Update libnasl, nessus{-core,-libraries,-plugins} to 1.2.0.
1.1.15/1.2.0 :
. changes by Nicolas Dubee (ndubee@secway.com) :
- Better support for AF_UNIX sockets
. changes by Brian (bmc@snort.org) :
- CVE references
- several bugfixes in the plugins
. changes by Peter Gründl (pgrundl@kpmg.dk) and
Carsten Joergensen (carstenjoergensen@kpmg.dk) :
- Extensive review of the plugins and therefore numerous fixes
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- FD leak in save_kb.c fixed
. changes by Renaud Deraison (deraison at nessus.org)
- It is now possible to upload files to the server when using
the command line client
- lrand48() portability problems worked around
- fixed a bug in the report window that would make it crash
randomly
1.1.14 :
. changes by Renaud Deraison (deraison at nessus.org)
- SMB fixes (thanks to Michael Scheidell)
- When the safe checks option is enabled, dangerous tests with no
alternate code (ie: plugins of type ACT_DESTRUCTIVE_ATTACK and
ACT_DENIAL) are disabled
- Hosts can be designated by their MAC address of instead of their
IP address (mostly useful for DHCP networks)
- Fixed a bug in the report generation which would replace newlines (\n)
by semi-columns (;)
- Fixed a bug in the export of some types of reports, where open ports
with no data associated would not be saved
- Integrated THC's Hydra as a Nessus plugin
- Added new NT security checks (related to user management)
- Plugins of type ACT_SETTINGS can not be disabled
- Fixed a bug which would make nessusd hang when a scanner was reporting
too many open ports (as when a UDP scan reports all UDP ports as
being open)
. changes by Dion Stempfley (dion at riptech.com)
- The client can now filter on category
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- Fixed some plugins causing error messages in some circumstances
(dns_xfer.nasl, snmp_processes.nasl...)
- Stylish changes to prevent gcc -Wall from whining in some files
- XML NG output is now XML compliant
- Bug fixes
. changes by Jenni Scott (jenni.scott@guardent.com) and
Michael Slifcak (michael.slifcak@guardent.com) :
- Improved the reporting of the plugins (better consistency, better
wording)
1.1.13 :
. changes by Michel Arboi (arboi at algoriel.fr)
- New family ACT_SETTINGS dedicated to plugins which just let the user
enter some preferences
- Optional NIDS evasion techniques (url encoding, tcp slicing)
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug in the command line client which would make it ignore
some preferences
- SMB checks can now log into a Windows domain
- NIDS evasion techniques (data injection, short ttl)
- Fixed a bug which would randomly stall the scan
1.1.12 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workarounds on FreeBSD to prevent a kernel panic
(thanks to Michael Scheidell and Stefan Esser)
- nessus can export reports as other file formats again
1.1.11 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug regarding the saving of reports from the GUI
- Improved the backend in many ways (speed-wise, content-wise)
- Changes in the protocol
- More messages are sent between the server and the client (timestamps,
plugins version, ...)
- New .nbe file format, which looks like .nsr but has more information
in it
- Plugins now have versions numbers.
- The user can upload his plugins to the nessusd server from the client
- It is now possible to upload files to the server (ie: nmap's results) in
command-line mode
- Fixed false positives in SNMP plugins when launched against a non-configured
Solaris snmpd
. changes by Guillaume Valadon (guillaume at valadon.net)
- New XML output (the XML layout was defined by Lionel Cons [lionel.cons at cern.ch])
1.1.10 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug introduced in 1.1.9 which would sometimes prevent a user from
aborting an on-going test
- Fixed a bug in the client which would prevent the user from setting a port
range longer than 255 chars
- Fixed bugs in pcap_next() (thanks to Richard van den Berg). Also, pcap_next() is now more flexible.
- Fixed a bug in the command line client which would make it close the
communication too early when the client - server communication is not
ciphered
- Added an "auto-load dependencies at runtime" option
1.1.9 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fix in the GUI, when closing a saved report
- Fixed a bug in ftp_log_in() which would prevent nasl script from
logging into some FTP servers
- Solaris build problems fixed
- Darwin 1.4.1 build problems fixed
- MkLinux DR3 build problems fixed (is anyone using it anymore ?)
- GTK 1.0.x build problems fixed (the use of GTK 1.2 is recommended though)
- Fixed the "wrong call to getopt" problem which would make Nessus
segfault when built with cygwin, and which would prevent options
from working under Solaris & FreeBSD (thanks to Udo Schweigert)
- SMB checks speedup (thanks to Georges Dagousset's suggestion)
- Fixed a bug in the client - server communication that would make the
server close the communication when the client is idle
- Better support for AF_UNIX socket for client-server communication
(compile nessus-core with ./configure --enable-unix-socket)
- Plugins are disabled by default in batch mode
. changes by Michel Arboi (arboi at algoriel.fr)
- Client now properly checks the certificate of the server
. changes by Benoit Brodard (bbrodard at arkoon.net)
- fixed bugs in nasl/tcp.c (checksum, handling of unsigned int)
1.1.8 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workaround for systems with a low number of bpfs (OpenBSD, Darwin)
- Added some length checks for SMB checks
- No more zombies
- Fixed accounts.nes
- Fixed the reporting of the client (reports would be mixed)
- Client removes tempfiles when exiting
- Repaired ptyexecvp() which would not work on Solaris
- Slight bugfix in the NASL interpretor
. changes by Georges Dagousset (georges at alert4web.com)
- More optimizations
- Properly reloads KBs with the same value defined more than once
- Fixes in some plugins dependencies
. changes by Michael Slifcak <Michael.Slifcak at guardent.com>
- More nmap options
- Quiet mode in nessus-adduser
1.1.7 :
. changes by Renaud Deraison (deraison at nessus.org)
- Compiles on platforms without OpenSSL
- Better Solaris support
- Ported under Darwin (many thanks to Dieter Fiebelkorn
(dieter at fiebelkorn.net) who actually started the port and helped
me test this)
- Unscanned ports can now be considered as closed or open (instead of
just open), at user choice
- Upgraded to libtool 1.4.2
- fixed a bug in the client which would make it display the wrong report
when doing multiple scans
- enhanced the plugins filter (that appear when pressing 'l' in the GUI)
- fixed a serious problem in the SMB plugins which would prevent them to work
against Samba and which would make them slow against Windows (pointed out
by Georges Dagousset)
. changes by Iouri Pletnev (Iouri.Pletnec at xacta.com)
- Ported under Cygwin
. changes by Michel Arboi (arboi at algoriel.fr)
- Added nessus-mkrand for hosts with no /dev/random AND no EGD
running
1.1.6 :
. changes by Renaud Deraison (deraison at nessus.org)
- EGD support for OpenSSL (do ./configure --enable-egd=/path/to/egd/socket
in nessus-libraries)
- KB items are now stored with individual dates instead of a global
date for the whole KB file. Yes, this means you have to delete your
old KB files
- When an host could not be pinged, his KB is not altered (nor created)
- fixed memory leaks in nessusd
- nessus-mkcert checks that the certificates were really created
before congratulating the user
- fixed a security problem where anybody with a shell on the nessusd
host could log in
1.1.5 :
. changes by Georges Dagousset (georges.dagousset at alert4web.com) :
- new KB entries for further "optimizations"
- improved find_services.nes
. changes by Renaud Deraison (deraison at nessus.org) :
- cleaned up the KB
- added doc/kb_entries.txt
- bugfix in find_services regarding the pem password
- new reporting GUI
- fixed a problem which would leave some plugin run against a host
considered as dead
- the KB are now stored with properly escaped \n and \r chars
- greatly improved tcp_ping.nasl (and tcp_ping() in libnasl)
. changes by Michel Arboi (arboi at algoriel.fr) :
- replaced PEKS by OpenSSL in the client/server communication
. changes by H D Moore (hdm@secureaustin.com)
- fixed no404.nasl
1.1.4 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed find_services.nes
- plugins that are slow to finish are _really_ killed by the server
- the client better handles the scan of big networks
- nmap_wrapper now updates its progress bar
- nessus-update-plugins support proxies (with or without authentication)
- monitor_backend.c and data_mining.c allow any developer to plug
a database behind the client (by default flatfiles are used)
- bug fixed in nmap_wrapper which would make it kill its parent
process randomly
- minor fix in the tcp_ping() function of NASL (ack would be set
to non-zero for a syn packet)
- fixed Alexis's ftp_write_dirs.nes & ftp_bounce_scan.nes
. changes by Michel Arboi (arboi at noos.fr) :
- find_services accepts password-protected .pem files
- patches in the way files were transmitted between the client
and the server (which could end up in a deadlock)
. changes by Alexis de Bernis <alexisb at tpfh.org) :
- fixed ftp_write_dirs.nes
1.1.3 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'torturecgis.nasl' which supplies bogus args to
the remote CGIs, in order to find the most blantantly broken
ones
- webmirror.nasl now retrieves the list of arguments of each
CGI.
- added filter support in the client. Use the key 'l' to filter
out plugins you don't want to see.
- added the 'safe checks' option which allow the user to not disturb
the network (but which weakens the Nessus tests)
- disabled backward support for port 3001 - the official port
is 1241 now.
1.1.2 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'webmirror.nasl', which extracts the list of
CGIs used by a remote web server (and will do much more).
- fixed a problem in NASL due to the SSL patch that would cause
a fd leak with some plugins.
- added a new plugin category (ACT_DESTRUCTIVE_ATTACK) for plugins
that may harm the remote host.
- SSL certificates & key can be imported
- corrected a bug introduced in 1.1.0 that would make the client not display
the name of the plugin currently being run.
- sending signal SIGUSR1 to nessusd makes the grandfather process (the one
who listens on tcp ports) die without killing its children, thus
allowing a smooth upgrade of nessusd
- updated config.guess and config.sub
1.1.1 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed mem leaks in NASL
- fixed a bug introduced in 1.1.0 regarding recv_line()
- fixed a bug introduced in 1.1.0 in the process management of the plugins
(all the KB would not be filled, resulting in incomplete tests)
- smb_sid2user.nasl is twice as fast ;)
1.1.0 :
. changes by Devin Kowatch (devink at SDSC.EDU) :
- fixed communication problem between client and server
- user-defined timing policy in nmap
- nessus-update-plugins uses wget (or any user-supplied command at
compilation time) if available.
. changes by Michel Arboi (arboi at bigfoot.com) :
- support for the -T option of nmap
- SSL support
. changes by Zorgon (zorgon at antionline.org) :
- support for the --os_guess option of nmap
. changes by Renaud Deraison (deraison at nessus.org) :
- the user can upload files to plugins through the client (ie: it is possible
to upload nmap's results directly to the nmap plugin)
- tests can be run in parallel now
- each user is now granted a home by nessus-adduser
- added nessus-rmuser
- per users plugins
Of course several new plugins were added as well.
2002-05-10 15:18:44 +02:00
|
|
|
@comment $NetBSD: PLIST,v 1.3 2002/05/10 13:18:47 frueauf Exp $
|
2000-07-30 13:16:15 +02:00
|
|
|
bin/nessus-build
|
|
|
|
etc/nessus/accounts.txt
|
|
|
|
etc/nessus/queso.conf
|
2001-12-30 19:38:53 +01:00
|
|
|
lib/nessus/plugins/3com_switches.nasl
|
|
|
|
lib/nessus/plugins/BEA_weblogic_Reveal_Script_Code.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/ColdFusion.nasl
|
2001-12-30 19:38:53 +01:00
|
|
|
lib/nessus/plugins/DDI_F5_Default_Support.nasl
|
|
|
|
lib/nessus/plugins/DDI_Netware_Management_Portal.nasl
|
|
|
|
lib/nessus/plugins/DDI_PIX_Firewall_Manager.nasl
|
|
|
|
lib/nessus/plugins/DDI_Unprotected_PCanywhere.nasl
|
|
|
|
lib/nessus/plugins/DDI_Unprotected_SiteScope.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/ExAir_dos_advsearch.nasl
|
|
|
|
lib/nessus/plugins/ExAir_dos_query.nasl
|
|
|
|
lib/nessus/plugins/ExAir_dos_search.nasl
|
2001-08-16 19:27:53 +02:00
|
|
|
lib/nessus/plugins/GuildFTPD097.nasl
|
2001-01-28 19:52:32 +01:00
|
|
|
lib/nessus/plugins/IIS_frontpage_DOS.nasl
|
2000-11-12 05:32:02 +01:00
|
|
|
lib/nessus/plugins/LPRng.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/NetSphere.nasl
|
2001-12-30 19:38:53 +01:00
|
|
|
lib/nessus/plugins/Omnihttpd_pro_source_disclosure.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/PC_anywhere.nasl
|
2001-12-30 19:38:53 +01:00
|
|
|
lib/nessus/plugins/PC_anywhere_tcp.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/PGPCert_DoS.nasl
|
Update libnasl, nessus{-core,-libraries,-plugins} to 1.2.0.
1.1.15/1.2.0 :
. changes by Nicolas Dubee (ndubee@secway.com) :
- Better support for AF_UNIX sockets
. changes by Brian (bmc@snort.org) :
- CVE references
- several bugfixes in the plugins
. changes by Peter Gründl (pgrundl@kpmg.dk) and
Carsten Joergensen (carstenjoergensen@kpmg.dk) :
- Extensive review of the plugins and therefore numerous fixes
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- FD leak in save_kb.c fixed
. changes by Renaud Deraison (deraison at nessus.org)
- It is now possible to upload files to the server when using
the command line client
- lrand48() portability problems worked around
- fixed a bug in the report window that would make it crash
randomly
1.1.14 :
. changes by Renaud Deraison (deraison at nessus.org)
- SMB fixes (thanks to Michael Scheidell)
- When the safe checks option is enabled, dangerous tests with no
alternate code (ie: plugins of type ACT_DESTRUCTIVE_ATTACK and
ACT_DENIAL) are disabled
- Hosts can be designated by their MAC address of instead of their
IP address (mostly useful for DHCP networks)
- Fixed a bug in the report generation which would replace newlines (\n)
by semi-columns (;)
- Fixed a bug in the export of some types of reports, where open ports
with no data associated would not be saved
- Integrated THC's Hydra as a Nessus plugin
- Added new NT security checks (related to user management)
- Plugins of type ACT_SETTINGS can not be disabled
- Fixed a bug which would make nessusd hang when a scanner was reporting
too many open ports (as when a UDP scan reports all UDP ports as
being open)
. changes by Dion Stempfley (dion at riptech.com)
- The client can now filter on category
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- Fixed some plugins causing error messages in some circumstances
(dns_xfer.nasl, snmp_processes.nasl...)
- Stylish changes to prevent gcc -Wall from whining in some files
- XML NG output is now XML compliant
- Bug fixes
. changes by Jenni Scott (jenni.scott@guardent.com) and
Michael Slifcak (michael.slifcak@guardent.com) :
- Improved the reporting of the plugins (better consistency, better
wording)
1.1.13 :
. changes by Michel Arboi (arboi at algoriel.fr)
- New family ACT_SETTINGS dedicated to plugins which just let the user
enter some preferences
- Optional NIDS evasion techniques (url encoding, tcp slicing)
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug in the command line client which would make it ignore
some preferences
- SMB checks can now log into a Windows domain
- NIDS evasion techniques (data injection, short ttl)
- Fixed a bug which would randomly stall the scan
1.1.12 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workarounds on FreeBSD to prevent a kernel panic
(thanks to Michael Scheidell and Stefan Esser)
- nessus can export reports as other file formats again
1.1.11 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug regarding the saving of reports from the GUI
- Improved the backend in many ways (speed-wise, content-wise)
- Changes in the protocol
- More messages are sent between the server and the client (timestamps,
plugins version, ...)
- New .nbe file format, which looks like .nsr but has more information
in it
- Plugins now have versions numbers.
- The user can upload his plugins to the nessusd server from the client
- It is now possible to upload files to the server (ie: nmap's results) in
command-line mode
- Fixed false positives in SNMP plugins when launched against a non-configured
Solaris snmpd
. changes by Guillaume Valadon (guillaume at valadon.net)
- New XML output (the XML layout was defined by Lionel Cons [lionel.cons at cern.ch])
1.1.10 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug introduced in 1.1.9 which would sometimes prevent a user from
aborting an on-going test
- Fixed a bug in the client which would prevent the user from setting a port
range longer than 255 chars
- Fixed bugs in pcap_next() (thanks to Richard van den Berg). Also, pcap_next() is now more flexible.
- Fixed a bug in the command line client which would make it close the
communication too early when the client - server communication is not
ciphered
- Added an "auto-load dependencies at runtime" option
1.1.9 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fix in the GUI, when closing a saved report
- Fixed a bug in ftp_log_in() which would prevent nasl script from
logging into some FTP servers
- Solaris build problems fixed
- Darwin 1.4.1 build problems fixed
- MkLinux DR3 build problems fixed (is anyone using it anymore ?)
- GTK 1.0.x build problems fixed (the use of GTK 1.2 is recommended though)
- Fixed the "wrong call to getopt" problem which would make Nessus
segfault when built with cygwin, and which would prevent options
from working under Solaris & FreeBSD (thanks to Udo Schweigert)
- SMB checks speedup (thanks to Georges Dagousset's suggestion)
- Fixed a bug in the client - server communication that would make the
server close the communication when the client is idle
- Better support for AF_UNIX socket for client-server communication
(compile nessus-core with ./configure --enable-unix-socket)
- Plugins are disabled by default in batch mode
. changes by Michel Arboi (arboi at algoriel.fr)
- Client now properly checks the certificate of the server
. changes by Benoit Brodard (bbrodard at arkoon.net)
- fixed bugs in nasl/tcp.c (checksum, handling of unsigned int)
1.1.8 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workaround for systems with a low number of bpfs (OpenBSD, Darwin)
- Added some length checks for SMB checks
- No more zombies
- Fixed accounts.nes
- Fixed the reporting of the client (reports would be mixed)
- Client removes tempfiles when exiting
- Repaired ptyexecvp() which would not work on Solaris
- Slight bugfix in the NASL interpretor
. changes by Georges Dagousset (georges at alert4web.com)
- More optimizations
- Properly reloads KBs with the same value defined more than once
- Fixes in some plugins dependencies
. changes by Michael Slifcak <Michael.Slifcak at guardent.com>
- More nmap options
- Quiet mode in nessus-adduser
1.1.7 :
. changes by Renaud Deraison (deraison at nessus.org)
- Compiles on platforms without OpenSSL
- Better Solaris support
- Ported under Darwin (many thanks to Dieter Fiebelkorn
(dieter at fiebelkorn.net) who actually started the port and helped
me test this)
- Unscanned ports can now be considered as closed or open (instead of
just open), at user choice
- Upgraded to libtool 1.4.2
- fixed a bug in the client which would make it display the wrong report
when doing multiple scans
- enhanced the plugins filter (that appear when pressing 'l' in the GUI)
- fixed a serious problem in the SMB plugins which would prevent them to work
against Samba and which would make them slow against Windows (pointed out
by Georges Dagousset)
. changes by Iouri Pletnev (Iouri.Pletnec at xacta.com)
- Ported under Cygwin
. changes by Michel Arboi (arboi at algoriel.fr)
- Added nessus-mkrand for hosts with no /dev/random AND no EGD
running
1.1.6 :
. changes by Renaud Deraison (deraison at nessus.org)
- EGD support for OpenSSL (do ./configure --enable-egd=/path/to/egd/socket
in nessus-libraries)
- KB items are now stored with individual dates instead of a global
date for the whole KB file. Yes, this means you have to delete your
old KB files
- When an host could not be pinged, his KB is not altered (nor created)
- fixed memory leaks in nessusd
- nessus-mkcert checks that the certificates were really created
before congratulating the user
- fixed a security problem where anybody with a shell on the nessusd
host could log in
1.1.5 :
. changes by Georges Dagousset (georges.dagousset at alert4web.com) :
- new KB entries for further "optimizations"
- improved find_services.nes
. changes by Renaud Deraison (deraison at nessus.org) :
- cleaned up the KB
- added doc/kb_entries.txt
- bugfix in find_services regarding the pem password
- new reporting GUI
- fixed a problem which would leave some plugin run against a host
considered as dead
- the KB are now stored with properly escaped \n and \r chars
- greatly improved tcp_ping.nasl (and tcp_ping() in libnasl)
. changes by Michel Arboi (arboi at algoriel.fr) :
- replaced PEKS by OpenSSL in the client/server communication
. changes by H D Moore (hdm@secureaustin.com)
- fixed no404.nasl
1.1.4 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed find_services.nes
- plugins that are slow to finish are _really_ killed by the server
- the client better handles the scan of big networks
- nmap_wrapper now updates its progress bar
- nessus-update-plugins support proxies (with or without authentication)
- monitor_backend.c and data_mining.c allow any developer to plug
a database behind the client (by default flatfiles are used)
- bug fixed in nmap_wrapper which would make it kill its parent
process randomly
- minor fix in the tcp_ping() function of NASL (ack would be set
to non-zero for a syn packet)
- fixed Alexis's ftp_write_dirs.nes & ftp_bounce_scan.nes
. changes by Michel Arboi (arboi at noos.fr) :
- find_services accepts password-protected .pem files
- patches in the way files were transmitted between the client
and the server (which could end up in a deadlock)
. changes by Alexis de Bernis <alexisb at tpfh.org) :
- fixed ftp_write_dirs.nes
1.1.3 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'torturecgis.nasl' which supplies bogus args to
the remote CGIs, in order to find the most blantantly broken
ones
- webmirror.nasl now retrieves the list of arguments of each
CGI.
