{"id":876,"date":"2014-06-15T14:30:46","date_gmt":"2014-06-15T12:30:46","guid":{"rendered":"http:\/\/blog.schmoigl-online.de\/?p=876"},"modified":"2014-06-15T14:35:33","modified_gmt":"2014-06-15T12:35:33","slug":"openvas-broken-debian-installer-packages","status":"publish","type":"post","link":"http:\/\/blog.schmoigl-online.de\/?p=876","title":{"rendered":"OpenVAS &#8211; Broken Debian Installer Packages"},"content":{"rendered":"<p>Recently, I have read an article in a computer magazine on the vulnerability scanner <a href=\"http:\/\/www.openvas.org\/index.html\">OpenVAS<\/a>. It sounded interesting and that was why I wanted to try it out. OpenVAS provides a <a href=\"http:\/\/www.openvas.org\/vm.html\">live virtual appliance container file<\/a> for demo purposes. Trying to install it into a VMWare Player, I was not able to get it running. As it appeared to be related to an incompatible library on the image, I decided to install a new <a href=\"https:\/\/www.debian.org\/News\/2014\/20140426\">Debian 7.5 Wheezy<\/a> image as VM. All the steps necessary for install and setup can be found on <a href=\"http:\/\/www.openvas.org\/install-packages-v6.html#openvas_debian_obs\">the OpenVAS website<\/a>. <!--more--><br \/>\nOne of the crucial steps in between is to run<\/p>\n<pre>\r\nopenvas-certdata-sync\r\n<\/pre>\n<p>which updates the cert database. Without it, you won&#8217;t be able to start the <code>openvas-scanner<\/code> service. It would fail with the error message<\/p>\n<pre>\r\nsql_x: sqlite3_prepare failed: no such table: main.meta\r\n<\/pre>\n<p>in the log file <code>\/var\/log\/openvas\/openvasmd.log<\/code>. However, when running <code>openvas-certdata-sync<\/code>, you will get another block of error messages, reading<\/p>\n<pre>\r\n\/usr\/sbin\/openvas-certdata-sync: 185: \/usr\/sbin\/openvas-certdata-sync: cannot open \/usr\/share\/openvas\/cert\/cert_db_init.sql: No such file\r\nError: no such table: dfn_cert_advs\r\nError: no such table: meta\r\nError: Inconsistent data. Resetting CERT database.\r\n<\/pre>\n<p>This problem has already been addressed by the <a href=\"https:\/\/bugzilla.novell.com\/show_bug.cgi?id=833235#c0\">Novell Bugzilla<\/a> since August, 2013, but has not been fixed yet. Futhermore, there are many other reports of this issue in several forums and mailing lists. <\/p>\n<p>The root cause of this matter is that the Debian software package <code>openvas-manager<\/code> is missing the files in <code>\/usr\/share\/openvas\/cert\/<\/code>. These files, however, are available in the <a href=\"http:\/\/mirrord.binarysignals.net\/OpenVAS-6-DEMO-3.0.ova\">VM container file<\/a>. Unfortunately, extracting and copying them over to your installation may be a bit tricky; that is why I have bundled them for you in a file attached to this blog. You may download the file and extract it via<\/p>\n<pre>\r\ncd \/usr\/share\/openvas\r\nmkdir cert\r\ncd cert\r\nwget http:\/\/blog.schmoigl-online.de\/?dl_id=5\r\ntar xzvf openvas-cert.tar.gz\r\nrm openvas-cert.tar.gz\r\n<\/pre>\n<p>onto you local machine. <p><img decoding=\"async\" src=\"http:\/\/blog.schmoigl-online.de\/wp-content\/plugins\/wp-downloadmanager\/images\/ext\/unknown.gif\" alt=\"\" title=\"\" style=\"vertical-align: middle;\" \/>&nbsp;&nbsp;<strong><a href=\"http:\/\/blog.schmoigl-online.de\/?dl_id=5\">OpenVAS metadata files for cert directory<\/a><\/strong> (2.0 KiB, 2,685 hits)<\/p> Afterwards, you need to run<\/p>\n<pre>\r\nopenvas-certdata-sync\r\n<\/pre>\n<p>again.<\/p>\n<p>It&#8217;s a shame that a bug report has been open for more than 10 months now, causing that no Debian distribution will run out of the box anymore, and has not been &#8211; even &#8211; addressed yet.<br \/>\nIf that is representative for the reliability of a security product, should you really run it in your network?<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Due to a bug in the debian package of OpenVAS 6, the files in \/usr\/share\/openvas\/cert\/ are missing (&#8220;no such file&#8221;). It is being explained how to fix it.<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[10],"tags":[],"class_list":["post-876","post","type-post","status-publish","format-standard","hentry","category-linux"],"_links":{"self":[{"href":"http:\/\/blog.schmoigl-online.de\/index.php?rest_route=\/wp\/v2\/posts\/876","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/blog.schmoigl-online.de\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/blog.schmoigl-online.de\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/blog.schmoigl-online.de\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/blog.schmoigl-online.de\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=876"}],"version-history":[{"count":17,"href":"http:\/\/blog.schmoigl-online.de\/index.php?rest_route=\/wp\/v2\/posts\/876\/revisions"}],"predecessor-version":[{"id":894,"href":"http:\/\/blog.schmoigl-online.de\/index.php?rest_route=\/wp\/v2\/posts\/876\/revisions\/894"}],"wp:attachment":[{"href":"http:\/\/blog.schmoigl-online.de\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=876"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/blog.schmoigl-online.de\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=876"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/blog.schmoigl-online.de\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=876"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}