Vuln Description doesn't exist in OpenVAS-9 XML #7
Description
The following error was experienced using GSM Community Edition Version: 4.0.5 VM (corresponds to OpenVAS-9):
root@gsm:~# openvas_to_report -i report-_guid_.xml -o openvas.xlsx
Traceback (most recent call last):
File "/usr/local/bin/openvas_to_report", line 11, in <module>
sys.exit(main())
File "/usr/local/lib/python3.4/dist-packages/openvas_to_report/openvas_to_document.py", line 65, in main
convert(config)
File "/usr/local/lib/python3.4/dist-packages/openvas_to_report/api.py", line 248, in convert
openvas_info = openvas_parser(config.input_files, excluded_hosts=excluded_hosts, scope_hosts=scope_hosts)
File "/usr/local/lib/python3.4/dist-packages/openvas_to_report/libs/parsers/openvas_parser.py", line 185, in openvas_parser
vuln_description = vuln.find(".//description").text
AttributeError: 'NoneType' object has no attribute 'text'
root@gsm:~# openvas_to_report -i report-02a09a8c-ab70-4246-b13c-9930fb890530.xml -o openvas.xlsx
Traceback (most recent call last):
File "/usr/local/bin/openvas_to_report", line 11, in <module>
sys.exit(main())
File "/usr/local/lib/python3.4/dist-packages/openvas_to_report/openvas_to_document.py", line 65, in main
convert(config)
File "/usr/local/lib/python3.4/dist-packages/openvas_to_report/api.py", line 248, in convert
openvas_info = openvas_parser(config.input_files, excluded_hosts=excluded_hosts, scope_hosts=scope_hosts)
File "/usr/local/lib/python3.4/dist-packages/openvas_to_report/libs/parsers/openvas_parser.py", line 185, in openvas_parser
vuln_description = vuln.find(".//description").text
AttributeError: 'NoneType' object has no attribute 'text'
Reviewing the generated XML, there is no tag. It appears that everything is now lumped into a tag which contains several unordered pipe-delimited key-value pairs. Two examples follow:
cvss_base_vector=AV:N/AC:L/Au:N/C:N/I:P/A:N|insight=This script checks expiry dates of certificates associated with SSL/TLS-enabled services on the target and reports whether any have already expired.|solution=Replace the SSL/TLS certificate by a new one.|summary=The remote server's SSL/TLS certificate has already expired.|solution_type=Mitigation|qod_type=remote_app
cvss_base_vector=AV:N/AC:H/Au:N/C:P/I:N/A:N|summary=The remote host implements TCP timestamps and therefore allows to compute
the uptime.|vuldetect=Special IP packets are forged and sent with a little delay in between to the
target IP. The responses are searched for a timestamps. If found, the timestamps are reported.|solution=To disable TCP timestamps on linux add the line 'net.ipv4.tcp_timestamps = 0' to
/etc/sysctl.conf. Execute 'sysctl -p' to apply the settings at runtime.
To disable TCP timestamps on Windows execute 'netsh int tcp set global timestamps=disabled'
Starting with Windows Server 2008 and Vista, the timestamp can not be completely disabled.
The default behavior of the TCP/IP stack on this Systems is to not use the
Timestamp options when initiating TCP connections, but use them if the TCP peer
that is initiating communication includes them in their synchronize (SYN) segment.
See also: http://www.microsoft.com/en-us/download/details.aspx?id=9152|affected=TCP/IPv4 implementations that implement RFC1323.|insight=The remote host implements TCP timestamps, as defined by RFC1323.|impact=A side effect of this feature is that the uptime of the remote
host can sometimes be computed.|solution_type=Mitigation|qod_type=remote_banner
Replacing "description" with "tags" at openvas_parser.py:185 gets past this issue, but a proper fix will involve some string manipulation (which I might do but I'd want to compare XML and XSLX output from OpenVAS-8 first to ensure I'm retrieving the same data).