- added filter support in the client. Use the key 'l' to filter
out plugins you don't want to see.
- added the 'safe checks' option which allow the user to not disturb
the network (but which weakens the Nessus tests)
- disabled backward support for port 3001 - the official port
is 1241 now.
1.1.2 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'webmirror.nasl', which extracts the list of
CGIs used by a remote web server (and will do much more).
- fixed a problem in NASL due to the SSL patch that would cause
a fd leak with some plugins.
- added a new plugin category (ACT_DESTRUCTIVE_ATTACK) for plugins
that may harm the remote host.
- SSL certificates & key can be imported
- corrected a bug introduced in 1.1.0 that would make the client not display
the name of the plugin currently being run.
- sending signal SIGUSR1 to nessusd makes the grandfather process (the one
who listens on tcp ports) die without killing its children, thus
allowing a smooth upgrade of nessusd
- updated config.guess and config.sub
1.1.1 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed mem leaks in NASL
- fixed a bug introduced in 1.1.0 regarding recv_line()
- fixed a bug introduced in 1.1.0 in the process management of the plugins
(all the KB would not be filled, resulting in incomplete tests)
- smb_sid2user.nasl is twice as fast ;)
1.1.0 :
. changes by Devin Kowatch (devink at SDSC.EDU) :
- fixed communication problem between client and server
- user-defined timing policy in nmap
- nessus-update-plugins uses wget (or any user-supplied command at
compilation time) if available.
. changes by Michel Arboi (arboi at bigfoot.com) :
- support for the -T option of nmap
- SSL support
. changes by Zorgon (zorgon at antionline.org) :
- support for the --os_guess option of nmap
. changes by Renaud Deraison (deraison at nessus.org) :
- the user can upload files to plugins through the client (ie: it is possible
to upload nmap's results directly to the nmap plugin)
- tests can be run in parallel now
- each user is now granted a home by nessus-adduser
- added nessus-rmuser
- per users plugins
Of course several new plugins were added as well.
2002-05-10 15:18:44 +02:00
|
|
|
lib/nessus/plugins/RA_ssh_detect.nasl
|
|
|
|
lib/nessus/plugins/RA_www_detect.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/ShowCode.nasl
|
2000-08-04 01:09:21 +02:00
|
|
|
lib/nessus/plugins/TelSrv_DoS.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/WebSite.nasl
|
|
|
|
lib/nessus/plugins/X.nasl
|
2001-06-17 15:25:54 +02:00
|
|
|
lib/nessus/plugins/a1stats.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/acc.nasl
|
|
|
|
lib/nessus/plugins/accounts.nes
|
Update libnasl, nessus{-core,-libraries,-plugins} to 1.2.0.
1.1.15/1.2.0 :
. changes by Nicolas Dubee (ndubee@secway.com) :
- Better support for AF_UNIX sockets
. changes by Brian (bmc@snort.org) :
- CVE references
- several bugfixes in the plugins
. changes by Peter Gründl (pgrundl@kpmg.dk) and
Carsten Joergensen (carstenjoergensen@kpmg.dk) :
- Extensive review of the plugins and therefore numerous fixes
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- FD leak in save_kb.c fixed
. changes by Renaud Deraison (deraison at nessus.org)
- It is now possible to upload files to the server when using
the command line client
- lrand48() portability problems worked around
- fixed a bug in the report window that would make it crash
randomly
1.1.14 :
. changes by Renaud Deraison (deraison at nessus.org)
- SMB fixes (thanks to Michael Scheidell)
- When the safe checks option is enabled, dangerous tests with no
alternate code (ie: plugins of type ACT_DESTRUCTIVE_ATTACK and
ACT_DENIAL) are disabled
- Hosts can be designated by their MAC address of instead of their
IP address (mostly useful for DHCP networks)
- Fixed a bug in the report generation which would replace newlines (\n)
by semi-columns (;)
- Fixed a bug in the export of some types of reports, where open ports
with no data associated would not be saved
- Integrated THC's Hydra as a Nessus plugin
- Added new NT security checks (related to user management)
- Plugins of type ACT_SETTINGS can not be disabled
- Fixed a bug which would make nessusd hang when a scanner was reporting
too many open ports (as when a UDP scan reports all UDP ports as
being open)
. changes by Dion Stempfley (dion at riptech.com)
- The client can now filter on category
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- Fixed some plugins causing error messages in some circumstances
(dns_xfer.nasl, snmp_processes.nasl...)
- Stylish changes to prevent gcc -Wall from whining in some files
- XML NG output is now XML compliant
- Bug fixes
. changes by Jenni Scott (jenni.scott@guardent.com) and
Michael Slifcak (michael.slifcak@guardent.com) :
- Improved the reporting of the plugins (better consistency, better
wording)
1.1.13 :
. changes by Michel Arboi (arboi at algoriel.fr)
- New family ACT_SETTINGS dedicated to plugins which just let the user
enter some preferences
- Optional NIDS evasion techniques (url encoding, tcp slicing)
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug in the command line client which would make it ignore
some preferences
- SMB checks can now log into a Windows domain
- NIDS evasion techniques (data injection, short ttl)
- Fixed a bug which would randomly stall the scan
1.1.12 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workarounds on FreeBSD to prevent a kernel panic
(thanks to Michael Scheidell and Stefan Esser)
- nessus can export reports as other file formats again
1.1.11 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug regarding the saving of reports from the GUI
- Improved the backend in many ways (speed-wise, content-wise)
- Changes in the protocol
- More messages are sent between the server and the client (timestamps,
plugins version, ...)
- New .nbe file format, which looks like .nsr but has more information
in it
- Plugins now have versions numbers.
- The user can upload his plugins to the nessusd server from the client
- It is now possible to upload files to the server (ie: nmap's results) in
command-line mode
- Fixed false positives in SNMP plugins when launched against a non-configured
Solaris snmpd
. changes by Guillaume Valadon (guillaume at valadon.net)
- New XML output (the XML layout was defined by Lionel Cons [lionel.cons at cern.ch])
1.1.10 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug introduced in 1.1.9 which would sometimes prevent a user from
aborting an on-going test
- Fixed a bug in the client which would prevent the user from setting a port
range longer than 255 chars
- Fixed bugs in pcap_next() (thanks to Richard van den Berg). Also, pcap_next() is now more flexible.
- Fixed a bug in the command line client which would make it close the
communication too early when the client - server communication is not
ciphered
- Added an "auto-load dependencies at runtime" option
1.1.9 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fix in the GUI, when closing a saved report
- Fixed a bug in ftp_log_in() which would prevent nasl script from
logging into some FTP servers
- Solaris build problems fixed
- Darwin 1.4.1 build problems fixed
- MkLinux DR3 build problems fixed (is anyone using it anymore ?)
- GTK 1.0.x build problems fixed (the use of GTK 1.2 is recommended though)
- Fixed the "wrong call to getopt" problem which would make Nessus
segfault when built with cygwin, and which would prevent options
from working under Solaris & FreeBSD (thanks to Udo Schweigert)
- SMB checks speedup (thanks to Georges Dagousset's suggestion)
- Fixed a bug in the client - server communication that would make the
server close the communication when the client is idle
- Better support for AF_UNIX socket for client-server communication
(compile nessus-core with ./configure --enable-unix-socket)
- Plugins are disabled by default in batch mode
. changes by Michel Arboi (arboi at algoriel.fr)
- Client now properly checks the certificate of the server
. changes by Benoit Brodard (bbrodard at arkoon.net)
- fixed bugs in nasl/tcp.c (checksum, handling of unsigned int)
1.1.8 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workaround for systems with a low number of bpfs (OpenBSD, Darwin)
- Added some length checks for SMB checks
- No more zombies
- Fixed accounts.nes
- Fixed the reporting of the client (reports would be mixed)
- Client removes tempfiles when exiting
- Repaired ptyexecvp() which would not work on Solaris
- Slight bugfix in the NASL interpretor
. changes by Georges Dagousset (georges at alert4web.com)
- More optimizations
- Properly reloads KBs with the same value defined more than once
- Fixes in some plugins dependencies
. changes by Michael Slifcak <Michael.Slifcak at guardent.com>
- More nmap options
- Quiet mode in nessus-adduser
1.1.7 :
. changes by Renaud Deraison (deraison at nessus.org)
- Compiles on platforms without OpenSSL
- Better Solaris support
- Ported under Darwin (many thanks to Dieter Fiebelkorn
(dieter at fiebelkorn.net) who actually started the port and helped
me test this)
- Unscanned ports can now be considered as closed or open (instead of
just open), at user choice
- Upgraded to libtool 1.4.2
- fixed a bug in the client which would make it display the wrong report
when doing multiple scans
- enhanced the plugins filter (that appear when pressing 'l' in the GUI)
- fixed a serious problem in the SMB plugins which would prevent them to work
against Samba and which would make them slow against Windows (pointed out
by Georges Dagousset)
. changes by Iouri Pletnev (Iouri.Pletnec at xacta.com)
- Ported under Cygwin
. changes by Michel Arboi (arboi at algoriel.fr)
- Added nessus-mkrand for hosts with no /dev/random AND no EGD
running
1.1.6 :
. changes by Renaud Deraison (deraison at nessus.org)
- EGD support for OpenSSL (do ./configure --enable-egd=/path/to/egd/socket
in nessus-libraries)
- KB items are now stored with individual dates instead of a global
date for the whole KB file. Yes, this means you have to delete your
old KB files
- When an host could not be pinged, his KB is not altered (nor created)
- fixed memory leaks in nessusd
- nessus-mkcert checks that the certificates were really created
before congratulating the user
- fixed a security problem where anybody with a shell on the nessusd
host could log in
1.1.5 :
. changes by Georges Dagousset (georges.dagousset at alert4web.com) :
- new KB entries for further "optimizations"
- improved find_services.nes
. changes by Renaud Deraison (deraison at nessus.org) :
- cleaned up the KB
- added doc/kb_entries.txt
- bugfix in find_services regarding the pem password
- new reporting GUI
- fixed a problem which would leave some plugin run against a host
considered as dead
- the KB are now stored with properly escaped \n and \r chars
- greatly improved tcp_ping.nasl (and tcp_ping() in libnasl)
. changes by Michel Arboi (arboi at algoriel.fr) :
- replaced PEKS by OpenSSL in the client/server communication
. changes by H D Moore (hdm@secureaustin.com)
- fixed no404.nasl
1.1.4 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed find_services.nes
- plugins that are slow to finish are _really_ killed by the server
- the client better handles the scan of big networks
- nmap_wrapper now updates its progress bar
- nessus-update-plugins support proxies (with or without authentication)
- monitor_backend.c and data_mining.c allow any developer to plug
a database behind the client (by default flatfiles are used)
- bug fixed in nmap_wrapper which would make it kill its parent
process randomly
- minor fix in the tcp_ping() function of NASL (ack would be set
to non-zero for a syn packet)
- fixed Alexis's ftp_write_dirs.nes & ftp_bounce_scan.nes
. changes by Michel Arboi (arboi at noos.fr) :
- find_services accepts password-protected .pem files
- patches in the way files were transmitted between the client
and the server (which could end up in a deadlock)
. changes by Alexis de Bernis <alexisb at tpfh.org) :
- fixed ftp_write_dirs.nes
1.1.3 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'torturecgis.nasl' which supplies bogus args to
the remote CGIs, in order to find the most blantantly broken
ones
- webmirror.nasl now retrieves the list of arguments of each
CGI.
- added filter support in the client. Use the key 'l' to filter
out plugins you don't want to see.
- added the 'safe checks' option which allow the user to not disturb
the network (but which weakens the Nessus tests)
- disabled backward support for port 3001 - the official port
is 1241 now.
1.1.2 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'webmirror.nasl', which extracts the list of
CGIs used by a remote web server (and will do much more).
- fixed a problem in NASL due to the SSL patch that would cause
a fd leak with some plugins.
- added a new plugin category (ACT_DESTRUCTIVE_ATTACK) for plugins
that may harm the remote host.
- SSL certificates & key can be imported
- corrected a bug introduced in 1.1.0 that would make the client not display
the name of the plugin currently being run.
- sending signal SIGUSR1 to nessusd makes the grandfather process (the one
who listens on tcp ports) die without killing its children, thus
allowing a smooth upgrade of nessusd
- updated config.guess and config.sub
1.1.1 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed mem leaks in NASL
- fixed a bug introduced in 1.1.0 regarding recv_line()
- fixed a bug introduced in 1.1.0 in the process management of the plugins
(all the KB would not be filled, resulting in incomplete tests)
- smb_sid2user.nasl is twice as fast ;)
1.1.0 :
. changes by Devin Kowatch (devink at SDSC.EDU) :
- fixed communication problem between client and server
- user-defined timing policy in nmap
- nessus-update-plugins uses wget (or any user-supplied command at
compilation time) if available.
. changes by Michel Arboi (arboi at bigfoot.com) :
- support for the -T option of nmap
- SSL support
. changes by Zorgon (zorgon at antionline.org) :
- support for the --os_guess option of nmap
. changes by Renaud Deraison (deraison at nessus.org) :
- the user can upload files to plugins through the client (ie: it is possible
to upload nmap's results directly to the nmap plugin)
- tests can be run in parallel now
- each user is now granted a home by nessus-adduser
- added nessus-rmuser
- per users plugins
Of course several new plugins were added as well.
2002-05-10 15:18:44 +02:00
|
|
|
lib/nessus/plugins/admentor_login_flaw.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/afs_version.nasl
|
Update libnasl, nessus{-core,-libraries,-plugins} to 1.2.0.
1.1.15/1.2.0 :
. changes by Nicolas Dubee (ndubee@secway.com) :
- Better support for AF_UNIX sockets
. changes by Brian (bmc@snort.org) :
- CVE references
- several bugfixes in the plugins
. changes by Peter Gründl (pgrundl@kpmg.dk) and
Carsten Joergensen (carstenjoergensen@kpmg.dk) :
- Extensive review of the plugins and therefore numerous fixes
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- FD leak in save_kb.c fixed
. changes by Renaud Deraison (deraison at nessus.org)
- It is now possible to upload files to the server when using
the command line client
- lrand48() portability problems worked around
- fixed a bug in the report window that would make it crash
randomly
1.1.14 :
. changes by Renaud Deraison (deraison at nessus.org)
- SMB fixes (thanks to Michael Scheidell)
- When the safe checks option is enabled, dangerous tests with no
alternate code (ie: plugins of type ACT_DESTRUCTIVE_ATTACK and
ACT_DENIAL) are disabled
- Hosts can be designated by their MAC address of instead of their
IP address (mostly useful for DHCP networks)
- Fixed a bug in the report generation which would replace newlines (\n)
by semi-columns (;)
- Fixed a bug in the export of some types of reports, where open ports
with no data associated would not be saved
- Integrated THC's Hydra as a Nessus plugin
- Added new NT security checks (related to user management)
- Plugins of type ACT_SETTINGS can not be disabled
- Fixed a bug which would make nessusd hang when a scanner was reporting
too many open ports (as when a UDP scan reports all UDP ports as
being open)
. changes by Dion Stempfley (dion at riptech.com)
- The client can now filter on category
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- Fixed some plugins causing error messages in some circumstances
(dns_xfer.nasl, snmp_processes.nasl...)
- Stylish changes to prevent gcc -Wall from whining in some files
- XML NG output is now XML compliant
- Bug fixes
. changes by Jenni Scott (jenni.scott@guardent.com) and
Michael Slifcak (michael.slifcak@guardent.com) :
- Improved the reporting of the plugins (better consistency, better
wording)
1.1.13 :
. changes by Michel Arboi (arboi at algoriel.fr)
- New family ACT_SETTINGS dedicated to plugins which just let the user
enter some preferences
- Optional NIDS evasion techniques (url encoding, tcp slicing)
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug in the command line client which would make it ignore
some preferences
- SMB checks can now log into a Windows domain
- NIDS evasion techniques (data injection, short ttl)
- Fixed a bug which would randomly stall the scan
1.1.12 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workarounds on FreeBSD to prevent a kernel panic
(thanks to Michael Scheidell and Stefan Esser)
- nessus can export reports as other file formats again
1.1.11 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug regarding the saving of reports from the GUI
- Improved the backend in many ways (speed-wise, content-wise)
- Changes in the protocol
- More messages are sent between the server and the client (timestamps,
plugins version, ...)
- New .nbe file format, which looks like .nsr but has more information
in it
- Plugins now have versions numbers.
- The user can upload his plugins to the nessusd server from the client
- It is now possible to upload files to the server (ie: nmap's results) in
command-line mode
- Fixed false positives in SNMP plugins when launched against a non-configured
Solaris snmpd
. changes by Guillaume Valadon (guillaume at valadon.net)
- New XML output (the XML layout was defined by Lionel Cons [lionel.cons at cern.ch])
1.1.10 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug introduced in 1.1.9 which would sometimes prevent a user from
aborting an on-going test
- Fixed a bug in the client which would prevent the user from setting a port
range longer than 255 chars
- Fixed bugs in pcap_next() (thanks to Richard van den Berg). Also, pcap_next() is now more flexible.
- Fixed a bug in the command line client which would make it close the
communication too early when the client - server communication is not
ciphered
- Added an "auto-load dependencies at runtime" option
1.1.9 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fix in the GUI, when closing a saved report
- Fixed a bug in ftp_log_in() which would prevent nasl script from
logging into some FTP servers
- Solaris build problems fixed
- Darwin 1.4.1 build problems fixed
- MkLinux DR3 build problems fixed (is anyone using it anymore ?)
- GTK 1.0.x build problems fixed (the use of GTK 1.2 is recommended though)
- Fixed the "wrong call to getopt" problem which would make Nessus
segfault when built with cygwin, and which would prevent options
from working under Solaris & FreeBSD (thanks to Udo Schweigert)
- SMB checks speedup (thanks to Georges Dagousset's suggestion)
- Fixed a bug in the client - server communication that would make the
server close the communication when the client is idle
- Better support for AF_UNIX socket for client-server communication
(compile nessus-core with ./configure --enable-unix-socket)
- Plugins are disabled by default in batch mode
. changes by Michel Arboi (arboi at algoriel.fr)
- Client now properly checks the certificate of the server
. changes by Benoit Brodard (bbrodard at arkoon.net)
- fixed bugs in nasl/tcp.c (checksum, handling of unsigned int)
1.1.8 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workaround for systems with a low number of bpfs (OpenBSD, Darwin)
- Added some length checks for SMB checks
- No more zombies
- Fixed accounts.nes
- Fixed the reporting of the client (reports would be mixed)
- Client removes tempfiles when exiting
- Repaired ptyexecvp() which would not work on Solaris
- Slight bugfix in the NASL interpretor
. changes by Georges Dagousset (georges at alert4web.com)
- More optimizations
- Properly reloads KBs with the same value defined more than once
- Fixes in some plugins dependencies
. changes by Michael Slifcak <Michael.Slifcak at guardent.com>
- More nmap options
- Quiet mode in nessus-adduser
1.1.7 :
. changes by Renaud Deraison (deraison at nessus.org)
- Compiles on platforms without OpenSSL
- Better Solaris support
- Ported under Darwin (many thanks to Dieter Fiebelkorn
(dieter at fiebelkorn.net) who actually started the port and helped
me test this)
- Unscanned ports can now be considered as closed or open (instead of
just open), at user choice
- Upgraded to libtool 1.4.2
- fixed a bug in the client which would make it display the wrong report
when doing multiple scans
- enhanced the plugins filter (that appear when pressing 'l' in the GUI)
- fixed a serious problem in the SMB plugins which would prevent them to work
against Samba and which would make them slow against Windows (pointed out
by Georges Dagousset)
. changes by Iouri Pletnev (Iouri.Pletnec at xacta.com)
- Ported under Cygwin
. changes by Michel Arboi (arboi at algoriel.fr)
- Added nessus-mkrand for hosts with no /dev/random AND no EGD
running
1.1.6 :
. changes by Renaud Deraison (deraison at nessus.org)
- EGD support for OpenSSL (do ./configure --enable-egd=/path/to/egd/socket
in nessus-libraries)
- KB items are now stored with individual dates instead of a global
date for the whole KB file. Yes, this means you have to delete your
old KB files
- When an host could not be pinged, his KB is not altered (nor created)
- fixed memory leaks in nessusd
- nessus-mkcert checks that the certificates were really created
before congratulating the user
- fixed a security problem where anybody with a shell on the nessusd
host could log in
1.1.5 :
. changes by Georges Dagousset (georges.dagousset at alert4web.com) :
- new KB entries for further "optimizations"
- improved find_services.nes
. changes by Renaud Deraison (deraison at nessus.org) :
- cleaned up the KB
- added doc/kb_entries.txt
- bugfix in find_services regarding the pem password
- new reporting GUI
- fixed a problem which would leave some plugin run against a host
considered as dead
- the KB are now stored with properly escaped \n and \r chars
- greatly improved tcp_ping.nasl (and tcp_ping() in libnasl)
. changes by Michel Arboi (arboi at algoriel.fr) :
- replaced PEKS by OpenSSL in the client/server communication
. changes by H D Moore (hdm@secureaustin.com)
- fixed no404.nasl
1.1.4 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed find_services.nes
- plugins that are slow to finish are _really_ killed by the server
- the client better handles the scan of big networks
- nmap_wrapper now updates its progress bar
- nessus-update-plugins support proxies (with or without authentication)
- monitor_backend.c and data_mining.c allow any developer to plug
a database behind the client (by default flatfiles are used)
- bug fixed in nmap_wrapper which would make it kill its parent
process randomly
- minor fix in the tcp_ping() function of NASL (ack would be set
to non-zero for a syn packet)
- fixed Alexis's ftp_write_dirs.nes & ftp_bounce_scan.nes
. changes by Michel Arboi (arboi at noos.fr) :
- find_services accepts password-protected .pem files
- patches in the way files were transmitted between the client
and the server (which could end up in a deadlock)
. changes by Alexis de Bernis <alexisb at tpfh.org) :
- fixed ftp_write_dirs.nes
1.1.3 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'torturecgis.nasl' which supplies bogus args to
the remote CGIs, in order to find the most blantantly broken
ones
- webmirror.nasl now retrieves the list of arguments of each
CGI.
- added filter support in the client. Use the key 'l' to filter
out plugins you don't want to see.
- added the 'safe checks' option which allow the user to not disturb
the network (but which weakens the Nessus tests)
- disabled backward support for port 3001 - the official port
is 1241 now.
1.1.2 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'webmirror.nasl', which extracts the list of
CGIs used by a remote web server (and will do much more).
- fixed a problem in NASL due to the SSL patch that would cause
a fd leak with some plugins.
- added a new plugin category (ACT_DESTRUCTIVE_ATTACK) for plugins
that may harm the remote host.
- SSL certificates & key can be imported
- corrected a bug introduced in 1.1.0 that would make the client not display
the name of the plugin currently being run.
- sending signal SIGUSR1 to nessusd makes the grandfather process (the one
who listens on tcp ports) die without killing its children, thus
allowing a smooth upgrade of nessusd
- updated config.guess and config.sub
1.1.1 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed mem leaks in NASL
- fixed a bug introduced in 1.1.0 regarding recv_line()
- fixed a bug introduced in 1.1.0 in the process management of the plugins
(all the KB would not be filled, resulting in incomplete tests)
- smb_sid2user.nasl is twice as fast ;)
1.1.0 :
. changes by Devin Kowatch (devink at SDSC.EDU) :
- fixed communication problem between client and server
- user-defined timing policy in nmap
- nessus-update-plugins uses wget (or any user-supplied command at
compilation time) if available.
. changes by Michel Arboi (arboi at bigfoot.com) :
- support for the -T option of nmap
- SSL support
. changes by Zorgon (zorgon at antionline.org) :
- support for the --os_guess option of nmap
. changes by Renaud Deraison (deraison at nessus.org) :
- the user can upload files to plugins through the client (ie: it is possible
to upload nmap's results directly to the nmap plugin)
- tests can be run in parallel now
- each user is now granted a home by nessus-adduser
- added nessus-rmuser
- per users plugins
Of course several new plugins were added as well.
2002-05-10 15:18:44 +02:00
|
|
|
lib/nessus/plugins/agora.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/aix_ftpd.nasl
|
2000-11-12 05:32:02 +01:00
|
|
|
lib/nessus/plugins/alcatel_adsl.nasl
|
2001-12-30 19:38:53 +01:00
|
|
|
lib/nessus/plugins/alcatel_adsl_firewalling.nasl
|
|
|
|
lib/nessus/plugins/alchemy_eye_http.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/alibaba.nasl
|
|
|
|
lib/nessus/plugins/alibaba_get32.nasl
|
|
|
|
lib/nessus/plugins/alibaba_overflow.nasl
|
|
|
|
lib/nessus/plugins/alibaba_pl.nasl
|
|
|
|
lib/nessus/plugins/alibaba_tst.nasl
|
|
|
|
lib/nessus/plugins/altavista_search.nasl
|
2000-08-04 01:09:21 +02:00
|
|
|
lib/nessus/plugins/amanda_detect.nasl
|
2001-12-30 19:38:53 +01:00
|
|
|
lib/nessus/plugins/amanda_version.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/an_httpd_cgis.nasl
|
2000-11-12 05:32:02 +01:00
|
|
|
lib/nessus/plugins/anaconda.nasl
|
2001-06-17 15:25:54 +02:00
|
|
|
lib/nessus/plugins/anacondaclip.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/analogx.nasl
|
|
|
|
lib/nessus/plugins/analogx_dos.nasl
|
2000-10-15 19:19:49 +02:00
|
|
|
lib/nessus/plugins/analogx_traversal.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/annex_dos.nasl
|
2001-12-30 19:38:53 +01:00
|
|
|
lib/nessus/plugins/aolserver_default_password.nasl
|
|
|
|
lib/nessus/plugins/apache_auth_sql_insertion.nasl
|
Update libnasl, nessus{-core,-libraries,-plugins} to 1.2.0.
1.1.15/1.2.0 :
. changes by Nicolas Dubee (ndubee@secway.com) :
- Better support for AF_UNIX sockets
. changes by Brian (bmc@snort.org) :
- CVE references
- several bugfixes in the plugins
. changes by Peter Gründl (pgrundl@kpmg.dk) and
Carsten Joergensen (carstenjoergensen@kpmg.dk) :
- Extensive review of the plugins and therefore numerous fixes
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- FD leak in save_kb.c fixed
. changes by Renaud Deraison (deraison at nessus.org)
- It is now possible to upload files to the server when using
the command line client
- lrand48() portability problems worked around
- fixed a bug in the report window that would make it crash
randomly
1.1.14 :
. changes by Renaud Deraison (deraison at nessus.org)
- SMB fixes (thanks to Michael Scheidell)
- When the safe checks option is enabled, dangerous tests with no
alternate code (ie: plugins of type ACT_DESTRUCTIVE_ATTACK and
ACT_DENIAL) are disabled
- Hosts can be designated by their MAC address of instead of their
IP address (mostly useful for DHCP networks)
- Fixed a bug in the report generation which would replace newlines (\n)
by semi-columns (;)
- Fixed a bug in the export of some types of reports, where open ports
with no data associated would not be saved
- Integrated THC's Hydra as a Nessus plugin
- Added new NT security checks (related to user management)
- Plugins of type ACT_SETTINGS can not be disabled
- Fixed a bug which would make nessusd hang when a scanner was reporting
too many open ports (as when a UDP scan reports all UDP ports as
being open)
. changes by Dion Stempfley (dion at riptech.com)
- The client can now filter on category
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- Fixed some plugins causing error messages in some circumstances
(dns_xfer.nasl, snmp_processes.nasl...)
- Stylish changes to prevent gcc -Wall from whining in some files
- XML NG output is now XML compliant
- Bug fixes
. changes by Jenni Scott (jenni.scott@guardent.com) and
Michael Slifcak (michael.slifcak@guardent.com) :
- Improved the reporting of the plugins (better consistency, better
wording)
1.1.13 :
. changes by Michel Arboi (arboi at algoriel.fr)
- New family ACT_SETTINGS dedicated to plugins which just let the user
enter some preferences
- Optional NIDS evasion techniques (url encoding, tcp slicing)
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug in the command line client which would make it ignore
some preferences
- SMB checks can now log into a Windows domain
- NIDS evasion techniques (data injection, short ttl)
- Fixed a bug which would randomly stall the scan
1.1.12 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workarounds on FreeBSD to prevent a kernel panic
(thanks to Michael Scheidell and Stefan Esser)
- nessus can export reports as other file formats again
1.1.11 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug regarding the saving of reports from the GUI
- Improved the backend in many ways (speed-wise, content-wise)
- Changes in the protocol
- More messages are sent between the server and the client (timestamps,
plugins version, ...)
- New .nbe file format, which looks like .nsr but has more information
in it
- Plugins now have versions numbers.
- The user can upload his plugins to the nessusd server from the client
- It is now possible to upload files to the server (ie: nmap's results) in
command-line mode
- Fixed false positives in SNMP plugins when launched against a non-configured
Solaris snmpd
. changes by Guillaume Valadon (guillaume at valadon.net)
- New XML output (the XML layout was defined by Lionel Cons [lionel.cons at cern.ch])
1.1.10 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug introduced in 1.1.9 which would sometimes prevent a user from
aborting an on-going test
- Fixed a bug in the client which would prevent the user from setting a port
range longer than 255 chars
- Fixed bugs in pcap_next() (thanks to Richard van den Berg). Also, pcap_next() is now more flexible.
- Fixed a bug in the command line client which would make it close the
communication too early when the client - server communication is not
ciphered
- Added an "auto-load dependencies at runtime" option
1.1.9 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fix in the GUI, when closing a saved report
- Fixed a bug in ftp_log_in() which would prevent nasl script from
logging into some FTP servers
- Solaris build problems fixed
- Darwin 1.4.1 build problems fixed
- MkLinux DR3 build problems fixed (is anyone using it anymore ?)
- GTK 1.0.x build problems fixed (the use of GTK 1.2 is recommended though)
- Fixed the "wrong call to getopt" problem which would make Nessus
segfault when built with cygwin, and which would prevent options
from working under Solaris & FreeBSD (thanks to Udo Schweigert)
- SMB checks speedup (thanks to Georges Dagousset's suggestion)
- Fixed a bug in the client - server communication that would make the
server close the communication when the client is idle
- Better support for AF_UNIX socket for client-server communication
(compile nessus-core with ./configure --enable-unix-socket)
- Plugins are disabled by default in batch mode
. changes by Michel Arboi (arboi at algoriel.fr)
- Client now properly checks the certificate of the server
. changes by Benoit Brodard (bbrodard at arkoon.net)
- fixed bugs in nasl/tcp.c (checksum, handling of unsigned int)
1.1.8 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workaround for systems with a low number of bpfs (OpenBSD, Darwin)
- Added some length checks for SMB checks
- No more zombies
- Fixed accounts.nes
- Fixed the reporting of the client (reports would be mixed)
- Client removes tempfiles when exiting
- Repaired ptyexecvp() which would not work on Solaris
- Slight bugfix in the NASL interpretor
. changes by Georges Dagousset (georges at alert4web.com)
- More optimizations
- Properly reloads KBs with the same value defined more than once
- Fixes in some plugins dependencies
. changes by Michael Slifcak <Michael.Slifcak at guardent.com>
- More nmap options
- Quiet mode in nessus-adduser
1.1.7 :
. changes by Renaud Deraison (deraison at nessus.org)
- Compiles on platforms without OpenSSL
- Better Solaris support
- Ported under Darwin (many thanks to Dieter Fiebelkorn
(dieter at fiebelkorn.net) who actually started the port and helped
me test this)
- Unscanned ports can now be considered as closed or open (instead of
just open), at user choice
- Upgraded to libtool 1.4.2
- fixed a bug in the client which would make it display the wrong report
when doing multiple scans
- enhanced the plugins filter (that appear when pressing 'l' in the GUI)
- fixed a serious problem in the SMB plugins which would prevent them to work
against Samba and which would make them slow against Windows (pointed out
by Georges Dagousset)
. changes by Iouri Pletnev (Iouri.Pletnec at xacta.com)
- Ported under Cygwin
. changes by Michel Arboi (arboi at algoriel.fr)
- Added nessus-mkrand for hosts with no /dev/random AND no EGD
running
1.1.6 :
. changes by Renaud Deraison (deraison at nessus.org)
- EGD support for OpenSSL (do ./configure --enable-egd=/path/to/egd/socket
in nessus-libraries)
- KB items are now stored with individual dates instead of a global
date for the whole KB file. Yes, this means you have to delete your
old KB files
- When an host could not be pinged, his KB is not altered (nor created)
- fixed memory leaks in nessusd
- nessus-mkcert checks that the certificates were really created
before congratulating the user
- fixed a security problem where anybody with a shell on the nessusd
host could log in
1.1.5 :
. changes by Georges Dagousset (georges.dagousset at alert4web.com) :
- new KB entries for further "optimizations"
- improved find_services.nes
. changes by Renaud Deraison (deraison at nessus.org) :
- cleaned up the KB
- added doc/kb_entries.txt
- bugfix in find_services regarding the pem password
- new reporting GUI
- fixed a problem which would leave some plugin run against a host
considered as dead
- the KB are now stored with properly escaped \n and \r chars
- greatly improved tcp_ping.nasl (and tcp_ping() in libnasl)
. changes by Michel Arboi (arboi at algoriel.fr) :
- replaced PEKS by OpenSSL in the client/server communication
. changes by H D Moore (hdm@secureaustin.com)
- fixed no404.nasl
1.1.4 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed find_services.nes
- plugins that are slow to finish are _really_ killed by the server
- the client better handles the scan of big networks
- nmap_wrapper now updates its progress bar
- nessus-update-plugins support proxies (with or without authentication)
- monitor_backend.c and data_mining.c allow any developer to plug
a database behind the client (by default flatfiles are used)
- bug fixed in nmap_wrapper which would make it kill its parent
process randomly
- minor fix in the tcp_ping() function of NASL (ack would be set
to non-zero for a syn packet)
- fixed Alexis's ftp_write_dirs.nes & ftp_bounce_scan.nes
. changes by Michel Arboi (arboi at noos.fr) :
- find_services accepts password-protected .pem files
- patches in the way files were transmitted between the client
and the server (which could end up in a deadlock)
. changes by Alexis de Bernis <alexisb at tpfh.org) :
- fixed ftp_write_dirs.nes
1.1.3 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'torturecgis.nasl' which supplies bogus args to
the remote CGIs, in order to find the most blantantly broken
ones
- webmirror.nasl now retrieves the list of arguments of each
CGI.
- added filter support in the client. Use the key 'l' to filter
out plugins you don't want to see.
- added the 'safe checks' option which allow the user to not disturb
the network (but which weakens the Nessus tests)
- disabled backward support for port 3001 - the official port
is 1241 now.
1.1.2 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'webmirror.nasl', which extracts the list of
CGIs used by a remote web server (and will do much more).
- fixed a problem in NASL due to the SSL patch that would cause
a fd leak with some plugins.
- added a new plugin category (ACT_DESTRUCTIVE_ATTACK) for plugins
that may harm the remote host.
- SSL certificates & key can be imported
- corrected a bug introduced in 1.1.0 that would make the client not display
the name of the plugin currently being run.
- sending signal SIGUSR1 to nessusd makes the grandfather process (the one
who listens on tcp ports) die without killing its children, thus
allowing a smooth upgrade of nessusd
- updated config.guess and config.sub
1.1.1 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed mem leaks in NASL
- fixed a bug introduced in 1.1.0 regarding recv_line()
- fixed a bug introduced in 1.1.0 in the process management of the plugins
(all the KB would not be filled, resulting in incomplete tests)
- smb_sid2user.nasl is twice as fast ;)
1.1.0 :
. changes by Devin Kowatch (devink at SDSC.EDU) :
- fixed communication problem between client and server
- user-defined timing policy in nmap
- nessus-update-plugins uses wget (or any user-supplied command at
compilation time) if available.
. changes by Michel Arboi (arboi at bigfoot.com) :
- support for the -T option of nmap
- SSL support
. changes by Zorgon (zorgon at antionline.org) :
- support for the --os_guess option of nmap
. changes by Renaud Deraison (deraison at nessus.org) :
- the user can upload files to plugins through the client (ie: it is possible
to upload nmap's results directly to the nmap plugin)
- tests can be run in parallel now
- each user is now granted a home by nessus-adduser
- added nessus-rmuser
- per users plugins
Of course several new plugins were added as well.
2002-05-10 15:18:44 +02:00
|
|
|
lib/nessus/plugins/apache_bat_exec.nasl
|
2001-08-16 19:27:53 +02:00
|
|
|
lib/nessus/plugins/apache_dir_listing.nasl
|
|
|
|
lib/nessus/plugins/apache_server_info.nasl
|
|
|
|
lib/nessus/plugins/apache_server_status.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/apache_slash.nasl
|
2000-08-04 01:09:21 +02:00
|
|
|
lib/nessus/plugins/apache_source_asp.nasl
|
Update libnasl, nessus{-core,-libraries,-plugins} to 1.2.0.
1.1.15/1.2.0 :
. changes by Nicolas Dubee (ndubee@secway.com) :
- Better support for AF_UNIX sockets
. changes by Brian (bmc@snort.org) :
- CVE references
- several bugfixes in the plugins
. changes by Peter Gründl (pgrundl@kpmg.dk) and
Carsten Joergensen (carstenjoergensen@kpmg.dk) :
- Extensive review of the plugins and therefore numerous fixes
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- FD leak in save_kb.c fixed
. changes by Renaud Deraison (deraison at nessus.org)
- It is now possible to upload files to the server when using
the command line client
- lrand48() portability problems worked around
- fixed a bug in the report window that would make it crash
randomly
1.1.14 :
. changes by Renaud Deraison (deraison at nessus.org)
- SMB fixes (thanks to Michael Scheidell)
- When the safe checks option is enabled, dangerous tests with no
alternate code (ie: plugins of type ACT_DESTRUCTIVE_ATTACK and
ACT_DENIAL) are disabled
- Hosts can be designated by their MAC address of instead of their
IP address (mostly useful for DHCP networks)
- Fixed a bug in the report generation which would replace newlines (\n)
by semi-columns (;)
- Fixed a bug in the export of some types of reports, where open ports
with no data associated would not be saved
- Integrated THC's Hydra as a Nessus plugin
- Added new NT security checks (related to user management)
- Plugins of type ACT_SETTINGS can not be disabled
- Fixed a bug which would make nessusd hang when a scanner was reporting
too many open ports (as when a UDP scan reports all UDP ports as
being open)
. changes by Dion Stempfley (dion at riptech.com)
- The client can now filter on category
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- Fixed some plugins causing error messages in some circumstances
(dns_xfer.nasl, snmp_processes.nasl...)
- Stylish changes to prevent gcc -Wall from whining in some files
- XML NG output is now XML compliant
- Bug fixes
. changes by Jenni Scott (jenni.scott@guardent.com) and
Michael Slifcak (michael.slifcak@guardent.com) :
- Improved the reporting of the plugins (better consistency, better
wording)
1.1.13 :
. changes by Michel Arboi (arboi at algoriel.fr)
- New family ACT_SETTINGS dedicated to plugins which just let the user
enter some preferences
- Optional NIDS evasion techniques (url encoding, tcp slicing)
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug in the command line client which would make it ignore
some preferences
- SMB checks can now log into a Windows domain
- NIDS evasion techniques (data injection, short ttl)
- Fixed a bug which would randomly stall the scan
1.1.12 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workarounds on FreeBSD to prevent a kernel panic
(thanks to Michael Scheidell and Stefan Esser)
- nessus can export reports as other file formats again
1.1.11 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug regarding the saving of reports from the GUI
- Improved the backend in many ways (speed-wise, content-wise)
- Changes in the protocol
- More messages are sent between the server and the client (timestamps,
plugins version, ...)
- New .nbe file format, which looks like .nsr but has more information
in it
- Plugins now have versions numbers.
- The user can upload his plugins to the nessusd server from the client
- It is now possible to upload files to the server (ie: nmap's results) in
command-line mode
- Fixed false positives in SNMP plugins when launched against a non-configured
Solaris snmpd
. changes by Guillaume Valadon (guillaume at valadon.net)
- New XML output (the XML layout was defined by Lionel Cons [lionel.cons at cern.ch])
1.1.10 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug introduced in 1.1.9 which would sometimes prevent a user from
aborting an on-going test
- Fixed a bug in the client which would prevent the user from setting a port
range longer than 255 chars
- Fixed bugs in pcap_next() (thanks to Richard van den Berg). Also, pcap_next() is now more flexible.
- Fixed a bug in the command line client which would make it close the
communication too early when the client - server communication is not
ciphered
- Added an "auto-load dependencies at runtime" option
1.1.9 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fix in the GUI, when closing a saved report
- Fixed a bug in ftp_log_in() which would prevent nasl script from
logging into some FTP servers
- Solaris build problems fixed
- Darwin 1.4.1 build problems fixed
- MkLinux DR3 build problems fixed (is anyone using it anymore ?)
- GTK 1.0.x build problems fixed (the use of GTK 1.2 is recommended though)
- Fixed the "wrong call to getopt" problem which would make Nessus
segfault when built with cygwin, and which would prevent options
from working under Solaris & FreeBSD (thanks to Udo Schweigert)
- SMB checks speedup (thanks to Georges Dagousset's suggestion)
- Fixed a bug in the client - server communication that would make the
server close the communication when the client is idle
- Better support for AF_UNIX socket for client-server communication
(compile nessus-core with ./configure --enable-unix-socket)
- Plugins are disabled by default in batch mode
. changes by Michel Arboi (arboi at algoriel.fr)
- Client now properly checks the certificate of the server
. changes by Benoit Brodard (bbrodard at arkoon.net)
- fixed bugs in nasl/tcp.c (checksum, handling of unsigned int)
1.1.8 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workaround for systems with a low number of bpfs (OpenBSD, Darwin)
- Added some length checks for SMB checks
- No more zombies
- Fixed accounts.nes
- Fixed the reporting of the client (reports would be mixed)
- Client removes tempfiles when exiting
- Repaired ptyexecvp() which would not work on Solaris
- Slight bugfix in the NASL interpretor
. changes by Georges Dagousset (georges at alert4web.com)
- More optimizations
- Properly reloads KBs with the same value defined more than once
- Fixes in some plugins dependencies
. changes by Michael Slifcak <Michael.Slifcak at guardent.com>
- More nmap options
- Quiet mode in nessus-adduser
1.1.7 :
. changes by Renaud Deraison (deraison at nessus.org)
- Compiles on platforms without OpenSSL
- Better Solaris support
- Ported under Darwin (many thanks to Dieter Fiebelkorn
(dieter at fiebelkorn.net) who actually started the port and helped
me test this)
- Unscanned ports can now be considered as closed or open (instead of
just open), at user choice
- Upgraded to libtool 1.4.2
- fixed a bug in the client which would make it display the wrong report
when doing multiple scans
- enhanced the plugins filter (that appear when pressing 'l' in the GUI)
- fixed a serious problem in the SMB plugins which would prevent them to work
against Samba and which would make them slow against Windows (pointed out
by Georges Dagousset)
. changes by Iouri Pletnev (Iouri.Pletnec at xacta.com)
- Ported under Cygwin
. changes by Michel Arboi (arboi at algoriel.fr)
- Added nessus-mkrand for hosts with no /dev/random AND no EGD
running
1.1.6 :
. changes by Renaud Deraison (deraison at nessus.org)
- EGD support for OpenSSL (do ./configure --enable-egd=/path/to/egd/socket
in nessus-libraries)
- KB items are now stored with individual dates instead of a global
date for the whole KB file. Yes, this means you have to delete your
old KB files
- When an host could not be pinged, his KB is not altered (nor created)
- fixed memory leaks in nessusd
- nessus-mkcert checks that the certificates were really created
before congratulating the user
- fixed a security problem where anybody with a shell on the nessusd
host could log in
1.1.5 :
. changes by Georges Dagousset (georges.dagousset at alert4web.com) :
- new KB entries for further "optimizations"
- improved find_services.nes
. changes by Renaud Deraison (deraison at nessus.org) :
- cleaned up the KB
- added doc/kb_entries.txt
- bugfix in find_services regarding the pem password
- new reporting GUI
- fixed a problem which would leave some plugin run against a host
considered as dead
- the KB are now stored with properly escaped \n and \r chars
- greatly improved tcp_ping.nasl (and tcp_ping() in libnasl)
. changes by Michel Arboi (arboi at algoriel.fr) :
- replaced PEKS by OpenSSL in the client/server communication
. changes by H D Moore (hdm@secureaustin.com)
- fixed no404.nasl
1.1.4 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed find_services.nes
- plugins that are slow to finish are _really_ killed by the server
- the client better handles the scan of big networks
- nmap_wrapper now updates its progress bar
- nessus-update-plugins support proxies (with or without authentication)
- monitor_backend.c and data_mining.c allow any developer to plug
a database behind the client (by default flatfiles are used)
- bug fixed in nmap_wrapper which would make it kill its parent
process randomly
- minor fix in the tcp_ping() function of NASL (ack would be set
to non-zero for a syn packet)
- fixed Alexis's ftp_write_dirs.nes & ftp_bounce_scan.nes
. changes by Michel Arboi (arboi at noos.fr) :
- find_services accepts password-protected .pem files
- patches in the way files were transmitted between the client
and the server (which could end up in a deadlock)
. changes by Alexis de Bernis <alexisb at tpfh.org) :
- fixed ftp_write_dirs.nes
1.1.3 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'torturecgis.nasl' which supplies bogus args to
the remote CGIs, in order to find the most blantantly broken
ones
- webmirror.nasl now retrieves the list of arguments of each
CGI.
- added filter support in the client. Use the key 'l' to filter
out plugins you don't want to see.
- added the 'safe checks' option which allow the user to not disturb
the network (but which weakens the Nessus tests)
- disabled backward support for port 3001 - the official port
is 1241 now.
1.1.2 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'webmirror.nasl', which extracts the list of
CGIs used by a remote web server (and will do much more).
- fixed a problem in NASL due to the SSL patch that would cause
a fd leak with some plugins.
- added a new plugin category (ACT_DESTRUCTIVE_ATTACK) for plugins
that may harm the remote host.
- SSL certificates & key can be imported
- corrected a bug introduced in 1.1.0 that would make the client not display
the name of the plugin currently being run.
- sending signal SIGUSR1 to nessusd makes the grandfather process (the one
who listens on tcp ports) die without killing its children, thus
allowing a smooth upgrade of nessusd
- updated config.guess and config.sub
1.1.1 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed mem leaks in NASL
- fixed a bug introduced in 1.1.0 regarding recv_line()
- fixed a bug introduced in 1.1.0 in the process management of the plugins
(all the KB would not be filled, resulting in incomplete tests)
- smb_sid2user.nasl is twice as fast ;)
1.1.0 :
. changes by Devin Kowatch (devink at SDSC.EDU) :
- fixed communication problem between client and server
- user-defined timing policy in nmap
- nessus-update-plugins uses wget (or any user-supplied command at
compilation time) if available.
. changes by Michel Arboi (arboi at bigfoot.com) :
- support for the -T option of nmap
- SSL support
. changes by Zorgon (zorgon at antionline.org) :
- support for the --os_guess option of nmap
. changes by Renaud Deraison (deraison at nessus.org) :
- the user can upload files to plugins through the client (ie: it is possible
to upload nmap's results directly to the nmap plugin)
- tests can be run in parallel now
- each user is now granted a home by nessus-adduser
- added nessus-rmuser
- per users plugins
Of course several new plugins were added as well.
2002-05-10 15:18:44 +02:00
|
|
|
lib/nessus/plugins/apache_ssl_overflow.nasl
|
2001-12-30 19:38:53 +01:00
|
|
|
lib/nessus/plugins/apache_username.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/arkeia.nasl
|
|
|
|
lib/nessus/plugins/ascend_kill.nasl
|
2001-06-17 15:25:54 +02:00
|
|
|
lib/nessus/plugins/asip-status.nasl
|
Update libnasl, nessus{-core,-libraries,-plugins} to 1.2.0.
1.1.15/1.2.0 :
. changes by Nicolas Dubee (ndubee@secway.com) :
- Better support for AF_UNIX sockets
. changes by Brian (bmc@snort.org) :
- CVE references
- several bugfixes in the plugins
. changes by Peter Gründl (pgrundl@kpmg.dk) and
Carsten Joergensen (carstenjoergensen@kpmg.dk) :
- Extensive review of the plugins and therefore numerous fixes
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- FD leak in save_kb.c fixed
. changes by Renaud Deraison (deraison at nessus.org)
- It is now possible to upload files to the server when using
the command line client
- lrand48() portability problems worked around
- fixed a bug in the report window that would make it crash
randomly
1.1.14 :
. changes by Renaud Deraison (deraison at nessus.org)
- SMB fixes (thanks to Michael Scheidell)
- When the safe checks option is enabled, dangerous tests with no
alternate code (ie: plugins of type ACT_DESTRUCTIVE_ATTACK and
ACT_DENIAL) are disabled
- Hosts can be designated by their MAC address of instead of their
IP address (mostly useful for DHCP networks)
- Fixed a bug in the report generation which would replace newlines (\n)
by semi-columns (;)
- Fixed a bug in the export of some types of reports, where open ports
with no data associated would not be saved
- Integrated THC's Hydra as a Nessus plugin
- Added new NT security checks (related to user management)
- Plugins of type ACT_SETTINGS can not be disabled
- Fixed a bug which would make nessusd hang when a scanner was reporting
too many open ports (as when a UDP scan reports all UDP ports as
being open)
. changes by Dion Stempfley (dion at riptech.com)
- The client can now filter on category
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- Fixed some plugins causing error messages in some circumstances
(dns_xfer.nasl, snmp_processes.nasl...)
- Stylish changes to prevent gcc -Wall from whining in some files
- XML NG output is now XML compliant
- Bug fixes
. changes by Jenni Scott (jenni.scott@guardent.com) and
Michael Slifcak (michael.slifcak@guardent.com) :
- Improved the reporting of the plugins (better consistency, better
wording)
1.1.13 :
. changes by Michel Arboi (arboi at algoriel.fr)
- New family ACT_SETTINGS dedicated to plugins which just let the user
enter some preferences
- Optional NIDS evasion techniques (url encoding, tcp slicing)
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug in the command line client which would make it ignore
some preferences
- SMB checks can now log into a Windows domain
- NIDS evasion techniques (data injection, short ttl)
- Fixed a bug which would randomly stall the scan
1.1.12 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workarounds on FreeBSD to prevent a kernel panic
(thanks to Michael Scheidell and Stefan Esser)
- nessus can export reports as other file formats again
1.1.11 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug regarding the saving of reports from the GUI
- Improved the backend in many ways (speed-wise, content-wise)
- Changes in the protocol
- More messages are sent between the server and the client (timestamps,
plugins version, ...)
- New .nbe file format, which looks like .nsr but has more information
in it
- Plugins now have versions numbers.
- The user can upload his plugins to the nessusd server from the client
- It is now possible to upload files to the server (ie: nmap's results) in
command-line mode
- Fixed false positives in SNMP plugins when launched against a non-configured
Solaris snmpd
. changes by Guillaume Valadon (guillaume at valadon.net)
- New XML output (the XML layout was defined by Lionel Cons [lionel.cons at cern.ch])
1.1.10 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug introduced in 1.1.9 which would sometimes prevent a user from
aborting an on-going test
- Fixed a bug in the client which would prevent the user from setting a port
range longer than 255 chars
- Fixed bugs in pcap_next() (thanks to Richard van den Berg). Also, pcap_next() is now more flexible.
- Fixed a bug in the command line client which would make it close the
communication too early when the client - server communication is not
ciphered
- Added an "auto-load dependencies at runtime" option
1.1.9 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fix in the GUI, when closing a saved report
- Fixed a bug in ftp_log_in() which would prevent nasl script from
logging into some FTP servers
- Solaris build problems fixed
- Darwin 1.4.1 build problems fixed
- MkLinux DR3 build problems fixed (is anyone using it anymore ?)
- GTK 1.0.x build problems fixed (the use of GTK 1.2 is recommended though)
- Fixed the "wrong call to getopt" problem which would make Nessus
segfault when built with cygwin, and which would prevent options
from working under Solaris & FreeBSD (thanks to Udo Schweigert)
- SMB checks speedup (thanks to Georges Dagousset's suggestion)
- Fixed a bug in the client - server communication that would make the
server close the communication when the client is idle
- Better support for AF_UNIX socket for client-server communication
(compile nessus-core with ./configure --enable-unix-socket)
- Plugins are disabled by default in batch mode
. changes by Michel Arboi (arboi at algoriel.fr)
- Client now properly checks the certificate of the server
. changes by Benoit Brodard (bbrodard at arkoon.net)
- fixed bugs in nasl/tcp.c (checksum, handling of unsigned int)
1.1.8 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workaround for systems with a low number of bpfs (OpenBSD, Darwin)
- Added some length checks for SMB checks
- No more zombies
- Fixed accounts.nes
- Fixed the reporting of the client (reports would be mixed)
- Client removes tempfiles when exiting
- Repaired ptyexecvp() which would not work on Solaris
- Slight bugfix in the NASL interpretor
. changes by Georges Dagousset (georges at alert4web.com)
- More optimizations
- Properly reloads KBs with the same value defined more than once
- Fixes in some plugins dependencies
. changes by Michael Slifcak <Michael.Slifcak at guardent.com>
- More nmap options
- Quiet mode in nessus-adduser
1.1.7 :
. changes by Renaud Deraison (deraison at nessus.org)
- Compiles on platforms without OpenSSL
- Better Solaris support
- Ported under Darwin (many thanks to Dieter Fiebelkorn
(dieter at fiebelkorn.net) who actually started the port and helped
me test this)
- Unscanned ports can now be considered as closed or open (instead of
just open), at user choice
- Upgraded to libtool 1.4.2
- fixed a bug in the client which would make it display the wrong report
when doing multiple scans
- enhanced the plugins filter (that appear when pressing 'l' in the GUI)
- fixed a serious problem in the SMB plugins which would prevent them to work
against Samba and which would make them slow against Windows (pointed out
by Georges Dagousset)
. changes by Iouri Pletnev (Iouri.Pletnec at xacta.com)
- Ported under Cygwin
. changes by Michel Arboi (arboi at algoriel.fr)
- Added nessus-mkrand for hosts with no /dev/random AND no EGD
running
1.1.6 :
. changes by Renaud Deraison (deraison at nessus.org)
- EGD support for OpenSSL (do ./configure --enable-egd=/path/to/egd/socket
in nessus-libraries)
- KB items are now stored with individual dates instead of a global
date for the whole KB file. Yes, this means you have to delete your
old KB files
- When an host could not be pinged, his KB is not altered (nor created)
- fixed memory leaks in nessusd
- nessus-mkcert checks that the certificates were really created
before congratulating the user
- fixed a security problem where anybody with a shell on the nessusd
host could log in
1.1.5 :
. changes by Georges Dagousset (georges.dagousset at alert4web.com) :
- new KB entries for further "optimizations"
- improved find_services.nes
. changes by Renaud Deraison (deraison at nessus.org) :
- cleaned up the KB
- added doc/kb_entries.txt
- bugfix in find_services regarding the pem password
- new reporting GUI
- fixed a problem which would leave some plugin run against a host
considered as dead
- the KB are now stored with properly escaped \n and \r chars
- greatly improved tcp_ping.nasl (and tcp_ping() in libnasl)
. changes by Michel Arboi (arboi at algoriel.fr) :
- replaced PEKS by OpenSSL in the client/server communication
. changes by H D Moore (hdm@secureaustin.com)
- fixed no404.nasl
1.1.4 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed find_services.nes
- plugins that are slow to finish are _really_ killed by the server
- the client better handles the scan of big networks
- nmap_wrapper now updates its progress bar
- nessus-update-plugins support proxies (with or without authentication)
- monitor_backend.c and data_mining.c allow any developer to plug
a database behind the client (by default flatfiles are used)
- bug fixed in nmap_wrapper which would make it kill its parent
process randomly
- minor fix in the tcp_ping() function of NASL (ack would be set
to non-zero for a syn packet)
- fixed Alexis's ftp_write_dirs.nes & ftp_bounce_scan.nes
. changes by Michel Arboi (arboi at noos.fr) :
- find_services accepts password-protected .pem files
- patches in the way files were transmitted between the client
and the server (which could end up in a deadlock)
. changes by Alexis de Bernis <alexisb at tpfh.org) :
- fixed ftp_write_dirs.nes
1.1.3 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'torturecgis.nasl' which supplies bogus args to
the remote CGIs, in order to find the most blantantly broken
ones
- webmirror.nasl now retrieves the list of arguments of each
CGI.
- added filter support in the client. Use the key 'l' to filter
out plugins you don't want to see.
- added the 'safe checks' option which allow the user to not disturb
the network (but which weakens the Nessus tests)
- disabled backward support for port 3001 - the official port
is 1241 now.
1.1.2 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'webmirror.nasl', which extracts the list of
CGIs used by a remote web server (and will do much more).
- fixed a problem in NASL due to the SSL patch that would cause
a fd leak with some plugins.
