Missing CVE

I have an issue where I’m running a scan but the scan fails to detect the vulnerable version of Dropbear SSH. It successfully detects Dropbear SSH as well as the version but does not appear to tie this back to the numerous CVEs for it.

Here is a screenshot showing the detection of Dropbear SSH
Annotation 2020-03-07 122044

I did look at the CPE details within GVM for that specific version of Dropbear, and no CVEs are showing for it. However the details from NVD’s site does show associated CVEs for this version of Dropbear: https://nvd.nist.gov/products/cpe/detail/375074?keyword=dropbear&status=FINAL&orderBy=CPEURI&namingFormat=2.3&startIndex=20

I have ensured that my feeds within GVM have been updated and they are currently showing the following:

  • NVT - 2 days old
  • SCAP - 3 days old
  • CERT - 3 days old

GVM versions

gsa: - 9.0.0 (~git-ecc1c6455-gsa-9.0)
gvm: - 9.0.1(~git-690d8ca3-gvmd-9.0)
openvas-scanner: - 7.0.0
gvm-libs: - 11.0.1

Environment

Operating system: - Debian 10.3
Kernel: - 4.19.0-8-amd64
Installation method / source: - source

Did you changed the QoD for this ?

https://docs.greenbone.net/GSM-Manual/gos-6/en/glossary.html#quality-of-detection-qod

Not that I’m aware of. This is a fresh install over GVM and I haven’t made any changes to the data in the feed to the best of my knowledge.

What Lukas means is whether you adjusted the QoD value for the results.

In your scan report head to the “Results” tab and in the top right corner there’s an “Edit Filter” button (a pencil hovering over a piece of paper).
Click it and change the value of QoD to 30. If there are still no results, please let us know.

Cheers

3 Likes

Ah! Thank you that was exactly it. Thank you so much for the help, I really appreciate it. And apologies, I’m still trying to get used to using it.

1 Like

Please note that lowering the QoD might show up results which are prone to false positives against products covered by so called “Backports”. Dropbear SSH is one of such products which is covered by such Backports in most larger Linux Distributions like Debian, Ubuntu, Fedora, CentOS, RHEL etc.

1 Like

No need to apologize, it’s a lot to take in when you’re just getting started. Happy to help.

1 Like