CVE Scan Pdf Report

Archive Greenbone Community Edition
1

I have been using GSE to run vulnerability scans based on OpenVas, which I export as PDF.

Recently I have started to run CVE Scans, which have produced outstanding CVE’s for the affected host.

However, if i select “Download Filtered Report” and select PDF, the usual front page and host information is displayed, but no actual details of the CVE appear or there details.

As a test i have tried a number of the other formats (as opposed to PDF) i.e XML/TXT/CSV and these all display details of the detected CVE.

Is this known behaviour with CVE & PDF reports? or perhaps a new issue?

GVM versions

gsad: (‘Greenbone Security Assistant 21.4.3’)
gvmd: (‘Greenbone Vulnerability Manager 21.4.4, Manager DB revision 242’)
openvas-scanner: (‘OpenVAS 21.4.3’)
gvm-libs: (‘gvm-libs 21.4.3’)

Environment

Operating system:
Kernel: (‘Linux *********amd64 #1 SMP Debian 4.19.208-1 (2021-09-29) x86_64 GNU/Linux’)
Installation method / source: Build from source repositories

2

Hi @ChrisM and welcome to the forum :slight_smile:

I don’t have an answer on that, but I’m bumping your post for visibility (and not to leave it hanging there).

4

Hi @ChrisM,

I know from the docs that different reports have different output (and that varies by product type) but what you’re seeing sounds a bit weird. Something to try if you’d like is to see if it behaves the same way with a different install (like the trial version in a VM) for comparison.

1 Like
5

On Debian 10 & 11 I’ve had similar issues caused by texlive.
Resolution has been to install texlive-full (apt-get -y install texlive-full).

2 Likes
6

Thanks Martin, I’ll give that a go!

1 Like
7

Thank you for the suggestion Martin, but your suggestion has not changed the report.
The missing CVE data is still not displayed after installing texlive-full.

8

Bugger, hope you find a resolution soon.

1 Like
9

Hi DeeAnn,

I have a previous installation of GSE built on Ubuntu and this produces the same results.

GVM versions

gsad: (‘Greenbone Security Assistant 21.04.0’)
gvmd: (‘Greenbone Vulnerability Manager 21.4.0, Manager DB revision 242’)
openvas-scanner: (‘OpenVAS 21.4.1’)
gvm-libs: (‘gvm-libs 21.4.1’)

Environment

Operating system:
Kernel: (‘Linux ********* 5.11.0-1022-aws #23~20.04.1-Ubuntu SMP Mon Nov 15 14:03:19 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux)
Installation method / source: Build from source repositories

10

Hi @ChrisM,

Thank you for checking with a different install and I’ll pass it on to the developers.

11

@ChrisM did you install the additional packages (pretty sure they’re required for PDF exports):

xmlstarlet
texlive-fonts-recommended
texlive-latex-extra

Best regards,
Fredrik

1 Like
12

Thank you Fredrik, but these are already installed.

To clarify, I can successfully export PDF for OpenVas scans, its the content of CVE scans that is the problem.

When i run a CVE scan and select PDF export, no details of the CVE found are displayed within the produced PDF (I do have the front page, and host summary, but no further details). If I export the same scan in other formats (XML/CSV etc) the CVE details are listed as i would expect.

This feels like it is the build file for the PDF, not selecting the CVE details.

13

I have the same issue. @ChrisM Now, Can you export the PDF report? Please give me any suggestions.

14

@Paiii3 for each report format there is generate script:

find / -type f -iname ‘generate’ -print
/var/lib/gvm/gvmd/report_formats/e9958712-28ca-40e7-80a8-072b33353c0a/5057e5cc-b825-11e4-9d0e-28d24461215b/generate
/var/lib/gvm/gvmd/report_formats/e9958712-28ca-40e7-80a8-072b33353c0a/77bd6c4a-1f62-11e1-abf0-406186ea4fc5/generate
/var/lib/gvm/gvmd/report_formats/e9958712-28ca-40e7-80a8-072b33353c0a/c1645568-627a-11e3-a660-406186ea4fc5/generate
/var/lib/gvm/gvmd/report_formats/e9958712-28ca-40e7-80a8-072b33353c0a/a994b278-1f62-11e1-96ac-406186ea4fc5/generate
/var/lib/gvm/gvmd/report_formats/e9958712-28ca-40e7-80a8-072b33353c0a/a3810a62-1f62-11e1-9219-406186ea4fc5/generate
/var/lib/gvm/gvmd/report_formats/e9958712-28ca-40e7-80a8-072b33353c0a/c402cc3e-b531-11e1-9163-406186ea4fc5/generate

for example pdf export:

/var/lib/gvm/gvmd/report_formats/e9958712-28ca-40e7-80a8-072b33353c0a/c402cc3e-b531-11e1-9163-406186ea4fc5/generate

contains this:

TMP=mktemp -d || exit 1

xsltproc ./latex.xsl $1 > ${TMP}/report.tex 2>/tmp/err.out

pdflatex -interaction batchmode -output-directory ${TMP} ${TMP}/report.tex > /dev/null 2>&1

pdflatex -interaction batchmode -output-directory ${TMP} ${TMP}/report.tex > /dev/null 2>&1 &

wait

cat ${TMP}/report.pdf && rm -rf ${TMP}

… you can edit this script like this:

… last line, you can remove the rm -rf command and then check the output file to see what command fails in generate script

cat ${TMP}/report.pdf

sorry. a bit complex :slight_smile:

Eero

1 Like
15

so. I modified script to look like:

TMP=mktemp -d || exit 1

xsltproc ./latex.xsl $1 > ${TMP}/report.tex 2>/tmp/err.out

pdflatex -interaction batchmode -output-directory ${TMP} ${TMP}/report.tex > /dev/null 2>&1

pdflatex -interaction batchmode -output-directory ${TMP} ${TMP}/report.tex > /dev/null 2>&1 &

wait

cat ${TMP}/report.pdf

then I can take look of how it runs:

root@debian-s-4vcpu-8gb-amd-lon1-01:/tmp# ls -ltr /tmp | tail -1
drwx------ 2 gvm gvm 4096 Jun 14 15:54 tmp.Cq5AiVoHD2

root@debian-s-4vcpu-8gb-amd-lon1-01:/tmp/tmp.Cq5AiVoHD2# ls -ltr
total 148
-rw------- 1 gvm gvm 11776 Jun 14 15:54 report.tex
-rw------- 1 gvm gvm 309 Jun 14 15:54 report.toc
-rw------- 1 gvm gvm 229 Jun 14 15:54 report.out
-rw------- 1 gvm gvm 1634 Jun 14 15:54 report.aux
-rw------- 1 gvm gvm 102571 Jun 14 15:54 report.pdf
-rw------- 1 gvm gvm 18161 Jun 14 15:54 report.log

and report.log contains export run. if it contains error, then just fix error installing the needed software and so on…

Eero

1 Like