- added a new plugin category (ACT_DESTRUCTIVE_ATTACK) for plugins
that may harm the remote host.
- SSL certificates & key can be imported
- corrected a bug introduced in 1.1.0 that would make the client not display
the name of the plugin currently being run.
- sending signal SIGUSR1 to nessusd makes the grandfather process (the one
who listens on tcp ports) die without killing its children, thus
allowing a smooth upgrade of nessusd
- updated config.guess and config.sub
1.1.1 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed mem leaks in NASL
- fixed a bug introduced in 1.1.0 regarding recv_line()
- fixed a bug introduced in 1.1.0 in the process management of the plugins
(all the KB would not be filled, resulting in incomplete tests)
- smb_sid2user.nasl is twice as fast ;)
1.1.0 :
. changes by Devin Kowatch (devink at SDSC.EDU) :
- fixed communication problem between client and server
- user-defined timing policy in nmap
- nessus-update-plugins uses wget (or any user-supplied command at
compilation time) if available.
. changes by Michel Arboi (arboi at bigfoot.com) :
- support for the -T option of nmap
- SSL support
. changes by Zorgon (zorgon at antionline.org) :
- support for the --os_guess option of nmap
. changes by Renaud Deraison (deraison at nessus.org) :
- the user can upload files to plugins through the client (ie: it is possible
to upload nmap's results directly to the nmap plugin)
- tests can be run in parallel now
- each user is now granted a home by nessus-adduser
- added nessus-rmuser
- per users plugins
Of course several new plugins were added as well.
2002-05-10 15:18:44 +02:00
|
|
|
lib/nessus/plugins/asp_net_css.nasl
|
|
|
|
lib/nessus/plugins/asp_net_path_disclosure.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/asp_source_data.nasl
|
|
|
|
lib/nessus/plugins/asp_source_dot.nasl
|
|
|
|
lib/nessus/plugins/ath0_hangup.nasl
|
2001-06-17 15:25:54 +02:00
|
|
|
lib/nessus/plugins/auktion_cgi.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/auth_enabled.nasl
|
Update libnasl, nessus{-core,-libraries,-plugins} to 1.2.0.
1.1.15/1.2.0 :
. changes by Nicolas Dubee (ndubee@secway.com) :
- Better support for AF_UNIX sockets
. changes by Brian (bmc@snort.org) :
- CVE references
- several bugfixes in the plugins
. changes by Peter Gründl (pgrundl@kpmg.dk) and
Carsten Joergensen (carstenjoergensen@kpmg.dk) :
- Extensive review of the plugins and therefore numerous fixes
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- FD leak in save_kb.c fixed
. changes by Renaud Deraison (deraison at nessus.org)
- It is now possible to upload files to the server when using
the command line client
- lrand48() portability problems worked around
- fixed a bug in the report window that would make it crash
randomly
1.1.14 :
. changes by Renaud Deraison (deraison at nessus.org)
- SMB fixes (thanks to Michael Scheidell)
- When the safe checks option is enabled, dangerous tests with no
alternate code (ie: plugins of type ACT_DESTRUCTIVE_ATTACK and
ACT_DENIAL) are disabled
- Hosts can be designated by their MAC address of instead of their
IP address (mostly useful for DHCP networks)
- Fixed a bug in the report generation which would replace newlines (\n)
by semi-columns (;)
- Fixed a bug in the export of some types of reports, where open ports
with no data associated would not be saved
- Integrated THC's Hydra as a Nessus plugin
- Added new NT security checks (related to user management)
- Plugins of type ACT_SETTINGS can not be disabled
- Fixed a bug which would make nessusd hang when a scanner was reporting
too many open ports (as when a UDP scan reports all UDP ports as
being open)
. changes by Dion Stempfley (dion at riptech.com)
- The client can now filter on category
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- Fixed some plugins causing error messages in some circumstances
(dns_xfer.nasl, snmp_processes.nasl...)
- Stylish changes to prevent gcc -Wall from whining in some files
- XML NG output is now XML compliant
- Bug fixes
. changes by Jenni Scott (jenni.scott@guardent.com) and
Michael Slifcak (michael.slifcak@guardent.com) :
- Improved the reporting of the plugins (better consistency, better
wording)
1.1.13 :
. changes by Michel Arboi (arboi at algoriel.fr)
- New family ACT_SETTINGS dedicated to plugins which just let the user
enter some preferences
- Optional NIDS evasion techniques (url encoding, tcp slicing)
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug in the command line client which would make it ignore
some preferences
- SMB checks can now log into a Windows domain
- NIDS evasion techniques (data injection, short ttl)
- Fixed a bug which would randomly stall the scan
1.1.12 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workarounds on FreeBSD to prevent a kernel panic
(thanks to Michael Scheidell and Stefan Esser)
- nessus can export reports as other file formats again
1.1.11 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug regarding the saving of reports from the GUI
- Improved the backend in many ways (speed-wise, content-wise)
- Changes in the protocol
- More messages are sent between the server and the client (timestamps,
plugins version, ...)
- New .nbe file format, which looks like .nsr but has more information
in it
- Plugins now have versions numbers.
- The user can upload his plugins to the nessusd server from the client
- It is now possible to upload files to the server (ie: nmap's results) in
command-line mode
- Fixed false positives in SNMP plugins when launched against a non-configured
Solaris snmpd
. changes by Guillaume Valadon (guillaume at valadon.net)
- New XML output (the XML layout was defined by Lionel Cons [lionel.cons at cern.ch])
1.1.10 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug introduced in 1.1.9 which would sometimes prevent a user from
aborting an on-going test
- Fixed a bug in the client which would prevent the user from setting a port
range longer than 255 chars
- Fixed bugs in pcap_next() (thanks to Richard van den Berg). Also, pcap_next() is now more flexible.
- Fixed a bug in the command line client which would make it close the
communication too early when the client - server communication is not
ciphered
- Added an "auto-load dependencies at runtime" option
1.1.9 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fix in the GUI, when closing a saved report
- Fixed a bug in ftp_log_in() which would prevent nasl script from
logging into some FTP servers
- Solaris build problems fixed
- Darwin 1.4.1 build problems fixed
- MkLinux DR3 build problems fixed (is anyone using it anymore ?)
- GTK 1.0.x build problems fixed (the use of GTK 1.2 is recommended though)
- Fixed the "wrong call to getopt" problem which would make Nessus
segfault when built with cygwin, and which would prevent options
from working under Solaris & FreeBSD (thanks to Udo Schweigert)
- SMB checks speedup (thanks to Georges Dagousset's suggestion)
- Fixed a bug in the client - server communication that would make the
server close the communication when the client is idle
- Better support for AF_UNIX socket for client-server communication
(compile nessus-core with ./configure --enable-unix-socket)
- Plugins are disabled by default in batch mode
. changes by Michel Arboi (arboi at algoriel.fr)
- Client now properly checks the certificate of the server
. changes by Benoit Brodard (bbrodard at arkoon.net)
- fixed bugs in nasl/tcp.c (checksum, handling of unsigned int)
1.1.8 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workaround for systems with a low number of bpfs (OpenBSD, Darwin)
- Added some length checks for SMB checks
- No more zombies
- Fixed accounts.nes
- Fixed the reporting of the client (reports would be mixed)
- Client removes tempfiles when exiting
- Repaired ptyexecvp() which would not work on Solaris
- Slight bugfix in the NASL interpretor
. changes by Georges Dagousset (georges at alert4web.com)
- More optimizations
- Properly reloads KBs with the same value defined more than once
- Fixes in some plugins dependencies
. changes by Michael Slifcak <Michael.Slifcak at guardent.com>
- More nmap options
- Quiet mode in nessus-adduser
1.1.7 :
. changes by Renaud Deraison (deraison at nessus.org)
- Compiles on platforms without OpenSSL
- Better Solaris support
- Ported under Darwin (many thanks to Dieter Fiebelkorn
(dieter at fiebelkorn.net) who actually started the port and helped
me test this)
- Unscanned ports can now be considered as closed or open (instead of
just open), at user choice
- Upgraded to libtool 1.4.2
- fixed a bug in the client which would make it display the wrong report
when doing multiple scans
- enhanced the plugins filter (that appear when pressing 'l' in the GUI)
- fixed a serious problem in the SMB plugins which would prevent them to work
against Samba and which would make them slow against Windows (pointed out
by Georges Dagousset)
. changes by Iouri Pletnev (Iouri.Pletnec at xacta.com)
- Ported under Cygwin
. changes by Michel Arboi (arboi at algoriel.fr)
- Added nessus-mkrand for hosts with no /dev/random AND no EGD
running
1.1.6 :
. changes by Renaud Deraison (deraison at nessus.org)
- EGD support for OpenSSL (do ./configure --enable-egd=/path/to/egd/socket
in nessus-libraries)
- KB items are now stored with individual dates instead of a global
date for the whole KB file. Yes, this means you have to delete your
old KB files
- When an host could not be pinged, his KB is not altered (nor created)
- fixed memory leaks in nessusd
- nessus-mkcert checks that the certificates were really created
before congratulating the user
- fixed a security problem where anybody with a shell on the nessusd
host could log in
1.1.5 :
. changes by Georges Dagousset (georges.dagousset at alert4web.com) :
- new KB entries for further "optimizations"
- improved find_services.nes
. changes by Renaud Deraison (deraison at nessus.org) :
- cleaned up the KB
- added doc/kb_entries.txt
- bugfix in find_services regarding the pem password
- new reporting GUI
- fixed a problem which would leave some plugin run against a host
considered as dead
- the KB are now stored with properly escaped \n and \r chars
- greatly improved tcp_ping.nasl (and tcp_ping() in libnasl)
. changes by Michel Arboi (arboi at algoriel.fr) :
- replaced PEKS by OpenSSL in the client/server communication
. changes by H D Moore (hdm@secureaustin.com)
- fixed no404.nasl
1.1.4 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed find_services.nes
- plugins that are slow to finish are _really_ killed by the server
- the client better handles the scan of big networks
- nmap_wrapper now updates its progress bar
- nessus-update-plugins support proxies (with or without authentication)
- monitor_backend.c and data_mining.c allow any developer to plug
a database behind the client (by default flatfiles are used)
- bug fixed in nmap_wrapper which would make it kill its parent
process randomly
- minor fix in the tcp_ping() function of NASL (ack would be set
to non-zero for a syn packet)
- fixed Alexis's ftp_write_dirs.nes & ftp_bounce_scan.nes
. changes by Michel Arboi (arboi at noos.fr) :
- find_services accepts password-protected .pem files
- patches in the way files were transmitted between the client
and the server (which could end up in a deadlock)
. changes by Alexis de Bernis <alexisb at tpfh.org) :
- fixed ftp_write_dirs.nes
1.1.3 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'torturecgis.nasl' which supplies bogus args to
the remote CGIs, in order to find the most blantantly broken
ones
- webmirror.nasl now retrieves the list of arguments of each
CGI.
- added filter support in the client. Use the key 'l' to filter
out plugins you don't want to see.
- added the 'safe checks' option which allow the user to not disturb
the network (but which weakens the Nessus tests)
- disabled backward support for port 3001 - the official port
is 1241 now.
1.1.2 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'webmirror.nasl', which extracts the list of
CGIs used by a remote web server (and will do much more).
- fixed a problem in NASL due to the SSL patch that would cause
a fd leak with some plugins.
- added a new plugin category (ACT_DESTRUCTIVE_ATTACK) for plugins
that may harm the remote host.
- SSL certificates & key can be imported
- corrected a bug introduced in 1.1.0 that would make the client not display
the name of the plugin currently being run.
- sending signal SIGUSR1 to nessusd makes the grandfather process (the one
who listens on tcp ports) die without killing its children, thus
allowing a smooth upgrade of nessusd
- updated config.guess and config.sub
1.1.1 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed mem leaks in NASL
- fixed a bug introduced in 1.1.0 regarding recv_line()
- fixed a bug introduced in 1.1.0 in the process management of the plugins
(all the KB would not be filled, resulting in incomplete tests)
- smb_sid2user.nasl is twice as fast ;)
1.1.0 :
. changes by Devin Kowatch (devink at SDSC.EDU) :
- fixed communication problem between client and server
- user-defined timing policy in nmap
- nessus-update-plugins uses wget (or any user-supplied command at
compilation time) if available.
. changes by Michel Arboi (arboi at bigfoot.com) :
- support for the -T option of nmap
- SSL support
. changes by Zorgon (zorgon at antionline.org) :
- support for the --os_guess option of nmap
. changes by Renaud Deraison (deraison at nessus.org) :
- the user can upload files to plugins through the client (ie: it is possible
to upload nmap's results directly to the nmap plugin)
- tests can be run in parallel now
- each user is now granted a home by nessus-adduser
- added nessus-rmuser
- per users plugins
Of course several new plugins were added as well.
2002-05-10 15:18:44 +02:00
|
|
|
lib/nessus/plugins/avengers_news_system_command_execution.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/axent_raptor_dos.nasl
|
|
|
|
lib/nessus/plugins/axis.nasl
|
2000-10-15 19:19:49 +02:00
|
|
|
lib/nessus/plugins/axis_camera.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/backorifice1.nasl
|
Update libnasl, nessus{-core,-libraries,-plugins} to 1.2.0.
1.1.15/1.2.0 :
. changes by Nicolas Dubee (ndubee@secway.com) :
- Better support for AF_UNIX sockets
. changes by Brian (bmc@snort.org) :
- CVE references
- several bugfixes in the plugins
. changes by Peter Gründl (pgrundl@kpmg.dk) and
Carsten Joergensen (carstenjoergensen@kpmg.dk) :
- Extensive review of the plugins and therefore numerous fixes
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- FD leak in save_kb.c fixed
. changes by Renaud Deraison (deraison at nessus.org)
- It is now possible to upload files to the server when using
the command line client
- lrand48() portability problems worked around
- fixed a bug in the report window that would make it crash
randomly
1.1.14 :
. changes by Renaud Deraison (deraison at nessus.org)
- SMB fixes (thanks to Michael Scheidell)
- When the safe checks option is enabled, dangerous tests with no
alternate code (ie: plugins of type ACT_DESTRUCTIVE_ATTACK and
ACT_DENIAL) are disabled
- Hosts can be designated by their MAC address of instead of their
IP address (mostly useful for DHCP networks)
- Fixed a bug in the report generation which would replace newlines (\n)
by semi-columns (;)
- Fixed a bug in the export of some types of reports, where open ports
with no data associated would not be saved
- Integrated THC's Hydra as a Nessus plugin
- Added new NT security checks (related to user management)
- Plugins of type ACT_SETTINGS can not be disabled
- Fixed a bug which would make nessusd hang when a scanner was reporting
too many open ports (as when a UDP scan reports all UDP ports as
being open)
. changes by Dion Stempfley (dion at riptech.com)
- The client can now filter on category
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- Fixed some plugins causing error messages in some circumstances
(dns_xfer.nasl, snmp_processes.nasl...)
- Stylish changes to prevent gcc -Wall from whining in some files
- XML NG output is now XML compliant
- Bug fixes
. changes by Jenni Scott (jenni.scott@guardent.com) and
Michael Slifcak (michael.slifcak@guardent.com) :
- Improved the reporting of the plugins (better consistency, better
wording)
1.1.13 :
. changes by Michel Arboi (arboi at algoriel.fr)
- New family ACT_SETTINGS dedicated to plugins which just let the user
enter some preferences
- Optional NIDS evasion techniques (url encoding, tcp slicing)
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug in the command line client which would make it ignore
some preferences
- SMB checks can now log into a Windows domain
- NIDS evasion techniques (data injection, short ttl)
- Fixed a bug which would randomly stall the scan
1.1.12 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workarounds on FreeBSD to prevent a kernel panic
(thanks to Michael Scheidell and Stefan Esser)
- nessus can export reports as other file formats again
1.1.11 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug regarding the saving of reports from the GUI
- Improved the backend in many ways (speed-wise, content-wise)
- Changes in the protocol
- More messages are sent between the server and the client (timestamps,
plugins version, ...)
- New .nbe file format, which looks like .nsr but has more information
in it
- Plugins now have versions numbers.
- The user can upload his plugins to the nessusd server from the client
- It is now possible to upload files to the server (ie: nmap's results) in
command-line mode
- Fixed false positives in SNMP plugins when launched against a non-configured
Solaris snmpd
. changes by Guillaume Valadon (guillaume at valadon.net)
- New XML output (the XML layout was defined by Lionel Cons [lionel.cons at cern.ch])
1.1.10 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug introduced in 1.1.9 which would sometimes prevent a user from
aborting an on-going test
- Fixed a bug in the client which would prevent the user from setting a port
range longer than 255 chars
- Fixed bugs in pcap_next() (thanks to Richard van den Berg). Also, pcap_next() is now more flexible.
- Fixed a bug in the command line client which would make it close the
communication too early when the client - server communication is not
ciphered
- Added an "auto-load dependencies at runtime" option
1.1.9 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fix in the GUI, when closing a saved report
- Fixed a bug in ftp_log_in() which would prevent nasl script from
logging into some FTP servers
- Solaris build problems fixed
- Darwin 1.4.1 build problems fixed
- MkLinux DR3 build problems fixed (is anyone using it anymore ?)
- GTK 1.0.x build problems fixed (the use of GTK 1.2 is recommended though)
- Fixed the "wrong call to getopt" problem which would make Nessus
segfault when built with cygwin, and which would prevent options
from working under Solaris & FreeBSD (thanks to Udo Schweigert)
- SMB checks speedup (thanks to Georges Dagousset's suggestion)
- Fixed a bug in the client - server communication that would make the
server close the communication when the client is idle
- Better support for AF_UNIX socket for client-server communication
(compile nessus-core with ./configure --enable-unix-socket)
- Plugins are disabled by default in batch mode
. changes by Michel Arboi (arboi at algoriel.fr)
- Client now properly checks the certificate of the server
. changes by Benoit Brodard (bbrodard at arkoon.net)
- fixed bugs in nasl/tcp.c (checksum, handling of unsigned int)
1.1.8 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workaround for systems with a low number of bpfs (OpenBSD, Darwin)
- Added some length checks for SMB checks
- No more zombies
- Fixed accounts.nes
- Fixed the reporting of the client (reports would be mixed)
- Client removes tempfiles when exiting
- Repaired ptyexecvp() which would not work on Solaris
- Slight bugfix in the NASL interpretor
. changes by Georges Dagousset (georges at alert4web.com)
- More optimizations
- Properly reloads KBs with the same value defined more than once
- Fixes in some plugins dependencies
. changes by Michael Slifcak <Michael.Slifcak at guardent.com>
- More nmap options
- Quiet mode in nessus-adduser
1.1.7 :
. changes by Renaud Deraison (deraison at nessus.org)
- Compiles on platforms without OpenSSL
- Better Solaris support
- Ported under Darwin (many thanks to Dieter Fiebelkorn
(dieter at fiebelkorn.net) who actually started the port and helped
me test this)
- Unscanned ports can now be considered as closed or open (instead of
just open), at user choice
- Upgraded to libtool 1.4.2
- fixed a bug in the client which would make it display the wrong report
when doing multiple scans
- enhanced the plugins filter (that appear when pressing 'l' in the GUI)
- fixed a serious problem in the SMB plugins which would prevent them to work
against Samba and which would make them slow against Windows (pointed out
by Georges Dagousset)
. changes by Iouri Pletnev (Iouri.Pletnec at xacta.com)
- Ported under Cygwin
. changes by Michel Arboi (arboi at algoriel.fr)
- Added nessus-mkrand for hosts with no /dev/random AND no EGD
running
1.1.6 :
. changes by Renaud Deraison (deraison at nessus.org)
- EGD support for OpenSSL (do ./configure --enable-egd=/path/to/egd/socket
in nessus-libraries)
- KB items are now stored with individual dates instead of a global
date for the whole KB file. Yes, this means you have to delete your
old KB files
- When an host could not be pinged, his KB is not altered (nor created)
- fixed memory leaks in nessusd
- nessus-mkcert checks that the certificates were really created
before congratulating the user
- fixed a security problem where anybody with a shell on the nessusd
host could log in
1.1.5 :
. changes by Georges Dagousset (georges.dagousset at alert4web.com) :
- new KB entries for further "optimizations"
- improved find_services.nes
. changes by Renaud Deraison (deraison at nessus.org) :
- cleaned up the KB
- added doc/kb_entries.txt
- bugfix in find_services regarding the pem password
- new reporting GUI
- fixed a problem which would leave some plugin run against a host
considered as dead
- the KB are now stored with properly escaped \n and \r chars
- greatly improved tcp_ping.nasl (and tcp_ping() in libnasl)
. changes by Michel Arboi (arboi at algoriel.fr) :
- replaced PEKS by OpenSSL in the client/server communication
. changes by H D Moore (hdm@secureaustin.com)
- fixed no404.nasl
1.1.4 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed find_services.nes
- plugins that are slow to finish are _really_ killed by the server
- the client better handles the scan of big networks
- nmap_wrapper now updates its progress bar
- nessus-update-plugins support proxies (with or without authentication)
- monitor_backend.c and data_mining.c allow any developer to plug
a database behind the client (by default flatfiles are used)
- bug fixed in nmap_wrapper which would make it kill its parent
process randomly
- minor fix in the tcp_ping() function of NASL (ack would be set
to non-zero for a syn packet)
- fixed Alexis's ftp_write_dirs.nes & ftp_bounce_scan.nes
. changes by Michel Arboi (arboi at noos.fr) :
- find_services accepts password-protected .pem files
- patches in the way files were transmitted between the client
and the server (which could end up in a deadlock)
. changes by Alexis de Bernis <alexisb at tpfh.org) :
- fixed ftp_write_dirs.nes
1.1.3 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'torturecgis.nasl' which supplies bogus args to
the remote CGIs, in order to find the most blantantly broken
ones
- webmirror.nasl now retrieves the list of arguments of each
CGI.
- added filter support in the client. Use the key 'l' to filter
out plugins you don't want to see.
- added the 'safe checks' option which allow the user to not disturb
the network (but which weakens the Nessus tests)
- disabled backward support for port 3001 - the official port
is 1241 now.
1.1.2 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'webmirror.nasl', which extracts the list of
CGIs used by a remote web server (and will do much more).
- fixed a problem in NASL due to the SSL patch that would cause
a fd leak with some plugins.
- added a new plugin category (ACT_DESTRUCTIVE_ATTACK) for plugins
that may harm the remote host.
- SSL certificates & key can be imported
- corrected a bug introduced in 1.1.0 that would make the client not display
the name of the plugin currently being run.
- sending signal SIGUSR1 to nessusd makes the grandfather process (the one
who listens on tcp ports) die without killing its children, thus
allowing a smooth upgrade of nessusd
- updated config.guess and config.sub
1.1.1 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed mem leaks in NASL
- fixed a bug introduced in 1.1.0 regarding recv_line()
- fixed a bug introduced in 1.1.0 in the process management of the plugins
(all the KB would not be filled, resulting in incomplete tests)
- smb_sid2user.nasl is twice as fast ;)
1.1.0 :
. changes by Devin Kowatch (devink at SDSC.EDU) :
- fixed communication problem between client and server
- user-defined timing policy in nmap
- nessus-update-plugins uses wget (or any user-supplied command at
compilation time) if available.
. changes by Michel Arboi (arboi at bigfoot.com) :
- support for the -T option of nmap
- SSL support
. changes by Zorgon (zorgon at antionline.org) :
- support for the --os_guess option of nmap
. changes by Renaud Deraison (deraison at nessus.org) :
- the user can upload files to plugins through the client (ie: it is possible
to upload nmap's results directly to the nmap plugin)
- tests can be run in parallel now
- each user is now granted a home by nessus-adduser
- added nessus-rmuser
- per users plugins
Of course several new plugins were added as well.
2002-05-10 15:18:44 +02:00
|
|
|
lib/nessus/plugins/badblue_directory_traversal.nasl
|
2001-03-10 19:53:39 +01:00
|
|
|
lib/nessus/plugins/basilix_inc_files.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/bb-hist.nasl
|
2000-08-04 01:09:21 +02:00
|
|
|
lib/nessus/plugins/bb-hostsvc.nasl
|
2000-10-15 19:19:49 +02:00
|
|
|
lib/nessus/plugins/bboard.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/bftelnet.nasl
|
2001-01-28 19:52:32 +01:00
|
|
|
lib/nessus/plugins/bftpd_chown.nasl
|
|
|
|
lib/nessus/plugins/bftpd_format_string.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/bigconf.nasl
|
2001-12-30 19:38:53 +01:00
|
|
|
lib/nessus/plugins/bind_authors.nasl
|
2001-06-17 15:25:54 +02:00
|
|
|
lib/nessus/plugins/bind_covert_overflows.nasl
|
Update libnasl, nessus{-core,-libraries,-plugins} to 1.2.0.
1.1.15/1.2.0 :
. changes by Nicolas Dubee (ndubee@secway.com) :
- Better support for AF_UNIX sockets
. changes by Brian (bmc@snort.org) :
- CVE references
- several bugfixes in the plugins
. changes by Peter Gründl (pgrundl@kpmg.dk) and
Carsten Joergensen (carstenjoergensen@kpmg.dk) :
- Extensive review of the plugins and therefore numerous fixes
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- FD leak in save_kb.c fixed
. changes by Renaud Deraison (deraison at nessus.org)
- It is now possible to upload files to the server when using
the command line client
- lrand48() portability problems worked around
- fixed a bug in the report window that would make it crash
randomly
1.1.14 :
. changes by Renaud Deraison (deraison at nessus.org)
- SMB fixes (thanks to Michael Scheidell)
- When the safe checks option is enabled, dangerous tests with no
alternate code (ie: plugins of type ACT_DESTRUCTIVE_ATTACK and
ACT_DENIAL) are disabled
- Hosts can be designated by their MAC address of instead of their
IP address (mostly useful for DHCP networks)
- Fixed a bug in the report generation which would replace newlines (\n)
by semi-columns (;)
- Fixed a bug in the export of some types of reports, where open ports
with no data associated would not be saved
- Integrated THC's Hydra as a Nessus plugin
- Added new NT security checks (related to user management)
- Plugins of type ACT_SETTINGS can not be disabled
- Fixed a bug which would make nessusd hang when a scanner was reporting
too many open ports (as when a UDP scan reports all UDP ports as
being open)
. changes by Dion Stempfley (dion at riptech.com)
- The client can now filter on category
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- Fixed some plugins causing error messages in some circumstances
(dns_xfer.nasl, snmp_processes.nasl...)
- Stylish changes to prevent gcc -Wall from whining in some files
- XML NG output is now XML compliant
- Bug fixes
. changes by Jenni Scott (jenni.scott@guardent.com) and
Michael Slifcak (michael.slifcak@guardent.com) :
- Improved the reporting of the plugins (better consistency, better
wording)
1.1.13 :
. changes by Michel Arboi (arboi at algoriel.fr)
- New family ACT_SETTINGS dedicated to plugins which just let the user
enter some preferences
- Optional NIDS evasion techniques (url encoding, tcp slicing)
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug in the command line client which would make it ignore
some preferences
- SMB checks can now log into a Windows domain
- NIDS evasion techniques (data injection, short ttl)
- Fixed a bug which would randomly stall the scan
1.1.12 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workarounds on FreeBSD to prevent a kernel panic
(thanks to Michael Scheidell and Stefan Esser)
- nessus can export reports as other file formats again
1.1.11 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug regarding the saving of reports from the GUI
- Improved the backend in many ways (speed-wise, content-wise)
- Changes in the protocol
- More messages are sent between the server and the client (timestamps,
plugins version, ...)
- New .nbe file format, which looks like .nsr but has more information
in it
- Plugins now have versions numbers.
- The user can upload his plugins to the nessusd server from the client
- It is now possible to upload files to the server (ie: nmap's results) in
command-line mode
- Fixed false positives in SNMP plugins when launched against a non-configured
Solaris snmpd
. changes by Guillaume Valadon (guillaume at valadon.net)
- New XML output (the XML layout was defined by Lionel Cons [lionel.cons at cern.ch])
1.1.10 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug introduced in 1.1.9 which would sometimes prevent a user from
aborting an on-going test
- Fixed a bug in the client which would prevent the user from setting a port
range longer than 255 chars
- Fixed bugs in pcap_next() (thanks to Richard van den Berg). Also, pcap_next() is now more flexible.
- Fixed a bug in the command line client which would make it close the
communication too early when the client - server communication is not
ciphered
- Added an "auto-load dependencies at runtime" option
1.1.9 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fix in the GUI, when closing a saved report
- Fixed a bug in ftp_log_in() which would prevent nasl script from
logging into some FTP servers
- Solaris build problems fixed
- Darwin 1.4.1 build problems fixed
- MkLinux DR3 build problems fixed (is anyone using it anymore ?)
- GTK 1.0.x build problems fixed (the use of GTK 1.2 is recommended though)
- Fixed the "wrong call to getopt" problem which would make Nessus
segfault when built with cygwin, and which would prevent options
from working under Solaris & FreeBSD (thanks to Udo Schweigert)
- SMB checks speedup (thanks to Georges Dagousset's suggestion)
- Fixed a bug in the client - server communication that would make the
server close the communication when the client is idle
- Better support for AF_UNIX socket for client-server communication
(compile nessus-core with ./configure --enable-unix-socket)
- Plugins are disabled by default in batch mode
. changes by Michel Arboi (arboi at algoriel.fr)
- Client now properly checks the certificate of the server
. changes by Benoit Brodard (bbrodard at arkoon.net)
- fixed bugs in nasl/tcp.c (checksum, handling of unsigned int)
1.1.8 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workaround for systems with a low number of bpfs (OpenBSD, Darwin)
- Added some length checks for SMB checks
- No more zombies
- Fixed accounts.nes
- Fixed the reporting of the client (reports would be mixed)
- Client removes tempfiles when exiting
- Repaired ptyexecvp() which would not work on Solaris
- Slight bugfix in the NASL interpretor
. changes by Georges Dagousset (georges at alert4web.com)
- More optimizations
- Properly reloads KBs with the same value defined more than once
- Fixes in some plugins dependencies
. changes by Michael Slifcak <Michael.Slifcak at guardent.com>
- More nmap options
- Quiet mode in nessus-adduser
1.1.7 :
. changes by Renaud Deraison (deraison at nessus.org)
- Compiles on platforms without OpenSSL
- Better Solaris support
- Ported under Darwin (many thanks to Dieter Fiebelkorn
(dieter at fiebelkorn.net) who actually started the port and helped
me test this)
- Unscanned ports can now be considered as closed or open (instead of
just open), at user choice
- Upgraded to libtool 1.4.2
- fixed a bug in the client which would make it display the wrong report
when doing multiple scans
- enhanced the plugins filter (that appear when pressing 'l' in the GUI)
- fixed a serious problem in the SMB plugins which would prevent them to work
against Samba and which would make them slow against Windows (pointed out
by Georges Dagousset)
. changes by Iouri Pletnev (Iouri.Pletnec at xacta.com)
- Ported under Cygwin
. changes by Michel Arboi (arboi at algoriel.fr)
- Added nessus-mkrand for hosts with no /dev/random AND no EGD
running
1.1.6 :
. changes by Renaud Deraison (deraison at nessus.org)
- EGD support for OpenSSL (do ./configure --enable-egd=/path/to/egd/socket
in nessus-libraries)
- KB items are now stored with individual dates instead of a global
date for the whole KB file. Yes, this means you have to delete your
old KB files
- When an host could not be pinged, his KB is not altered (nor created)
- fixed memory leaks in nessusd
- nessus-mkcert checks that the certificates were really created
before congratulating the user
- fixed a security problem where anybody with a shell on the nessusd
host could log in
1.1.5 :
. changes by Georges Dagousset (georges.dagousset at alert4web.com) :
- new KB entries for further "optimizations"
- improved find_services.nes
. changes by Renaud Deraison (deraison at nessus.org) :
- cleaned up the KB
- added doc/kb_entries.txt
- bugfix in find_services regarding the pem password
- new reporting GUI
- fixed a problem which would leave some plugin run against a host
considered as dead
- the KB are now stored with properly escaped \n and \r chars
- greatly improved tcp_ping.nasl (and tcp_ping() in libnasl)
. changes by Michel Arboi (arboi at algoriel.fr) :
- replaced PEKS by OpenSSL in the client/server communication
. changes by H D Moore (hdm@secureaustin.com)
- fixed no404.nasl
1.1.4 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed find_services.nes
- plugins that are slow to finish are _really_ killed by the server
- the client better handles the scan of big networks
- nmap_wrapper now updates its progress bar
- nessus-update-plugins support proxies (with or without authentication)
- monitor_backend.c and data_mining.c allow any developer to plug
a database behind the client (by default flatfiles are used)
- bug fixed in nmap_wrapper which would make it kill its parent
process randomly
- minor fix in the tcp_ping() function of NASL (ack would be set
to non-zero for a syn packet)
- fixed Alexis's ftp_write_dirs.nes & ftp_bounce_scan.nes
. changes by Michel Arboi (arboi at noos.fr) :
- find_services accepts password-protected .pem files
- patches in the way files were transmitted between the client
and the server (which could end up in a deadlock)
. changes by Alexis de Bernis <alexisb at tpfh.org) :
- fixed ftp_write_dirs.nes
1.1.3 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'torturecgis.nasl' which supplies bogus args to
the remote CGIs, in order to find the most blantantly broken
ones
- webmirror.nasl now retrieves the list of arguments of each
CGI.
- added filter support in the client. Use the key 'l' to filter
out plugins you don't want to see.
- added the 'safe checks' option which allow the user to not disturb
the network (but which weakens the Nessus tests)
- disabled backward support for port 3001 - the official port
is 1241 now.
1.1.2 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'webmirror.nasl', which extracts the list of
CGIs used by a remote web server (and will do much more).
- fixed a problem in NASL due to the SSL patch that would cause
a fd leak with some plugins.
- added a new plugin category (ACT_DESTRUCTIVE_ATTACK) for plugins
that may harm the remote host.
- SSL certificates & key can be imported
- corrected a bug introduced in 1.1.0 that would make the client not display
the name of the plugin currently being run.
- sending signal SIGUSR1 to nessusd makes the grandfather process (the one
who listens on tcp ports) die without killing its children, thus
allowing a smooth upgrade of nessusd
- updated config.guess and config.sub
1.1.1 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed mem leaks in NASL
- fixed a bug introduced in 1.1.0 regarding recv_line()
- fixed a bug introduced in 1.1.0 in the process management of the plugins
(all the KB would not be filled, resulting in incomplete tests)
- smb_sid2user.nasl is twice as fast ;)
1.1.0 :
. changes by Devin Kowatch (devink at SDSC.EDU) :
- fixed communication problem between client and server
- user-defined timing policy in nmap
- nessus-update-plugins uses wget (or any user-supplied command at
compilation time) if available.
. changes by Michel Arboi (arboi at bigfoot.com) :
- support for the -T option of nmap
- SSL support
. changes by Zorgon (zorgon at antionline.org) :
- support for the --os_guess option of nmap
. changes by Renaud Deraison (deraison at nessus.org) :
- the user can upload files to plugins through the client (ie: it is possible
to upload nmap's results directly to the nmap plugin)
- tests can be run in parallel now
- each user is now granted a home by nessus-adduser
- added nessus-rmuser
- per users plugins
Of course several new plugins were added as well.
2002-05-10 15:18:44 +02:00
|
|
|
lib/nessus/plugins/bind_dnsstorm.nasl
|
|
|
|
lib/nessus/plugins/bind_iquery.nasl
|
2000-11-12 05:32:02 +01:00
|
|
|
lib/nessus/plugins/bind_query.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/bind_version.nasl
|
|
|
|
lib/nessus/plugins/bind_vulnerable.nasl
|
2001-01-28 19:52:32 +01:00
|
|
|
lib/nessus/plugins/bind_zxfr_bug.nasl
|
2001-12-30 19:38:53 +01:00
|
|
|
lib/nessus/plugins/binlogin_overflow_rlogin.nasl
|
|
|
|
lib/nessus/plugins/binlogin_overflow_telnet.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/bizdb1_search.nasl
|
Update libnasl, nessus{-core,-libraries,-plugins} to 1.2.0.
1.1.15/1.2.0 :
. changes by Nicolas Dubee (ndubee@secway.com) :
- Better support for AF_UNIX sockets
. changes by Brian (bmc@snort.org) :
- CVE references
- several bugfixes in the plugins
. changes by Peter Gründl (pgrundl@kpmg.dk) and
Carsten Joergensen (carstenjoergensen@kpmg.dk) :
- Extensive review of the plugins and therefore numerous fixes
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- FD leak in save_kb.c fixed
. changes by Renaud Deraison (deraison at nessus.org)
- It is now possible to upload files to the server when using
the command line client
- lrand48() portability problems worked around
- fixed a bug in the report window that would make it crash
randomly
1.1.14 :
. changes by Renaud Deraison (deraison at nessus.org)
- SMB fixes (thanks to Michael Scheidell)
- When the safe checks option is enabled, dangerous tests with no
alternate code (ie: plugins of type ACT_DESTRUCTIVE_ATTACK and
ACT_DENIAL) are disabled
- Hosts can be designated by their MAC address of instead of their
IP address (mostly useful for DHCP networks)
- Fixed a bug in the report generation which would replace newlines (\n)
by semi-columns (;)
- Fixed a bug in the export of some types of reports, where open ports
with no data associated would not be saved
- Integrated THC's Hydra as a Nessus plugin
- Added new NT security checks (related to user management)
- Plugins of type ACT_SETTINGS can not be disabled
- Fixed a bug which would make nessusd hang when a scanner was reporting
too many open ports (as when a UDP scan reports all UDP ports as
being open)
. changes by Dion Stempfley (dion at riptech.com)
- The client can now filter on category
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- Fixed some plugins causing error messages in some circumstances
(dns_xfer.nasl, snmp_processes.nasl...)
- Stylish changes to prevent gcc -Wall from whining in some files
- XML NG output is now XML compliant
- Bug fixes
. changes by Jenni Scott (jenni.scott@guardent.com) and
Michael Slifcak (michael.slifcak@guardent.com) :
- Improved the reporting of the plugins (better consistency, better
wording)
1.1.13 :
. changes by Michel Arboi (arboi at algoriel.fr)
- New family ACT_SETTINGS dedicated to plugins which just let the user
enter some preferences
- Optional NIDS evasion techniques (url encoding, tcp slicing)
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug in the command line client which would make it ignore
some preferences
- SMB checks can now log into a Windows domain
- NIDS evasion techniques (data injection, short ttl)
- Fixed a bug which would randomly stall the scan
1.1.12 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workarounds on FreeBSD to prevent a kernel panic
(thanks to Michael Scheidell and Stefan Esser)
- nessus can export reports as other file formats again
1.1.11 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug regarding the saving of reports from the GUI
- Improved the backend in many ways (speed-wise, content-wise)
- Changes in the protocol
- More messages are sent between the server and the client (timestamps,
plugins version, ...)
- New .nbe file format, which looks like .nsr but has more information
in it
- Plugins now have versions numbers.
- The user can upload his plugins to the nessusd server from the client
- It is now possible to upload files to the server (ie: nmap's results) in
command-line mode
- Fixed false positives in SNMP plugins when launched against a non-configured
Solaris snmpd
. changes by Guillaume Valadon (guillaume at valadon.net)
- New XML output (the XML layout was defined by Lionel Cons [lionel.cons at cern.ch])
1.1.10 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug introduced in 1.1.9 which would sometimes prevent a user from
aborting an on-going test
- Fixed a bug in the client which would prevent the user from setting a port
range longer than 255 chars
- Fixed bugs in pcap_next() (thanks to Richard van den Berg). Also, pcap_next() is now more flexible.
- Fixed a bug in the command line client which would make it close the
communication too early when the client - server communication is not
ciphered
- Added an "auto-load dependencies at runtime" option
1.1.9 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fix in the GUI, when closing a saved report
- Fixed a bug in ftp_log_in() which would prevent nasl script from
logging into some FTP servers
- Solaris build problems fixed
- Darwin 1.4.1 build problems fixed
- MkLinux DR3 build problems fixed (is anyone using it anymore ?)
- GTK 1.0.x build problems fixed (the use of GTK 1.2 is recommended though)
- Fixed the "wrong call to getopt" problem which would make Nessus
segfault when built with cygwin, and which would prevent options
from working under Solaris & FreeBSD (thanks to Udo Schweigert)
- SMB checks speedup (thanks to Georges Dagousset's suggestion)
- Fixed a bug in the client - server communication that would make the
server close the communication when the client is idle
- Better support for AF_UNIX socket for client-server communication
(compile nessus-core with ./configure --enable-unix-socket)
- Plugins are disabled by default in batch mode
. changes by Michel Arboi (arboi at algoriel.fr)
- Client now properly checks the certificate of the server
. changes by Benoit Brodard (bbrodard at arkoon.net)
- fixed bugs in nasl/tcp.c (checksum, handling of unsigned int)
1.1.8 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workaround for systems with a low number of bpfs (OpenBSD, Darwin)
- Added some length checks for SMB checks
- No more zombies
- Fixed accounts.nes
- Fixed the reporting of the client (reports would be mixed)
- Client removes tempfiles when exiting
- Repaired ptyexecvp() which would not work on Solaris
- Slight bugfix in the NASL interpretor
. changes by Georges Dagousset (georges at alert4web.com)
- More optimizations
- Properly reloads KBs with the same value defined more than once
- Fixes in some plugins dependencies
. changes by Michael Slifcak <Michael.Slifcak at guardent.com>
- More nmap options
- Quiet mode in nessus-adduser
1.1.7 :
. changes by Renaud Deraison (deraison at nessus.org)
- Compiles on platforms without OpenSSL
- Better Solaris support
- Ported under Darwin (many thanks to Dieter Fiebelkorn
(dieter at fiebelkorn.net) who actually started the port and helped
me test this)
- Unscanned ports can now be considered as closed or open (instead of
just open), at user choice
- Upgraded to libtool 1.4.2
- fixed a bug in the client which would make it display the wrong report
when doing multiple scans
- enhanced the plugins filter (that appear when pressing 'l' in the GUI)
- fixed a serious problem in the SMB plugins which would prevent them to work
against Samba and which would make them slow against Windows (pointed out
by Georges Dagousset)
. changes by Iouri Pletnev (Iouri.Pletnec at xacta.com)
- Ported under Cygwin
. changes by Michel Arboi (arboi at algoriel.fr)
- Added nessus-mkrand for hosts with no /dev/random AND no EGD
running
1.1.6 :
. changes by Renaud Deraison (deraison at nessus.org)
- EGD support for OpenSSL (do ./configure --enable-egd=/path/to/egd/socket
in nessus-libraries)
- KB items are now stored with individual dates instead of a global
date for the whole KB file. Yes, this means you have to delete your
old KB files
- When an host could not be pinged, his KB is not altered (nor created)
- fixed memory leaks in nessusd
- nessus-mkcert checks that the certificates were really created
before congratulating the user
- fixed a security problem where anybody with a shell on the nessusd
host could log in
1.1.5 :
. changes by Georges Dagousset (georges.dagousset at alert4web.com) :
- new KB entries for further "optimizations"
- improved find_services.nes
. changes by Renaud Deraison (deraison at nessus.org) :
- cleaned up the KB
- added doc/kb_entries.txt
- bugfix in find_services regarding the pem password
- new reporting GUI
- fixed a problem which would leave some plugin run against a host
considered as dead
- the KB are now stored with properly escaped \n and \r chars
- greatly improved tcp_ping.nasl (and tcp_ping() in libnasl)
. changes by Michel Arboi (arboi at algoriel.fr) :
- replaced PEKS by OpenSSL in the client/server communication
. changes by H D Moore (hdm@secureaustin.com)
- fixed no404.nasl
1.1.4 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed find_services.nes
- plugins that are slow to finish are _really_ killed by the server
- the client better handles the scan of big networks
- nmap_wrapper now updates its progress bar
- nessus-update-plugins support proxies (with or without authentication)
- monitor_backend.c and data_mining.c allow any developer to plug
a database behind the client (by default flatfiles are used)
- bug fixed in nmap_wrapper which would make it kill its parent
process randomly
- minor fix in the tcp_ping() function of NASL (ack would be set
to non-zero for a syn packet)
- fixed Alexis's ftp_write_dirs.nes & ftp_bounce_scan.nes
. changes by Michel Arboi (arboi at noos.fr) :
- find_services accepts password-protected .pem files
- patches in the way files were transmitted between the client
and the server (which could end up in a deadlock)
. changes by Alexis de Bernis <alexisb at tpfh.org) :
- fixed ftp_write_dirs.nes
1.1.3 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'torturecgis.nasl' which supplies bogus args to
the remote CGIs, in order to find the most blantantly broken
ones
- webmirror.nasl now retrieves the list of arguments of each
CGI.
- added filter support in the client. Use the key 'l' to filter
out plugins you don't want to see.
- added the 'safe checks' option which allow the user to not disturb
the network (but which weakens the Nessus tests)
- disabled backward support for port 3001 - the official port
is 1241 now.
1.1.2 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'webmirror.nasl', which extracts the list of
CGIs used by a remote web server (and will do much more).
- fixed a problem in NASL due to the SSL patch that would cause
a fd leak with some plugins.
- added a new plugin category (ACT_DESTRUCTIVE_ATTACK) for plugins
that may harm the remote host.
- SSL certificates & key can be imported
- corrected a bug introduced in 1.1.0 that would make the client not display
the name of the plugin currently being run.
- sending signal SIGUSR1 to nessusd makes the grandfather process (the one
who listens on tcp ports) die without killing its children, thus
allowing a smooth upgrade of nessusd
- updated config.guess and config.sub
1.1.1 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed mem leaks in NASL
- fixed a bug introduced in 1.1.0 regarding recv_line()
- fixed a bug introduced in 1.1.0 in the process management of the plugins
(all the KB would not be filled, resulting in incomplete tests)
- smb_sid2user.nasl is twice as fast ;)
1.1.0 :
. changes by Devin Kowatch (devink at SDSC.EDU) :
- fixed communication problem between client and server
- user-defined timing policy in nmap
- nessus-update-plugins uses wget (or any user-supplied command at
compilation time) if available.
. changes by Michel Arboi (arboi at bigfoot.com) :
- support for the -T option of nmap
- SSL support
. changes by Zorgon (zorgon at antionline.org) :
- support for the --os_guess option of nmap
. changes by Renaud Deraison (deraison at nessus.org) :
- the user can upload files to plugins through the client (ie: it is possible
to upload nmap's results directly to the nmap plugin)
- tests can be run in parallel now
- each user is now granted a home by nessus-adduser
- added nessus-rmuser
- per users plugins
Of course several new plugins were added as well.
2002-05-10 15:18:44 +02:00
|
|
|
lib/nessus/plugins/blackice_dos.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/bonk.nasl
|
|
|
|
lib/nessus/plugins/bootparamd.nasl
|
2001-08-16 19:27:53 +02:00
|
|
|
lib/nessus/plugins/broadvision_path_disclosure.nasl
|
2001-01-28 19:52:32 +01:00
|
|
|
lib/nessus/plugins/broker_ftp.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/c32.nasl
|
|
|
|
lib/nessus/plugins/ca_unicenter_file_transfer_service.nasl
|
|
|
|
lib/nessus/plugins/ca_unicenter_transport_service.nasl
|
|
|
|
lib/nessus/plugins/cachemgr_cgi.nasl
|
2000-10-15 19:19:49 +02:00
|
|
|
lib/nessus/plugins/calendar.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/campas.nasl
|
|
|
|
lib/nessus/plugins/cassandra_nntp_dos.nasl
|
2001-12-30 19:38:53 +01:00
|
|
|
lib/nessus/plugins/cayman_any_username.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/cdk.nasl
|
|
|
|
lib/nessus/plugins/cern_httpd_path.nasl
|
2001-12-30 19:38:53 +01:00
|
|
|
lib/nessus/plugins/cf_debug.nasl
|
2001-06-17 15:25:54 +02:00
|
|
|
lib/nessus/plugins/cfinger_format_bug.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/cfinger_search.nasl
|
2001-06-17 15:25:54 +02:00
|
|
|
lib/nessus/plugins/cfinger_version.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/cgibin_browsable.nasl
|
2001-12-30 19:38:53 +01:00
|
|
|
lib/nessus/plugins/cgicso_command_execution.nasl
|
|
|
|
lib/nessus/plugins/cgicso_cross_site_scripting.nasl
|
2001-01-28 19:52:32 +01:00
|
|
|
lib/nessus/plugins/cgiforum.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/cgitest.nasl
|
|
|
|
lib/nessus/plugins/cgiwrap.nasl
|
|
|
|
lib/nessus/plugins/chameleon_smtpd_overflow.nasl
|
|
|
|
lib/nessus/plugins/chargen.nasl
|
Update libnasl, nessus{-core,-libraries,-plugins} to 1.2.0.
1.1.15/1.2.0 :
. changes by Nicolas Dubee (ndubee@secway.com) :
- Better support for AF_UNIX sockets
. changes by Brian (bmc@snort.org) :
- CVE references
- several bugfixes in the plugins
. changes by Peter Gründl (pgrundl@kpmg.dk) and
Carsten Joergensen (carstenjoergensen@kpmg.dk) :
- Extensive review of the plugins and therefore numerous fixes
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- FD leak in save_kb.c fixed
. changes by Renaud Deraison (deraison at nessus.org)
- It is now possible to upload files to the server when using
the command line client
- lrand48() portability problems worked around
- fixed a bug in the report window that would make it crash
randomly
1.1.14 :
. changes by Renaud Deraison (deraison at nessus.org)
- SMB fixes (thanks to Michael Scheidell)
- When the safe checks option is enabled, dangerous tests with no
alternate code (ie: plugins of type ACT_DESTRUCTIVE_ATTACK and
ACT_DENIAL) are disabled
- Hosts can be designated by their MAC address of instead of their
IP address (mostly useful for DHCP networks)
- Fixed a bug in the report generation which would replace newlines (\n)
by semi-columns (;)
- Fixed a bug in the export of some types of reports, where open ports
with no data associated would not be saved
- Integrated THC's Hydra as a Nessus plugin
- Added new NT security checks (related to user management)
- Plugins of type ACT_SETTINGS can not be disabled
- Fixed a bug which would make nessusd hang when a scanner was reporting
too many open ports (as when a UDP scan reports all UDP ports as
being open)
. changes by Dion Stempfley (dion at riptech.com)
- The client can now filter on category
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- Fixed some plugins causing error messages in some circumstances
(dns_xfer.nasl, snmp_processes.nasl...)
- Stylish changes to prevent gcc -Wall from whining in some files
- XML NG output is now XML compliant
- Bug fixes
. changes by Jenni Scott (jenni.scott@guardent.com) and
Michael Slifcak (michael.slifcak@guardent.com) :
- Improved the reporting of the plugins (better consistency, better
wording)
1.1.13 :
. changes by Michel Arboi (arboi at algoriel.fr)
- New family ACT_SETTINGS dedicated to plugins which just let the user
enter some preferences
- Optional NIDS evasion techniques (url encoding, tcp slicing)
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug in the command line client which would make it ignore
some preferences
- SMB checks can now log into a Windows domain
- NIDS evasion techniques (data injection, short ttl)
- Fixed a bug which would randomly stall the scan
1.1.12 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workarounds on FreeBSD to prevent a kernel panic
(thanks to Michael Scheidell and Stefan Esser)
- nessus can export reports as other file formats again
1.1.11 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug regarding the saving of reports from the GUI
- Improved the backend in many ways (speed-wise, content-wise)
- Changes in the protocol
- More messages are sent between the server and the client (timestamps,
plugins version, ...)
- New .nbe file format, which looks like .nsr but has more information
in it
- Plugins now have versions numbers.
- The user can upload his plugins to the nessusd server from the client
- It is now possible to upload files to the server (ie: nmap's results) in
command-line mode
- Fixed false positives in SNMP plugins when launched against a non-configured
Solaris snmpd
. changes by Guillaume Valadon (guillaume at valadon.net)
- New XML output (the XML layout was defined by Lionel Cons [lionel.cons at cern.ch])
1.1.10 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug introduced in 1.1.9 which would sometimes prevent a user from
aborting an on-going test
- Fixed a bug in the client which would prevent the user from setting a port
range longer than 255 chars
- Fixed bugs in pcap_next() (thanks to Richard van den Berg). Also, pcap_next() is now more flexible.
- Fixed a bug in the command line client which would make it close the
communication too early when the client - server communication is not
ciphered
- Added an "auto-load dependencies at runtime" option
1.1.9 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fix in the GUI, when closing a saved report
- Fixed a bug in ftp_log_in() which would prevent nasl script from
logging into some FTP servers
- Solaris build problems fixed
- Darwin 1.4.1 build problems fixed
- MkLinux DR3 build problems fixed (is anyone using it anymore ?)
- GTK 1.0.x build problems fixed (the use of GTK 1.2 is recommended though)
- Fixed the "wrong call to getopt" problem which would make Nessus
segfault when built with cygwin, and which would prevent options
from working under Solaris & FreeBSD (thanks to Udo Schweigert)
- SMB checks speedup (thanks to Georges Dagousset's suggestion)
- Fixed a bug in the client - server communication that would make the
server close the communication when the client is idle
- Better support for AF_UNIX socket for client-server communication
(compile nessus-core with ./configure --enable-unix-socket)
- Plugins are disabled by default in batch mode
. changes by Michel Arboi (arboi at algoriel.fr)
- Client now properly checks the certificate of the server
. changes by Benoit Brodard (bbrodard at arkoon.net)
- fixed bugs in nasl/tcp.c (checksum, handling of unsigned int)
1.1.8 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workaround for systems with a low number of bpfs (OpenBSD, Darwin)
- Added some length checks for SMB checks
- No more zombies
- Fixed accounts.nes
- Fixed the reporting of the client (reports would be mixed)
- Client removes tempfiles when exiting
- Repaired ptyexecvp() which would not work on Solaris
- Slight bugfix in the NASL interpretor
. changes by Georges Dagousset (georges at alert4web.com)
- More optimizations
- Properly reloads KBs with the same value defined more than once
- Fixes in some plugins dependencies
. changes by Michael Slifcak <Michael.Slifcak at guardent.com>
- More nmap options
- Quiet mode in nessus-adduser
1.1.7 :
. changes by Renaud Deraison (deraison at nessus.org)
- Compiles on platforms without OpenSSL
- Better Solaris support
- Ported under Darwin (many thanks to Dieter Fiebelkorn
(dieter at fiebelkorn.net) who actually started the port and helped
me test this)
- Unscanned ports can now be considered as closed or open (instead of
just open), at user choice
- Upgraded to libtool 1.4.2
- fixed a bug in the client which would make it display the wrong report
when doing multiple scans
- enhanced the plugins filter (that appear when pressing 'l' in the GUI)
- fixed a serious problem in the SMB plugins which would prevent them to work
against Samba and which would make them slow against Windows (pointed out
by Georges Dagousset)
. changes by Iouri Pletnev (Iouri.Pletnec at xacta.com)
- Ported under Cygwin
. changes by Michel Arboi (arboi at algoriel.fr)
- Added nessus-mkrand for hosts with no /dev/random AND no EGD
running
1.1.6 :
. changes by Renaud Deraison (deraison at nessus.org)
- EGD support for OpenSSL (do ./configure --enable-egd=/path/to/egd/socket
in nessus-libraries)
- KB items are now stored with individual dates instead of a global
date for the whole KB file. Yes, this means you have to delete your
old KB files
- When an host could not be pinged, his KB is not altered (nor created)
- fixed memory leaks in nessusd
- nessus-mkcert checks that the certificates were really created
before congratulating the user
- fixed a security problem where anybody with a shell on the nessusd
host could log in
1.1.5 :
. changes by Georges Dagousset (georges.dagousset at alert4web.com) :
- new KB entries for further "optimizations"
- improved find_services.nes
. changes by Renaud Deraison (deraison at nessus.org) :
- cleaned up the KB
- added doc/kb_entries.txt
- bugfix in find_services regarding the pem password
- new reporting GUI
- fixed a problem which would leave some plugin run against a host
considered as dead
- the KB are now stored with properly escaped \n and \r chars
- greatly improved tcp_ping.nasl (and tcp_ping() in libnasl)
. changes by Michel Arboi (arboi at algoriel.fr) :
- replaced PEKS by OpenSSL in the client/server communication
. changes by H D Moore (hdm@secureaustin.com)
- fixed no404.nasl
1.1.4 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed find_services.nes
- plugins that are slow to finish are _really_ killed by the server
- the client better handles the scan of big networks
- nmap_wrapper now updates its progress bar
- nessus-update-plugins support proxies (with or without authentication)
- monitor_backend.c and data_mining.c allow any developer to plug
a database behind the client (by default flatfiles are used)
- bug fixed in nmap_wrapper which would make it kill its parent
process randomly
- minor fix in the tcp_ping() function of NASL (ack would be set
to non-zero for a syn packet)
- fixed Alexis's ftp_write_dirs.nes & ftp_bounce_scan.nes
. changes by Michel Arboi (arboi at noos.fr) :
- find_services accepts password-protected .pem files
- patches in the way files were transmitted between the client
and the server (which could end up in a deadlock)
. changes by Alexis de Bernis <alexisb at tpfh.org) :
- fixed ftp_write_dirs.nes
1.1.3 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'torturecgis.nasl' which supplies bogus args to
the remote CGIs, in order to find the most blantantly broken
ones
- webmirror.nasl now retrieves the list of arguments of each
CGI.
- added filter support in the client. Use the key 'l' to filter
out plugins you don't want to see.
- added the 'safe checks' option which allow the user to not disturb
the network (but which weakens the Nessus tests)
- disabled backward support for port 3001 - the official port
is 1241 now.
1.1.2 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'webmirror.nasl', which extracts the list of
CGIs used by a remote web server (and will do much more).
- fixed a problem in NASL due to the SSL patch that would cause
a fd leak with some plugins.
- added a new plugin category (ACT_DESTRUCTIVE_ATTACK) for plugins
that may harm the remote host.
- SSL certificates & key can be imported
- corrected a bug introduced in 1.1.0 that would make the client not display
the name of the plugin currently being run.
- sending signal SIGUSR1 to nessusd makes the grandfather process (the one
who listens on tcp ports) die without killing its children, thus
allowing a smooth upgrade of nessusd
- updated config.guess and config.sub
1.1.1 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed mem leaks in NASL
- fixed a bug introduced in 1.1.0 regarding recv_line()
- fixed a bug introduced in 1.1.0 in the process management of the plugins
(all the KB would not be filled, resulting in incomplete tests)
- smb_sid2user.nasl is twice as fast ;)
1.1.0 :
. changes by Devin Kowatch (devink at SDSC.EDU) :
- fixed communication problem between client and server
- user-defined timing policy in nmap
- nessus-update-plugins uses wget (or any user-supplied command at
compilation time) if available.
