A specific NVT absent from NVT feed

solved

#1

Hi everyone,

After doing quite a bit of scanning and comparison with other tools such as Nessus and Nexpose, I’m detecting some anomaly that is freaking me out.

###########
111802 CVE-2017-10378 7.5 High 10.200.33.83 tcp 0 RHEL 7 : mariadb (RHSA-2018:2439)
###########

This, is detected from both Nessus and Nexpose. OpenVAS, did not detect this pretty critical vulnerability.

I did a quick NVT database check on the GUI. So I did the intuitive search: within redhat NVT family, with mariadb as the keyword. Yes there were NVT, but those NVT are 2016.

Now I think you know where I am coming from, so if anyone could tell me how I can properly verify that either:

  1. I did the setup incorrectly, causing some NVT to not be in the database.
  2. OpenVAS feed does not have these NVT.

Please tell me its the first, and how I can properly verify a correct database setup.

Thanks!


#2

Hi, RedHat is only part of the GSF.


#3

#4

Backgrounds on this was announced last year in a mailing list posting below.

Dear OpenVAS/Greenbone Users,

In early June we announced upcoming feed changes which are now ready to start.

The first change is renaming the public feed from “OpenVAS NVT Feed” to
“Greenbone Community Feed” (GCF) for branding reasons. This has no impact
on functionality and there will be no license change.

The second change is surely awaited by many community users:

We will drop the current 14-day delay for the Community Feed and switch to a
daily up-to-date scheme. This includes immediate availability of “Hot NVTs”
which address security problems running fast through the Internet and through
the news. Also, reported patches/improvements will become available much
sooner.

However, we will stop adding features for large enterprise environments. We
will not remove such NVTs from the current community feed, so you will not get
inconsistent scan results for them. Naturally, the gap between GCF and GSF
regarding enterprise features will grow over time.

We think this a good balance between community needs and commercial needs.

We will change the publication scheme on September 4th, 2017.

http://lists.wald.intevation.org/pipermail/openvas-announce/2017-August/000204.html