8.0.1: PQexec failed: ERROR: syntax error at or near "report"

Scans do not end as “Done” at the GSA after upgrading GVM/GSA from 8.0+beta1 to 8.0.1 while they are already finished on the remote scanner (slave) but stay at certain percentages (52% on this example). If the job is run on the local scanner instance (master), the same target ends up “Done”.

I have debugged until the SQL-error on the GVM but uncertain what to do next. I tested the problem with a scanner node with a openvas 6.0.0 and the situation is the same.

Master

GVM versions

gsa: Greenbone Security Assistant 8.0.1
gvm: Greenbone Vulnerability Manager 8.0.1
openvas-scanner: OpenVAS Scanner 6.0.1
gvm-libs: gvm-libs-10.0.1

Environment

Operating system: Debian 9 (Stretch)
Kernel: Linux scanner 4.9.0-9-amd64 #1 SMP Debian 4.9.168-1+deb9u4 (2019-07-19) x86_64 GNU/Linux
Compiled from source

Slave

GVM versions

gvm: Greenbone Vulnerability Manager 8.0.1
openvas-scanner: OpenVAS Scanner 6.0.1
gvm-libs: gvm-libs-10.0.1

Environment

Debian 9 (Stretch)
Linux scanner-01 4.9.0-9-amd64 #1 SMP Debian 4.9.168-1+deb9u4 (2019-07-19) x86_64 GNU/Linux
Compiled from source

Logs

Scanner node (slave) openvassd.log showing finished scan:

sd   main:MESSAGE:2019-08-01 14h35.19 utc:1100: Starts a new scan. Target(s) : scanner-02.testing.domain, with max_hosts = 20 and max_checks = 4
sd   main:MESSAGE:2019-08-01 14h35.19 utc:1117: Testing 192.168.5.91 (Vhosts: scanner-02.testing.domain) [1117]
lib  nasl:MESSAGE:2019-08-01 14h35.54 utc:1227: Function ssh_login called from ssh_proto_version.nasl: Failed to set SSH key type 'rsa-sha2-512': Setting method: no algorithm for method "server host key algo" (rsa-sha2-512)
lib  nasl:MESSAGE:2019-08-01 14h35.54 utc:1227: Function ssh_login called from ssh_proto_version.nasl: Failed to set SSH key type 'rsa-sha2-256': Setting method: no algorithm for method "server host key algo" (rsa-sha2-256)
lib  nasl:MESSAGE:2019-08-01 14h35.54 utc:1227: Function ssh_login called from ssh_proto_version.nasl: Failed to set SSH key type 'ecdsa-sha2-nistp256': Setting method: no algorithm for method "server host key algo" (ecdsa-sha2-nistp256)
sd   main:MESSAGE:2019-08-01 14h37.20 utc:1117: Finished testing 192.168.5.91. Time : 120.90 secs
sd   main:MESSAGE:2019-08-01 14h37.23 utc:1100: Test complete
sd   main:MESSAGE:2019-08-01 14h37.23 utc:1100: Total time to scan all hosts : 126 seconds

Main node (master) gvmd.log showing SQL related error:

md manage:WARNING:2019-08-01 14h35.59 UTC:39143: sql_exec_internal: PQexec failed: ERROR:  syntax error at or near "report"
LINE 1: ...e,  description, uuid, qod, qod_type, result_nvt  report) VA...
                                                             ^
 (7)
md manage:WARNING:2019-08-01 14h35.59 UTC:39143: sql_exec_internal: SQL: INSERT into results (owner, date, task, host, hostname, port,  nvt, nvt_version, severity, type,  description, uuid, qod, qod_type, result_nvt  report) VALUES (2, m_now (), 169, '192.168.5.91', 'scanner-02.testing.domain', '22/tcp',  '1.3.6.1.4.1.25623.1.0.10330', 'SELECT iso_time (modification_time) FROM nvts WHERE uuid = '1.3.6.1.4.1.25623.1.0.10330';', '0.0', 'Log Message',  'An ssh server is running on this port', make_uuid (), 80, 'remote_banner',  (SELECT id FROM result_nvts WHERE nvt = '1.3.6.1.4.1.25623.1.0.10330'),  196), (2, m_now (), 169, '192.168.5.91', 'scanner-02.testing.domain', '22/tcp',  '1.3.6.1.4.1.25623.1.0.10267', 'SELECT iso_time (modification_time) FROM nvts WHERE uuid = '1.3.6.1.4.1.25623.1.0.10267';', '0.0', 'Log Message',  'Remote SSH server banner: SSH-2.0-OpenSSH_7.4
Remote SSH supported authentication: password,publickey
Remote SSH text/login banner: 

