Testing individual vulnerability tests

pxtak · September 10, 2018, 10:25pm

We’ve recently downloaded an evaluation of OpenVAS for our organization. While OpenVAS returns some vulnerability alerts, it is not picking up some known vulnerabilities on some systems. For example, I installed Adobe Acrobat Reader 11.0.0 without updates, yet I do not get any alerts about these vulnerabilities. Other vulnerability scanners we are testing were able to detect these vulnerabilities.

I would like to understand why these vulnerabilities are not getting detected. Is there a way that I can see the detailed results for a test against a single NVT?

Thanks!

bricks · September 11, 2018, 6:48am

Most likely you didn’t run an local security check against the vulnerable target system. See https://docs.greenbone.net/GSM-Manual/gos-4/en/vulnerabilitymanagement.html#authenticated-scan-using-local-security-checks for details about this topic.

pxtak · September 11, 2018, 3:33pm

Thanks bricks! I had the credentials configured, but I just discovered that Remote Registry was disabled on my test box. Scan in progress, and now I’m seeing the expected alerts.

cfi · September 11, 2018, 4:41pm

As an additional note you should find various info about such authenticated scans and possible issues (if you have credentials configured) as an “Log” entry of the following two NVTs within your report:

SSH: SSH Authenticated Scan Info Consolidation (OID: 1.3.6.1.4.1.25623.1.0.108162)

SMB/Windows: Windows LSC Authenticated Scan Info Consolidation (OID: 1.3.6.1.4.1.25623.1.0.108442)

This is now documented in a separate thread: