/community/vulnerability-feed/22.04/vt-data/nasl/ to 
/var/lib/openvas/plugins
Releasing lock on /var/lib/openvas/feed-update.lock

 Pulling scapdata from greenbone
sh: 1: /usr/local/sbin/greenbone-feed-sync: not found
 Pulling cert-data from greenbone
sh: 1: /usr/local/sbin/greenbone-feed-sync: not found
 Pulling latest GVMD Data from Greenbone
sh: 1: /usr/local/sbin/greenbone-feed-sync: not found

image

righter83 commented 1 year ago

Hmm yes the Scripts are in /usr/local/bin not in /usr/local/sbin Just correct it in /scripts/sync.sh temporary

immauss commented 1 year ago

Thank you!!