Nessus 4.0.1 released

Tenable Network Security has released version 4.0.1 of the Nessus vulnerability scanner. This point release includes a variety of minor bug fixes as well as support for additional authentication schemes.

Here’s a summary of some of the fixes and improvements:

Generic

  • Fixed memory & register leaks in NASL
  • nessus-fetch now supports Basic, Digest, and NTLM proxy authentication schemes
  • The timeout for NessusClient TCP socket was too low and has been increased
  • The ‘nessus’ cmd line tool would sometimes leave temporary files on the filesystem
  • Improved performance for reverse DNS lookups
  • Knowledge Base files would sometimes not be created for targets where the user specified a hostname
  • Pinging a remote host would sometimes fail if the ARP address of the gateway was not in the local cache

Windows

  • On some configurations registration would not complete
  • ‘Manage users’ would not change the users passwords
  • NessusClient would sometimes close a modified report without asking to save first
  • The Nessus server now runs on Windows 7. However, Windows 7 is not officially supported at this time. Features such as packet forgery are not yet functioning.

Mac OS X

  • In some cases Nessus would not work on Mac OS X 10.4
  • NessusClient would display the IP addresses of the target in reverse order on Mac OS X PPC.

Linux

  • On Linux 64-bit versions, Nessus would generate error messages in dmesg.