GVM-21.4.1 on Kali Linux Not finding Known Vulnerabilities

I installed Gvm on Vmware. I am using Full and Fast also I have chosen neither the ports lists “All IANA assigned TCP” and the “All IANA assigned TCP and UDP”. As Alive test chosen Scan Config Default and OpenVAS Default then I started to scan but nothing find any vulnerabilities. By the way before scan I made sudo apt update and sudo apt full-upgrade to made OS upto date. Then also i updated GVM feed with this command sudo gvm-feed-update. But when I started to scan with one vulnerable system but nothning find. High, Medium and Low are ZERO. Log column is 5 and false positive column is zero. I could noy make vulnerability scan since 14 days. If someone help me I really be appraciate.

More info:
Alive Test: Consider Alive (was not able to find machine using “Scan Config Default”)
Scan Type: OpenVAS Default

Just a guess, but is a port scanner (e.g. Nmap) selected? Otherwise I think as well that there are some connection problems to reach the target.

thank you but there is not connection issue. After upgrade my kali thats happened. I have several time scan my system without any problem.

gvm-check-setup 21.4.1
Test completeness and readiness of GVM-21.4.1
Step 1: Checking OpenVAS (Scanner)…
OK: OpenVAS Scanner is present in version 21.4.1.
OK: Server CA Certificate is present as /var/lib/gvm/CA/servercert.pem.
Checking permissions of /var/lib/openvas/gnupg/*
OK: _gvm owns all files in /var/lib/openvas/gnupg
OK: redis-server is present.
OK: scanner (db_address setting) is configured properly using the redis-server socket: /var/run/redis-openvas/redis-server.sock
OK: redis-server is running and listening on socket: /var/run/redis-openvas/redis-server.sock.
OK: redis-server configuration is OK and redis-server is running.
OK: _gvm owns all files in /var/lib/openvas/plugins
OK: NVT collection in /var/lib/openvas/plugins contains 74896 NVTs.
Checking that the obsolete redis database has been removed
OK: No old Redis DB
OK: ospd-OpenVAS is present in version 21.4.1.
Step 2: Checking GVMD Manager …
OK: GVM Manager (gvmd) is present in version 21.4.2.
Step 3: Checking Certificates …
OK: GVM client certificate is valid and present as /var/lib/gvm/CA/clientcert.pem.
OK: Your GVM certificate infrastructure passed validation.
Step 4: Checking data …
OK: SCAP data found in /var/lib/gvm/scap-data.
OK: CERT data found in /var/lib/gvm/cert-data.
Step 5: Checking Postgresql DB and user …
OK: Postgresql version and default port are OK.
gvmd | _gvm | UTF8 | en_US.UTF-8 | en_US.UTF-8 |
OK: At least one user exists.
Step 6: Checking Greenbone Security Assistant (GSA) …
Oops, secure memory pool already initialized
OK: Greenbone Security Assistant is present in version 21.4.1~dev1.
Step 7: Checking if GVM services are up and running …
OK: ospd-openvas service is active.
OK: gvmd service is active.
OK: greenbone-security-assistant service is active.
Step 8: Checking few other requirements…
OK: nmap is present in version 21.4.1~dev1.
OK: ssh-keygen found, LSC credential generation for GNU/Linux targets is likely to work.
OK: nsis found, LSC credential package generation for Microsoft Windows targets is likely to work.
OK: xsltproc found.
WARNING: Your password policy is empty.
SUGGEST: Edit the /etc/gvm/pwpolicy.conf file to set a password policy.

It seems like your GVM-21.4.1 installation is OK.

I have split this topic from GSM Trial Not finding Known Vulnerabilities Metasploitable.

A GVM installation on Kali Linux is not the same as the GSM TRIAL.

1 Like