LOGO AND DISCLAIMER REMOVED FROM HERE

This is probably:

- OpenSSH

Concluded from remote connection attempt with credentials:

Login:    OpenVAS-VT
Password: OpenVAS-VT', make_uuid (), 80, 'remote_banner',  (SELECT id FROM result_nvts WHERE nvt = '1.3.6.1.4.1.25623.1.0.10267'),  196), (2, m_now (), 169, '192.168.5.91', 'scanner-02.testing.domain', 'general/tcp',  '1.3.6.1.4.1.25623.1.0.105937', 'SELECT iso_time (modification_time) FROM nvts WHERE uuid = '1.3.6.1.4.1.25623.1.0.105937';', '0.0', 'Log Message',  'No Best matching OS identified. Please see the NVT ''Unknown OS and Service Banner Reporting'' (OID: 1.3.6.1.4.1.25623.1.0.108441) for possible ways to identify this OS.', make_uuid (), 80, 'remote_banner',  (SELECT id FROM result_nvts WHERE nvt = '1.3.6.1.4.1.25623.1.0.105937'),  196), (2, m_now (), 169, '192.168.5.91', 'scanner-02.testing.domain', 'general/tcp',  '1.3.6.1.4.1.25623.1.0.108577', 'SELECT iso_time (modification_time) FROM nvts WHERE uuid = '1.3.6.1.4.1.25623.1.0.108577';', '0.0', 'Log Message',  'Detected OpenSSH Server

Version:       7.4
Location:      22/tcp
CPE:           cpe:/a:openbsd:openssh:7.4

Concluded from version/product identification result:
SSH-2.0-OpenSSH_7.4', make_uuid (), 80, 'remote_banner',  (SELECT id FROM result_nvts WHERE nvt = '1.3.6.1.4.1.25623.1.0.108577'),  196), (2, m_now (), 169, '192.168.5.91', 'scanner-02.testing.domain', '22/tcp',  '1.3.6.1.4.1.25623.1.0.105565', 'SELECT iso_time (modification_time) FROM nvts WHERE uuid = '1.3.6.1.4.1.25623.1.0.105565';', '0.0', 'Log Message',  'The following options are supported by the remote ssh service:

kex_algorithms:
curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1

server_host_key_algorithms:
ssh-rsa,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519

encryption_algorithms_client_to_server:
aes128-ctr,aes192-ctr,aes256-ctr

encryption_algorithms_server_to_client:
aes128-ctr,aes192-ctr,aes256-ctr

mac_algorithms_client_to_server:
hmac-sha1,umac-64@openssh.com,hmac-ripemd160

mac_algorithms_server_to_client:
hmac-sha1,umac-64@openssh.com,hmac-ripemd160

compression_algorithms_client_to_server:
none,zlib@openssh.com

compression_algorithms_server_to_client:
none,zlib@openssh.com', make_uuid (), 80, 'remote_banner',  (SELECT id FROM result_nvts WHERE nvt = '1.3.6.1.4.1.25623.1.0.105565'),  196), (2, m_now (), 169, '192.168.5.91', 'scanner-02.testing.domain', 'general/tcp',  '1.3.6.1.4.1.25623.1.0.51662', 'SELECT iso_time (modification_time) FROM nvts WHERE uuid = '1.3.6.1.4.1.25623.1.0.51662';', '0.0', 'Log Message',  'Here is the route from 192.168.5.36 to 192.168.5.91:

