Nessus 3.2.1 Released – New Report Filtering Features Added

May 30, 2008 – 8:35 PM

Tenable Network Security has released version 3.2.1 of the Nessus vulnerability scanner. This point release includes a variety of small bug fixes as well as a new report filtering interface for the Nessus client. This blog entry will discuss the new Nessus features, bug fixes and reporting filters for the Nessus Client.

Nessus Release Notes

New features

  • New multi-criteria report filter in NessusClient. There is more on this later in the blog.
  • On Mac OS X, it is now possible to authenticate with NessusClient to a remote Nessus server via a SSL certificate
  • New NASL functions – bn_dec2raw(), bn_raw2dec(), bn_hex2raw(), bn_raw2hex(), rsa_public_encrypt(), rsa_private_encrypt() and rsa_private_decrypt()
  • New options in nessusd.conf : ‘enable_listen_ipv4’ and ‘enable_listen_ipv6’ let the user disable IPv4 and IPv6 bindings
  • Builds for Ubuntu Linux 8.04 and Fedora 9
  • Support for Windows 2000

Bug fixes in this release

‘nessus’ command-line client :

  • report entries longer than 16Kb would be truncated
  • When exporting a report to the .nessus format, some report entries could sometimes be truncated
  • When exporting a report to the .nessus format, backslashes would not be properly escaped

Nessus server :

  • Fixed a concurrency issue when too many threads write to the plugin database
  • On Solaris, SIGCHLD signals would not always be properly handled, thus leaving zombie processes
  • Fixed a segmentation fault in nasl occurring on 64 bits systems

Nessus client :

  • When searching for plugins, the filtering interface now works as expected

Plugins :

  • ssl_ciphers.nes has been removed in favor of the new ssl_ciphers.nasl
  • Fixed a segmentation fault in nessus_tcp_scanner.nes

Packaging :

  • The %uninstall section of the RPMs contained a bug which would force users doing an upgrade to call ‘chkconfig nessusd on’ manually. Due to the nature of this bug, be sure to call ‘chkconfig nessusd on’ when upgrading from 3.x.y to 3.2.1
  • The Debian 4 i386 build was incorrectly registering itself as x86-64, thus breaking ‘nessus-update’ on Debian 4 i386

Download here:
http://www.nessus.org/download/

You must be logged in to post a comment.