OpenVAS release 2.0.0 available

OpenVAS stands for Open Vulnerability Assessment System and is a network security scanner with associated tools like a graphical user fontend. The core is a server component with a set of plugins to test various vulnerabilities in remote systems and applications.

The main changes

  • Initial OVAL Support: OpenVAS 2.0.0 introduces preliminary support for OVAL, the Open Vulnerability and Assessment Language. OVAL is an international, information security, community standard to promote open, standardized and publicly available security content. The OpenVAS server can now execute OVAL files just like its own Network Vulnerability Tests (NVTs) using the OVAL definitions interpreter "ovaldi". While the plain ovaldi tool can only check local systems where it is installed, the combination with OpenVAS enables ovaldi to test any target system for which OpenVAS has collected information. OpenVAS 2.0.0 includes readily available support for Red Hat Enterprise Linux security announcements as published in OVAL format. OVAL support will expand to further platforms.
  • OpenVAS Transfer Protocol (OTP): A comprehensive audit of the Nessus Transfer Protocol (NTP) resulted in numerous improvements and fixes and lead to the OpenVAS Transfer Protocol (OTP). Since NTP support was dropped entirely, the 1.0 and 2.0 series of OpenVAS Server and Client can not operate in mixed mode.
  • Object Identifiers (OIDs): In order to make identifying individual NVTs easier, OpenVAS adopted an OID-based numbering scheme for NVTs. OIDs in OpenVAS will start with the prefix 1.3.6.1.4.1.25623, backward compatibility in server and client has been ensured.
  • 64-bit Support: Intensive work on 64-bit cleanliness has been undertaken. OpenVAS 2.0.0 is expected be fully 64-bit compatible.
  • Improved GUI Client: The OpenVAS-Client has seen a number of improvements and is now able to display NVT signature information in the GUI and in the various reports. Reporting has been improved as well as localization for various languages (best support in this order: German, Spanish/French, Swedish, Hebrew, Croatian).
  • Bugfixes: Any spotted bugs have been fixed. Please refer to the CHANGES files supplied with the individual modules for details.
  • Code Audit: A large amount of outdated or unused code has been identified and removed or replaced.

Post scriptum

Compliance Mandates

  • Vulnerability Scanner :

    PCI DSS 11.2, 6.6, SOX A13.3, GLBA 16CFR Part 314.4(c), HIPAA 164.308(a)(8), FISMA RA-5, SI-2, ISO 27001-27002 12.6, 15.2.2


Comments

Related Articles

OpenVAS
Vulnerability Scanner