192.168.5.36
192.168.5.91', make_uuid (), 80, 'remote_banner',  (SELECT id FROM result_nvts WHERE nvt = '1.3.6.1.4.1.25623.1.0.51662'),  196), (2, m_now (), 169, '192.168.5.91', 'scanner-02.testing.domain', '22/tcp',  '1.3.6.1.4.1.25623.1.0.813864', 'SELECT iso_time (modification_time) FROM nvts WHERE uuid = '1.3.6.1.4.1.25623.1.0.813864';', '5.0', 'Alarm',  'Installed version: 7.4
Fixed version:     7.8
Installation
path / port:       22/tcp', make_uuid (), 30, 'remote_banner_unreliable',  (SELECT id FROM result_nvts WHERE nvt = '1.3.6.1.4.1.25623.1.0.813864'),  196), (2, m_now (), 169, '192.168.5.91', 'scanner-02.testing.domain', '22/tcp',  '1.3.6.1.4.1.25623.1.0.812051', 'SELECT iso_time (modification_time) FROM nvts WHERE uuid = '1.3.6.1.4.1.25623.1.0.812051';', '5.0', 'Alarm',  'Installed version: 7.4
Fixed version:     7.6
Installation
path / port:       22/tcp', make_uuid (), 30, 'remote_banner_unreliable',  (SELECT id FROM result_nvts WHERE nvt = '1.3.6.1.4.1.25623.1.0.812051'),  196), (2, m_now (), 169, '192.168.5.91', 'scanner-02.testing.domain', '22/tcp',  '1.3.6.1.4.1.25623.1.0.813888', 'SELECT iso_time (modification_time) FROM nvts WHERE uuid = '1.3.6.1.4.1.25623.1.0.813888';', '5.0', 'Alarm',  'Installed version: 7.4
Fixed version:     None
Installation
path / port:       22/tcp', make_uuid (), 30, 'remote_banner_unreliable',  (SELECT id FROM result_nvts WHERE nvt = '1.3.6.1.4.1.25623.1.0.813888'),  196), (2, m_now (), 169, '192.168.5.91', 'scanner-02.testing.domain', '22/tcp',  '1.3.6.1.4.1.25623.1.0.100259', 'SELECT iso_time (modification_time) FROM nvts WHERE uuid = '1.3.6.1.4.1.25623.1.0.100259';', '0.0', 'Log Message',  'The remote SSH Server supports the following SSH Protocol Versions:
1.99
2.0

SSHv2 Fingerprint(s):
ssh-ed25519: a7:af:a7:70:08:1d:81:45:8b:b6:ab:42:7f:8a:cf:ac
ssh-rsa: ff:a6:df:8d:4a:42:18:e7:1a:fc:d5:30:41:16:33:00', make_uuid (), 95, 'remote_active',  (SELECT id FROM result_nvts WHERE nvt = '1.3.6.1.4.1.25623.1.0.100259'),  196), (2, m_now (), 169, '192.168.5.91', 'scanner-02.testing.domain', 'general/tcp',  '1.3.6.1.4.1.25623.1.0.80091', 'SELECT iso_time (modification_time) FROM nvts WHERE uuid = '1.3.6.1.4.1.25623.1.0.80091';', '2.6', 'Alarm',  'It was detected that the host implements RFC1323.

The following timestamps were retrieved with a delay of 1 seconds in-between:
Packet 1: 22680441
Packet 2: 22681557', make_uuid (), 80, 'remote_banner',  (SELECT id FROM result_nvts WHERE nvt = '1.3.6.1.4.1.25623.1.0.80091'),  196) RETURNING id;
md manage:WARNING:2019-08-01 14h35.59 UTC:39143: next: sql_exec_internal failed
md manage:WARNING:2019-08-01 14h35.59 UTC:39143: manage_cleanup_process_error: Error exit, setting running task to Interrupted
md manage:WARNING:2019-08-01 14h35.59 UTC:39143: sql_exec_internal: PQexec failed: ERROR:  current transaction is aborted, commands ignored until end of transaction block
 (7)
md manage:WARNING:2019-08-01 14h35.59 UTC:39143: sql_exec_internal: SQL: UPDATE reports SET scan_run_status = 13 WHERE id = 196;
md manage:WARNING:2019-08-01 14h35.59 UTC:39143: sqlv: sql_exec_internal failed

I recompiled the older version back on the Master-node while keeping the Slave-node to the current version and the scan results work as expected. No SQL-related entries in the log.

Reverted version details (master):
gsa: Greenbone Security Assistant 8.0.1
gvm: Greenbone Vulnerability Manager 8.0.0
gvm-libs: gvm-libs-10.0.1

Main node (master) gvmd.log:

event task:MESSAGE:2019-08-01 15h47.29 UTC:72615: Task scan01-deb test Clone 1 Clone 1 Clone 2 (8b1f9cf5-d6e9-400c-b717-add3ee3add4d) has been requested to start by admin
event task:MESSAGE:2019-08-01 15h47.55 UTC:72630: Status of task scan01-deb test Clone 1 Clone 1 Clone 2 (8b1f9cf5-d6e9-400c-b717-add3ee3add4d) has changed to Running
event task:MESSAGE:2019-08-01 15h51.42 UTC:72630: Status of task scan01-deb test Clone 1 Clone 1 Clone 2 (8b1f9cf5-d6e9-400c-b717-add3ee3add4d) has changed to Done

I guess we are missing a , before the report here:

INSERT into results (owner, date, task, host, hostname, port, nvt, nvt_version, severity, type, description, uuid, qod, qod_type, result_nvt report)

Opened a GIT issue #657 and supplied partial fix.

2 Likes

Fixes seems to be enabled now:


1 Like