Tenable Network Security has released version 4.0.1 of the Nessus vulnerability scanner. This point release includes a variety of minor bug fixes as well as support for additional authentication schemes.
Here’s a summary of some of the fixes and improvements:
- Fixed memory & register leaks in NASL
- nessus-fetch now supports Basic, Digest, and NTLM proxy authentication schemes
- The timeout for NessusClient TCP socket was too low and has been increased
- The ‘nessus’ cmd line tool would sometimes leave temporary files on the filesystem
- Improved performance for reverse DNS lookups
- Knowledge Base files would sometimes not be created for targets where the user specified a hostname
- Pinging a remote host would sometimes fail if the ARP address of the gateway was not in the local cache
- On some configurations registration would not complete
- ‘Manage users’ would not change the users passwords
- NessusClient would sometimes close a modified report without asking to save first
- The Nessus server now runs on Windows 7. However, Windows 7 is not officially supported at this time. Features such as packet forgery are not yet functioning.
Mac OS X
- In some cases Nessus would not work on Mac OS X 10.4
- NessusClient would display the IP addresses of the target in reverse order on Mac OS X PPC.
- On Linux 64-bit versions, Nessus would generate error messages in dmesg.