GVM-21.4.1 on Kali Linux Not finding Known Vulnerabilities

I installed Gvm on Vmware. I am using Full and Fast also I have chosen neither the ports lists “All IANA assigned TCP” and the “All IANA assigned TCP and UDP”. As Alive test chosen Scan Config Default and OpenVAS Default then I started to scan but nothing find any vulnerabilities. By the way before scan I made sudo apt update and sudo apt full-upgrade to made OS upto date. Then also i updated GVM feed with this command sudo gvm-feed-update. But when I started to scan with one vulnerable system but nothning find. High, Medium and Low are ZERO. Log column is 5 and false positive column is zero. I could noy make vulnerability scan since 14 days. If someone help me I really be appraciate.

More info:
Alive Test: Consider Alive (was not able to find machine using “Scan Config Default”)
Scan Type: OpenVAS Default

Just a guess, but is a port scanner (e.g. Nmap) selected? Otherwise I think as well that there are some connection problems to reach the target.

thank you but there is not connection issue. After upgrade my kali thats happened. I have several time scan my system without any problem.

gvm-check-setup 21.4.1
Test completeness and readiness of GVM-21.4.1
Step 1: Checking OpenVAS (Scanner)…
OK: OpenVAS Scanner is present in version 21.4.1.
OK: Server CA Certificate is present as /var/lib/gvm/CA/servercert.pem.
Checking permissions of /var/lib/openvas/gnupg/*
OK: _gvm owns all files in /var/lib/openvas/gnupg
OK: redis-server is present.
OK: scanner (db_address setting) is configured properly using the redis-server socket: /var/run/redis-openvas/redis-server.sock
OK: redis-server is running and listening on socket: /var/run/redis-openvas/redis-server.sock.
OK: redis-server configuration is OK and redis-server is running.
OK: _gvm owns all files in /var/lib/openvas/plugins
OK: NVT collection in /var/lib/openvas/plugins contains 74896 NVTs.
Checking that the obsolete redis database has been removed
OK: No old Redis DB
OK: ospd-OpenVAS is present in version 21.4.1.
Step 2: Checking GVMD Manager …
OK: GVM Manager (gvmd) is present in version 21.4.2.
Step 3: Checking Certificates …
OK: GVM client certificate is valid and present as /var/lib/gvm/CA/clientcert.pem.
OK: Your GVM certificate infrastructure passed validation.
Step 4: Checking data …
OK: SCAP data found in /var/lib/gvm/scap-data.
OK: CERT data found in /var/lib/gvm/cert-data.
Step 5: Checking Postgresql DB and user …
OK: Postgresql version and default port are OK.
gvmd | _gvm | UTF8 | en_US.UTF-8 | en_US.UTF-8 |
OK: At least one user exists.
Step 6: Checking Greenbone Security Assistant (GSA) …
Oops, secure memory pool already initialized
OK: Greenbone Security Assistant is present in version 21.4.1~dev1.
Step 7: Checking if GVM services are up and running …
OK: ospd-openvas service is active.
OK: gvmd service is active.
OK: greenbone-security-assistant service is active.
Step 8: Checking few other requirements…
OK: nmap is present in version 21.4.1~dev1.
OK: ssh-keygen found, LSC credential generation for GNU/Linux targets is likely to work.
OK: nsis found, LSC credential package generation for Microsoft Windows targets is likely to work.
OK: xsltproc found.
WARNING: Your password policy is empty.
SUGGEST: Edit the /etc/gvm/pwpolicy.conf file to set a password policy.

It seems like your GVM-21.4.1 installation is OK.

1 Like

I have split this topic from GSM Trial Not finding Known Vulnerabilities Metasploitable.

A GVM installation on Kali Linux is not the same as the GSM TRIAL.

1 Like

I am also having this problem, it has taken many days of issues getting setup, and then however many more of trying to get NVEs to load.

I created a number of hosts with known vulnerabilities and confirmed from the GVM host it can ping, as well as curl etc. all ports and IPs in scope.

Now I’ve “Full and fast” scanned the network range and it has come back with “Log: 3” as the only results, saying that Traceroutes are successful, but cannot determine any OS or Hostname?