Hi, I have a problem with Nexpose. When i want to do a scan (On a site or just on a IP), i have an error : Scan action failed : java.lang.runtimeexception : Error while parsing apple-safari-cve-2017-13866.xml. When i come back to the welcome page of my software, i can see that the scan is running but detect anything. In order to stop the scan i have to reboot the computer where nexpose is installed. Below you can find an extract of the nsc.log : 2018-01-09T23:02:07 [ERROR] [Thread: Scheduled Execution Thread: Daily History Updater [SiloID: default]DailyHistoryJob-default|RiskUpdateJob-default|DailyAssetGroupUpdateJob-default] Entry debian-upgrade-openjdk-8.sol not found in C:\Program Files\rapid7\nexpose\plugins\java\1\DebianDEBScanner\1\solns.jar. Please update to the latest product version. 2018-01-09T23:02:07 [ERROR] [Thread: Scheduled Execution Thread: Daily History Updater [SiloID: default]DailyHistoryJob-default|RiskUpdateJob-default|DailyAssetGroupUpdateJob-default] debian-upgrade-openjdk-8.sol not found. Please update to the latest product version. 2018-01-09T23:02:07 [ERROR] [Thread: Scheduled Execution Thread: Daily History Updater [SiloID: default]DailyHistoryJob-default|RiskUpdateJob-default|DailyAssetGroupUpdateJob-default] Unable to execute scheduled job. For you information i have the last version of Nexpose (Version 6.4.67,Edition Enterprise). Can you help me please ? Thanks in advance. Regards Olivier DONDEYNE +33 5 57 10 95 02
Posted by Olivier Dondeyne about a year ago
I have a Report Template made that shows me the Operating system of the scanned machines, the vulnerabilities, and the solutions to those vulnerabilities. My issue is that the solutions section for each vulnerability shows solutions for every possible operating system. I want it to ONLY show the solution for the operating systems of the machines that the vulnerability was found on. Is this possible?
Posted by Jason Sherman about a year ago
I am looking for a report that will allow me to find the total number of vulns over a period of time and total number of those vulns that have been remediated. The Dashboard card named "New vs. Remediated Vulnerabilities" is similar to what I need. The sql query behind this card should set me on the right path. Can anyone help with this?
Posted by Keith Bruce about a year ago
I've a host on the perimeter and the Nexpose scan is finding vulnerabilities according to the the logs, but the web spidering causes the host to timeout later in the scan and the scan terminates. The host is then incomplete in the scan results, but the vulnerabilities found earlier in the scan are ignored and not reported in Nexpose. In fact the host doesn't show up in Nexpose, just as an incomplete host in the scan results only. Is Nexpose intended to work like this?
Posted by Matt Joyce about a year ago
Hi, when will the signatures of Meltdown and Spectre patching for CentOS be released? It seems to be fine for Windows, RedHat and other, but no trace for CentOS as far as I can tell. As you can imagine it's rather urgent... Thanks Olivier
Posted by Olivier Reuland about a year ago
Several hosts continue to fail this check on port 8080. All are running Server version: Apache/2.4.16 (Unix). They have been configured with the recommended remediation steps. [root@hostname:~] [S1V: 18.104.22.168] [21:38:43] $ grep -i trace /etc/apache2/httpd.conf TraceEnable off Debug logs offer no information other than pass/fail. Are there any further steps to be taken to verify this check?
Posted by Casey Tuohey about a year ago
I have a custom .csv report template in Nexpose that uses the "Vulnerability Age" data field. I am trying to write a SQL query that gives me additional data values to what I can get from the default offered in the .csv reports, but I cannot find a value from the SQL tables on https://nexpose.help.rapid7.com/docs/understanding-the-reporting-data-model-overview-and-query-design that matches what is in the .csv report. Can someone tell me what value or calculation is used to generate the Vulnerability Age in the .csv report?
Posted by Jaimie Welborn about a year ago
Hello, I want to ask about the vulnerability "Partition Mounting Weakness" which is detected on our asset after scan. We do System hardening based on CIS which contain checks for options nodev, nosuid and noexec on /tmp, /var/tmp, /dev/shm partitions. But our problem is that when we scan the same machine using Nexpose we have "unix-partition-mounting-weakness" check which indicate that some issues were discovered like : - /run partition does not have 'nodev' option set. - /home partition does not have 'nosuid' option set. - /var partition does not have 'nosuid', 'noexec', 'nodev' option set. - /APP partition does not have 'nodev' option set. - /var/www partition does not have 'nodev' option set. Could you please tell us how Nexpose check this vulnerabilities and it is based on what ?? Best regards.
Posted by Yasmine about a year ago
So with the proliferation of InsightVM, can customers expect that and some point we will be able to measure our risk score against the average risk score across all industries and specific ones? I think many have challenges at the end of the day confidently explaining the risk score and what it means overall for an organization. The question "well is this a good thing or a bad thing?" simply cannot be answered with numbers in front of us however if it were possible to compare your risk score to the average across specific and across all industry verticals (considering average asset count), I think the risk score would be much easier to digest for the layman.
Posted by Jamal Pecou about a year ago
Hello, Since yesterday I was still able to use my metasploit framework (msfconsole) - but today it's showing the following errors: So I start things with: ~# service postgresql start ~# service metasploit start Failed to start metasploit.service: Unit metasploit.service not found After getting the above, i still continue with msfconsole ~# msfconsole Failed to connect to the database: could not connect to server: Connection refused Is the server running on host "localhost" (::1) and accepting TCP/IP connections on port 7337? After the above, I tried suggested solutions over the internet such as msfdb reinit, apt-get and so on. My postgresql is listening to 5432 - so I'm not sure why msfconsole is trying to connect to 7337. Appreciate the help. Thank you, Sam
Posted by Sameer Anwar about a year ago