Bug#343487: nessusd: cannot connect to 2.2.5-3 server

Subject:	Bug#343487: nessusd: cannot connect to 2.2.5-3 server
From:	Marc Haber
Date:	Thu, 15 Dec 2005 18:50:22 +0100
Newsgroups:	linux.debian.bugs.dist

On Thu, Dec 15, 2005 at 06:20:01PM +0100, Javier Fernández-Sanguino Peña wrote:
> On Thu, Dec 15, 2005 at 05:17:36PM +0100, Marc Haber wrote:
> > A recompiled 2.2.5-3 on current sid exhibit the same behavior.
> > 
> > I suspect some library issue.
> 
> Yes, that looks like an SSL error due to incompatibilies with the libraries.
> 
> > What i find strange: ldd of the working (2.2.5-2) daemon shows that
> > it's linked to both libssl.so.0.9.8 and libssl.so.0.9.7, while the
> 
> Strange, my working 2.2.5-2 daemon says:
> ~$ ldd /usr/sbin/nessusd |grep ssl
>         libssl.so.0.9.7 => /usr/lib/i686/cmov/libssl.so.0.9.7 (0x40115000)
> 
> > non-working (3.2.5-3) daemon is only linked against libssl.so.0.9.7.
> 
> No, it's the other way around:
> 
> $ ldd 
> debian/security/nessus/packages/nessus-core-2.2.5/debian/nessusd/usr/sbin/nessusd
> |grep ssl
>         libssl.so.0.9.8 => /usr/lib/i686/cmov/libssl.so.0.9.8 (0x40115000)
>         libssl.so.0.9.7 => /usr/lib/i686/cmov/libssl.so.0.9.7 (0x403b4000)

NACK.

[2/68]mh@scyw00225[chroot sid]:~$ dpkg --list nessusd
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Installed/Config-files/Unpacked/Failed-config/Half-installed
|/ Err?=(none)/Hold/Reinst-required/X=both-problems (Status,Err: uppercase=bad)
||/ Name           Version        Description
+++-==============-==============-============================================
ii  nessusd        2.2.5-3        Remote network security auditor, the server
[3/69]mh@scyw00225[chroot sid]:~$ ldd /usr/sbin/nessusd | grep ssl
        libssl.so.0.9.8 => /usr/lib/i686/cmov/libssl.so.0.9.8 (0xb7ea9000)
[6/72]mh@scyw00225[chroot sid]:~$ sudo aptitude install nessusd/unstable
<snip>
[7/73]mh@scyw00225[chroot sid]:~$ dpkg --list nessusd
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Installed/Config-files/Unpacked/Failed-config/Half-installed
|/ Err?=(none)/Hold/Reinst-required/X=both-problems (Status,Err: uppercase=bad)
||/ Name           Version        Description
+++-==============-==============-============================================
ii  nessusd        2.2.5-2        Remote network security auditor, the server
[8/74]mh@scyw00225[chroot sid]:~$ ldd /usr/sbin/nessusd | grep ssl
        libssl.so.0.9.7 => /usr/lib/i686/cmov/libssl.so.0.9.7 (0xb7dd9000)
        libssl.so.0.9.8 => /usr/lib/i686/cmov/libssl.so.0.9.8 (0xb7b4e000)

> And the client (2.2.5-2) says
> $ ldd /usr/bin/nessus |grep ssl
>         libssl.so.0.9.7 => /usr/lib/i686/cmov/libssl.so.0.9.7 (0x400e1000)

Confirmed. 

> I guess recompiling the nessusd package should fix this issue.

Not on current sid, already tried that:
[13/79]mh@scyw00225[chroot sid]:~$ dpkg --list nessusd
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Installed/Config-files/Unpacked/Failed-config/Half-installed
|/ Err?=(none)/Hold/Reinst-required/X=both-problems (Status,Err: uppercase=bad)
||/ Name           Version        Description
+++-==============-==============-============================================
ii  nessusd        2.2.5-2+zg1    Remote network security auditor, the server
[14/80]mh@scyw00225[chroot sid]:~$ ldd /usr/sbin/nessusd | grep ssl
        libssl.so.0.9.8 => /usr/lib/i686/cmov/libssl.so.0.9.8 (0xb7dfc000)
[15/81]mh@scyw00225[chroot sid]:~$

That's a non working daemon, built in a fairly minimal chroot of
current sid with nessus-core's build dependencies installed.

> > This is kind of important as there does not seem to be a possibility
> > to legally use nessus built from Debian with a registered plugin feed
> > at the moment.
> 
> Er, this is completely unrelated (and not true). See
> /usr/share/doc/nessus-plugins/README.rebuild.Debian

Ah. I have been looking for that readme inside the nessus or
nessusd packages. Btw, the nessus_2.2.5.orig.tar.gz differs from
what's downloadeable from the nessus web site. Additionally, following
this procedure produces a non-working nessusd package on current sid.

Greetings
Marc

-- 
-----------------------------------------------------------------------------
Marc Haber         | "I don't trust Computers. They | Mailadresse im Header
Mannheim, Germany  |  lose things."    Winona Ryder | Fon: *49 621 72739834
Nordisch by Nature |  How to make an American Quilt | Fax: *49 621 72739835


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-REQUEST@xxxxxxxxxxxxxxxx
with a subject of "unsubscribe". Trouble? Contact listmaster@xxxxxxxxxxxxxxxx

<Prev in Thread]	Current Thread	[Next in Thread>
Bug#343487: nessusd: cannot connect to 2.2.5-3 server, Marc Haber Bug#343487: nessusd: cannot connect to 2.2.5-3 server, Javier Fernández-Sanguino Peña Bug#343487: nessusd: cannot connect to 2.2.5-3 server, Marc Haber <= Bug#343487: nessusd: cannot connect to 2.2.5-3 server, Javier Fernández-Sanguino Peña Bug#343487: nessusd: cannot connect to 2.2.5-3 server, Marc Haber Bug#343487: nessusd: cannot connect to 2.2.5-3 server, Javier Fernández-Sanguino Peña Bug#343487: nessusd: cannot connect to 2.2.5-3 server, Marc Haber Bug#343487: nessusd: cannot connect to 2.2.5-3 server, Javier Fernández-Sanguino Peña Bug#343487: nessusd: cannot connect to 2.2.5-3 server, Steve Langasek Message not available Bug#343487: nessusd: cannot connect to 2.2.5-3 server, Steve Langasek Bug#343487: nessusd: cannot connect to 2.2.5-3 server, Javier Fernández-Sanguino Peña Message not available Bug#343487: nessusd: cannot connect to 2.2.5-3 server, Steve Langasek

Previous by Date:	Bug#343501: libgtkgl2.0-dev: update README.Debian, A Mennucc
Next by Date:	Bug#329231: Qt change brings to light bug in kst, Josh Metzler
Previous by Thread:	Bug#343487: nessusd: cannot connect to 2.2.5-3 server, Javier Fernández-Sanguino Peña
Next by Thread:	Bug#343487: nessusd: cannot connect to 2.2.5-3 server, Javier Fernández-Sanguino Peña
Indexes:	[Date] [Thread] [Top] [All Lists]