FortiGuard
Fortinet’s Global Threat Intelligence and Research
Courtney_Schwartz
Article Id 196144

Description

With FortiGuard Vulnerability and Compliance Management (VCM) service package version 1.215, FortiScan appliances could be unable to successfully complete a remote vulnerability scan (that is an agentless vulnerability scan).

Log messages indicating the problem show that the scan is being reset:
07:13:42  MessageVM job (Vulnerability_Scan_20111026_063838) has been started manually by admin via GUI

07:13:44  VM scan schedule (Vulnerability_Scan_20111026_063838) has been started by system.

07:14:03  MessageVM schedule (Vulnerability_Scan_20111026_063838) has been reset by system.

This FortiGuard VCM package was included with FortiScan 4.0 MR2 Patch 2 firmware.


Scope

FortiScan with FortiGuard VCM 1.215


Solution

This problem can be resolved by updating the FortiGuard VCM package.

Debug logs for the remote vulnerability scanner are shown below:
[2011-10-13 15:14:35] DEBUG: vm(1792):rvs_util.c:288: _append_to_dynamic_str: plugin_list needs to be expanded. cur_size: 25600
[2011-10-13 15:14:35] DEBUG: vm(1792):rvs_util.c:288: _append_to_dynamic_str: plugin_list needs to be expanded. cur_size: 26624
[2011-10-13 15:14:35] DEBUG: vm(1792):rvs_util.c:288: _append_to_dynamic_str: plugin_list needs to be expanded. cur_size: 27648
[2011-10-13 15:14:35] DEBUG: vm(1792):rvs_util.c:288: _append_to_dynamic_str: plugin_list needs to be expanded. cur_size: 28672
[2011-10-13 15:14:35] DEBUG: vm(1792):task.c:846: before rvs_Scan...
[2011-10-13 15:14:35] DEBUG: vm(1792):task.c:861: load /drive0/private/vuln/lib/engine/flg_rvs.so scan successfully
[2011-10-13 15:14:35] DEBUG: vm(1792):task.c:908: job:Vulnerability_Scan_20111013_151421, host(0):172.17.93.160, 1
[2011-10-13 15:14:35] DEBUG: vm(1792):task.c:1082: rvs_Scan...
[2011-10-13 15:14:45] DEBUG: vm(879):rvsagent.c:429: check_report_tasking...
[2011-10-13 15:14:55] DEBUG: vm(879):rvsagent.c:414: check_tasking...
[2011-10-13 15:14:55] DEBUG: vm(879):task.c:175: Reset the running job [Vulnerability_Scan_20111013_151421]
[2011-10-13 15:14:55] DEBUG: vm(879):rvsagent.c:429: check_report_tasking...
[2011-10-13 15:15:05] DEBUG: vm(879):rvsagent.c:414: check_tasking...
[2011-10-13 15:15:05] DEBUG: vm(879):rvsagent.c:429: check_report_tasking...
[2011-10-13 15:15:15] DEBUG: vm(879):rvsagent.c:414: check_tasking...
[2011-10-13 15:15:15] DEBUG: vm(879):rvsagent.c:429: check_report_tasking...



 

 

Contributors