. changes by Michel Arboi (arboi at bigfoot.com) :
- support for the -T option of nmap
- SSL support
. changes by Zorgon (zorgon at antionline.org) :
- support for the --os_guess option of nmap
. changes by Renaud Deraison (deraison at nessus.org) :
- the user can upload files to plugins through the client (ie: it is possible
to upload nmap's results directly to the nmap plugin)
- tests can be run in parallel now
- each user is now granted a home by nessus-adduser
- added nessus-rmuser
- per users plugins
Of course several new plugins were added as well.
2002-05-10 15:18:44 +02:00
|
|
|
lib/nessus/plugins/check_ports.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/checkpoint.nasl
|
2001-08-16 19:27:53 +02:00
|
|
|
lib/nessus/plugins/cisco-view-source-dos.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/cisco_675.nasl
|
2001-01-28 19:52:32 +01:00
|
|
|
lib/nessus/plugins/cisco_675_http_dos.nasl
|
|
|
|
lib/nessus/plugins/cisco_catalyst.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/cisco_dos.nasl
|
2001-08-16 19:27:53 +02:00
|
|
|
lib/nessus/plugins/cisco_http_admin_access.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/cisco_http_dos.nasl
|
2001-12-30 19:38:53 +01:00
|
|
|
lib/nessus/plugins/cisco_no_pw.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/cmail_overflow.nasl
|
2001-12-30 19:38:53 +01:00
|
|
|
lib/nessus/plugins/cobalt_web_admin_server.nasl
|
2001-08-16 19:27:53 +02:00
|
|
|
lib/nessus/plugins/codered_x.nasl
|
2001-01-28 19:52:32 +01:00
|
|
|
lib/nessus/plugins/cold_fusion_admin_dos.nasl
|
2001-06-17 15:25:54 +02:00
|
|
|
lib/nessus/plugins/commerce_cgi.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/communigatepro_overflow.nasl
|
2001-12-30 19:38:53 +01:00
|
|
|
lib/nessus/plugins/compaq_wbem_detect.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/count_cgi.nasl
|
2001-08-16 19:27:53 +02:00
|
|
|
lib/nessus/plugins/cp-firewall-auth.nasl
|
|
|
|
lib/nessus/plugins/cp-firewall-webauth.nasl
|
Update libnasl, nessus{-core,-libraries,-plugins} to 1.2.0.
1.1.15/1.2.0 :
. changes by Nicolas Dubee (ndubee@secway.com) :
- Better support for AF_UNIX sockets
. changes by Brian (bmc@snort.org) :
- CVE references
- several bugfixes in the plugins
. changes by Peter Gründl (pgrundl@kpmg.dk) and
Carsten Joergensen (carstenjoergensen@kpmg.dk) :
- Extensive review of the plugins and therefore numerous fixes
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- FD leak in save_kb.c fixed
. changes by Renaud Deraison (deraison at nessus.org)
- It is now possible to upload files to the server when using
the command line client
- lrand48() portability problems worked around
- fixed a bug in the report window that would make it crash
randomly
1.1.14 :
. changes by Renaud Deraison (deraison at nessus.org)
- SMB fixes (thanks to Michael Scheidell)
- When the safe checks option is enabled, dangerous tests with no
alternate code (ie: plugins of type ACT_DESTRUCTIVE_ATTACK and
ACT_DENIAL) are disabled
- Hosts can be designated by their MAC address of instead of their
IP address (mostly useful for DHCP networks)
- Fixed a bug in the report generation which would replace newlines (\n)
by semi-columns (;)
- Fixed a bug in the export of some types of reports, where open ports
with no data associated would not be saved
- Integrated THC's Hydra as a Nessus plugin
- Added new NT security checks (related to user management)
- Plugins of type ACT_SETTINGS can not be disabled
- Fixed a bug which would make nessusd hang when a scanner was reporting
too many open ports (as when a UDP scan reports all UDP ports as
being open)
. changes by Dion Stempfley (dion at riptech.com)
- The client can now filter on category
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- Fixed some plugins causing error messages in some circumstances
(dns_xfer.nasl, snmp_processes.nasl...)
- Stylish changes to prevent gcc -Wall from whining in some files
- XML NG output is now XML compliant
- Bug fixes
. changes by Jenni Scott (jenni.scott@guardent.com) and
Michael Slifcak (michael.slifcak@guardent.com) :
- Improved the reporting of the plugins (better consistency, better
wording)
1.1.13 :
. changes by Michel Arboi (arboi at algoriel.fr)
- New family ACT_SETTINGS dedicated to plugins which just let the user
enter some preferences
- Optional NIDS evasion techniques (url encoding, tcp slicing)
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug in the command line client which would make it ignore
some preferences
- SMB checks can now log into a Windows domain
- NIDS evasion techniques (data injection, short ttl)
- Fixed a bug which would randomly stall the scan
1.1.12 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workarounds on FreeBSD to prevent a kernel panic
(thanks to Michael Scheidell and Stefan Esser)
- nessus can export reports as other file formats again
1.1.11 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug regarding the saving of reports from the GUI
- Improved the backend in many ways (speed-wise, content-wise)
- Changes in the protocol
- More messages are sent between the server and the client (timestamps,
plugins version, ...)
- New .nbe file format, which looks like .nsr but has more information
in it
- Plugins now have versions numbers.
- The user can upload his plugins to the nessusd server from the client
- It is now possible to upload files to the server (ie: nmap's results) in
command-line mode
- Fixed false positives in SNMP plugins when launched against a non-configured
Solaris snmpd
. changes by Guillaume Valadon (guillaume at valadon.net)
- New XML output (the XML layout was defined by Lionel Cons [lionel.cons at cern.ch])
1.1.10 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug introduced in 1.1.9 which would sometimes prevent a user from
aborting an on-going test
- Fixed a bug in the client which would prevent the user from setting a port
range longer than 255 chars
- Fixed bugs in pcap_next() (thanks to Richard van den Berg). Also, pcap_next() is now more flexible.
- Fixed a bug in the command line client which would make it close the
communication too early when the client - server communication is not
ciphered
- Added an "auto-load dependencies at runtime" option
1.1.9 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fix in the GUI, when closing a saved report
- Fixed a bug in ftp_log_in() which would prevent nasl script from
logging into some FTP servers
- Solaris build problems fixed
- Darwin 1.4.1 build problems fixed
- MkLinux DR3 build problems fixed (is anyone using it anymore ?)
- GTK 1.0.x build problems fixed (the use of GTK 1.2 is recommended though)
- Fixed the "wrong call to getopt" problem which would make Nessus
segfault when built with cygwin, and which would prevent options
from working under Solaris & FreeBSD (thanks to Udo Schweigert)
- SMB checks speedup (thanks to Georges Dagousset's suggestion)
- Fixed a bug in the client - server communication that would make the
server close the communication when the client is idle
- Better support for AF_UNIX socket for client-server communication
(compile nessus-core with ./configure --enable-unix-socket)
- Plugins are disabled by default in batch mode
. changes by Michel Arboi (arboi at algoriel.fr)
- Client now properly checks the certificate of the server
. changes by Benoit Brodard (bbrodard at arkoon.net)
- fixed bugs in nasl/tcp.c (checksum, handling of unsigned int)
1.1.8 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workaround for systems with a low number of bpfs (OpenBSD, Darwin)
- Added some length checks for SMB checks
- No more zombies
- Fixed accounts.nes
- Fixed the reporting of the client (reports would be mixed)
- Client removes tempfiles when exiting
- Repaired ptyexecvp() which would not work on Solaris
- Slight bugfix in the NASL interpretor
. changes by Georges Dagousset (georges at alert4web.com)
- More optimizations
- Properly reloads KBs with the same value defined more than once
- Fixes in some plugins dependencies
. changes by Michael Slifcak <Michael.Slifcak at guardent.com>
- More nmap options
- Quiet mode in nessus-adduser
1.1.7 :
. changes by Renaud Deraison (deraison at nessus.org)
- Compiles on platforms without OpenSSL
- Better Solaris support
- Ported under Darwin (many thanks to Dieter Fiebelkorn
(dieter at fiebelkorn.net) who actually started the port and helped
me test this)
- Unscanned ports can now be considered as closed or open (instead of
just open), at user choice
- Upgraded to libtool 1.4.2
- fixed a bug in the client which would make it display the wrong report
when doing multiple scans
- enhanced the plugins filter (that appear when pressing 'l' in the GUI)
- fixed a serious problem in the SMB plugins which would prevent them to work
against Samba and which would make them slow against Windows (pointed out
by Georges Dagousset)
. changes by Iouri Pletnev (Iouri.Pletnec at xacta.com)
- Ported under Cygwin
. changes by Michel Arboi (arboi at algoriel.fr)
- Added nessus-mkrand for hosts with no /dev/random AND no EGD
running
1.1.6 :
. changes by Renaud Deraison (deraison at nessus.org)
- EGD support for OpenSSL (do ./configure --enable-egd=/path/to/egd/socket
in nessus-libraries)
- KB items are now stored with individual dates instead of a global
date for the whole KB file. Yes, this means you have to delete your
old KB files
- When an host could not be pinged, his KB is not altered (nor created)
- fixed memory leaks in nessusd
- nessus-mkcert checks that the certificates were really created
before congratulating the user
- fixed a security problem where anybody with a shell on the nessusd
host could log in
1.1.5 :
. changes by Georges Dagousset (georges.dagousset at alert4web.com) :
- new KB entries for further "optimizations"
- improved find_services.nes
. changes by Renaud Deraison (deraison at nessus.org) :
- cleaned up the KB
- added doc/kb_entries.txt
- bugfix in find_services regarding the pem password
- new reporting GUI
- fixed a problem which would leave some plugin run against a host
considered as dead
- the KB are now stored with properly escaped \n and \r chars
- greatly improved tcp_ping.nasl (and tcp_ping() in libnasl)
. changes by Michel Arboi (arboi at algoriel.fr) :
- replaced PEKS by OpenSSL in the client/server communication
. changes by H D Moore (hdm@secureaustin.com)
- fixed no404.nasl
1.1.4 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed find_services.nes
- plugins that are slow to finish are _really_ killed by the server
- the client better handles the scan of big networks
- nmap_wrapper now updates its progress bar
- nessus-update-plugins support proxies (with or without authentication)
- monitor_backend.c and data_mining.c allow any developer to plug
a database behind the client (by default flatfiles are used)
- bug fixed in nmap_wrapper which would make it kill its parent
process randomly
- minor fix in the tcp_ping() function of NASL (ack would be set
to non-zero for a syn packet)
- fixed Alexis's ftp_write_dirs.nes & ftp_bounce_scan.nes
. changes by Michel Arboi (arboi at noos.fr) :
- find_services accepts password-protected .pem files
- patches in the way files were transmitted between the client
and the server (which could end up in a deadlock)
. changes by Alexis de Bernis <alexisb at tpfh.org) :
- fixed ftp_write_dirs.nes
1.1.3 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'torturecgis.nasl' which supplies bogus args to
the remote CGIs, in order to find the most blantantly broken
ones
- webmirror.nasl now retrieves the list of arguments of each
CGI.
- added filter support in the client. Use the key 'l' to filter
out plugins you don't want to see.
- added the 'safe checks' option which allow the user to not disturb
the network (but which weakens the Nessus tests)
- disabled backward support for port 3001 - the official port
is 1241 now.
1.1.2 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'webmirror.nasl', which extracts the list of
CGIs used by a remote web server (and will do much more).
- fixed a problem in NASL due to the SSL patch that would cause
a fd leak with some plugins.
- added a new plugin category (ACT_DESTRUCTIVE_ATTACK) for plugins
that may harm the remote host.
- SSL certificates & key can be imported
- corrected a bug introduced in 1.1.0 that would make the client not display
the name of the plugin currently being run.
- sending signal SIGUSR1 to nessusd makes the grandfather process (the one
who listens on tcp ports) die without killing its children, thus
allowing a smooth upgrade of nessusd
- updated config.guess and config.sub
1.1.1 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed mem leaks in NASL
- fixed a bug introduced in 1.1.0 regarding recv_line()
- fixed a bug introduced in 1.1.0 in the process management of the plugins
(all the KB would not be filled, resulting in incomplete tests)
- smb_sid2user.nasl is twice as fast ;)
1.1.0 :
. changes by Devin Kowatch (devink at SDSC.EDU) :
- fixed communication problem between client and server
- user-defined timing policy in nmap
- nessus-update-plugins uses wget (or any user-supplied command at
compilation time) if available.
. changes by Michel Arboi (arboi at bigfoot.com) :
- support for the -T option of nmap
- SSL support
. changes by Zorgon (zorgon at antionline.org) :
- support for the --os_guess option of nmap
. changes by Renaud Deraison (deraison at nessus.org) :
- the user can upload files to plugins through the client (ie: it is possible
to upload nmap's results directly to the nmap plugin)
- tests can be run in parallel now
- each user is now granted a home by nessus-adduser
- added nessus-rmuser
- per users plugins
Of course several new plugins were added as well.
2002-05-10 15:18:44 +02:00
|
|
|
lib/nessus/plugins/cross_site_scripting.nasl
|
|
|
|
lib/nessus/plugins/csSearch_cgi.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/csm_helo.nasl
|
|
|
|
lib/nessus/plugins/cvs_detect.nasl
|
Update libnasl, nessus{-core,-libraries,-plugins} to 1.2.0.
1.1.15/1.2.0 :
. changes by Nicolas Dubee (ndubee@secway.com) :
- Better support for AF_UNIX sockets
. changes by Brian (bmc@snort.org) :
- CVE references
- several bugfixes in the plugins
. changes by Peter Gründl (pgrundl@kpmg.dk) and
Carsten Joergensen (carstenjoergensen@kpmg.dk) :
- Extensive review of the plugins and therefore numerous fixes
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- FD leak in save_kb.c fixed
. changes by Renaud Deraison (deraison at nessus.org)
- It is now possible to upload files to the server when using
the command line client
- lrand48() portability problems worked around
- fixed a bug in the report window that would make it crash
randomly
1.1.14 :
. changes by Renaud Deraison (deraison at nessus.org)
- SMB fixes (thanks to Michael Scheidell)
- When the safe checks option is enabled, dangerous tests with no
alternate code (ie: plugins of type ACT_DESTRUCTIVE_ATTACK and
ACT_DENIAL) are disabled
- Hosts can be designated by their MAC address of instead of their
IP address (mostly useful for DHCP networks)
- Fixed a bug in the report generation which would replace newlines (\n)
by semi-columns (;)
- Fixed a bug in the export of some types of reports, where open ports
with no data associated would not be saved
- Integrated THC's Hydra as a Nessus plugin
- Added new NT security checks (related to user management)
- Plugins of type ACT_SETTINGS can not be disabled
- Fixed a bug which would make nessusd hang when a scanner was reporting
too many open ports (as when a UDP scan reports all UDP ports as
being open)
. changes by Dion Stempfley (dion at riptech.com)
- The client can now filter on category
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- Fixed some plugins causing error messages in some circumstances
(dns_xfer.nasl, snmp_processes.nasl...)
- Stylish changes to prevent gcc -Wall from whining in some files
- XML NG output is now XML compliant
- Bug fixes
. changes by Jenni Scott (jenni.scott@guardent.com) and
Michael Slifcak (michael.slifcak@guardent.com) :
- Improved the reporting of the plugins (better consistency, better
wording)
1.1.13 :
. changes by Michel Arboi (arboi at algoriel.fr)
- New family ACT_SETTINGS dedicated to plugins which just let the user
enter some preferences
- Optional NIDS evasion techniques (url encoding, tcp slicing)
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug in the command line client which would make it ignore
some preferences
- SMB checks can now log into a Windows domain
- NIDS evasion techniques (data injection, short ttl)
- Fixed a bug which would randomly stall the scan
1.1.12 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workarounds on FreeBSD to prevent a kernel panic
(thanks to Michael Scheidell and Stefan Esser)
- nessus can export reports as other file formats again
1.1.11 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug regarding the saving of reports from the GUI
- Improved the backend in many ways (speed-wise, content-wise)
- Changes in the protocol
- More messages are sent between the server and the client (timestamps,
plugins version, ...)
- New .nbe file format, which looks like .nsr but has more information
in it
- Plugins now have versions numbers.
- The user can upload his plugins to the nessusd server from the client
- It is now possible to upload files to the server (ie: nmap's results) in
command-line mode
- Fixed false positives in SNMP plugins when launched against a non-configured
Solaris snmpd
. changes by Guillaume Valadon (guillaume at valadon.net)
- New XML output (the XML layout was defined by Lionel Cons [lionel.cons at cern.ch])
1.1.10 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug introduced in 1.1.9 which would sometimes prevent a user from
aborting an on-going test
- Fixed a bug in the client which would prevent the user from setting a port
range longer than 255 chars
- Fixed bugs in pcap_next() (thanks to Richard van den Berg). Also, pcap_next() is now more flexible.
- Fixed a bug in the command line client which would make it close the
communication too early when the client - server communication is not
ciphered
- Added an "auto-load dependencies at runtime" option
1.1.9 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fix in the GUI, when closing a saved report
- Fixed a bug in ftp_log_in() which would prevent nasl script from
logging into some FTP servers
- Solaris build problems fixed
- Darwin 1.4.1 build problems fixed
- MkLinux DR3 build problems fixed (is anyone using it anymore ?)
- GTK 1.0.x build problems fixed (the use of GTK 1.2 is recommended though)
- Fixed the "wrong call to getopt" problem which would make Nessus
segfault when built with cygwin, and which would prevent options
from working under Solaris & FreeBSD (thanks to Udo Schweigert)
- SMB checks speedup (thanks to Georges Dagousset's suggestion)
- Fixed a bug in the client - server communication that would make the
server close the communication when the client is idle
- Better support for AF_UNIX socket for client-server communication
(compile nessus-core with ./configure --enable-unix-socket)
- Plugins are disabled by default in batch mode
. changes by Michel Arboi (arboi at algoriel.fr)
- Client now properly checks the certificate of the server
. changes by Benoit Brodard (bbrodard at arkoon.net)
- fixed bugs in nasl/tcp.c (checksum, handling of unsigned int)
1.1.8 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workaround for systems with a low number of bpfs (OpenBSD, Darwin)
- Added some length checks for SMB checks
- No more zombies
- Fixed accounts.nes
- Fixed the reporting of the client (reports would be mixed)
- Client removes tempfiles when exiting
- Repaired ptyexecvp() which would not work on Solaris
- Slight bugfix in the NASL interpretor
. changes by Georges Dagousset (georges at alert4web.com)
- More optimizations
- Properly reloads KBs with the same value defined more than once
- Fixes in some plugins dependencies
. changes by Michael Slifcak <Michael.Slifcak at guardent.com>
- More nmap options
- Quiet mode in nessus-adduser
1.1.7 :
. changes by Renaud Deraison (deraison at nessus.org)
- Compiles on platforms without OpenSSL
- Better Solaris support
- Ported under Darwin (many thanks to Dieter Fiebelkorn
(dieter at fiebelkorn.net) who actually started the port and helped
me test this)
- Unscanned ports can now be considered as closed or open (instead of
just open), at user choice
- Upgraded to libtool 1.4.2
- fixed a bug in the client which would make it display the wrong report
when doing multiple scans
- enhanced the plugins filter (that appear when pressing 'l' in the GUI)
- fixed a serious problem in the SMB plugins which would prevent them to work
against Samba and which would make them slow against Windows (pointed out
by Georges Dagousset)
. changes by Iouri Pletnev (Iouri.Pletnec at xacta.com)
- Ported under Cygwin
. changes by Michel Arboi (arboi at algoriel.fr)
- Added nessus-mkrand for hosts with no /dev/random AND no EGD
running
1.1.6 :
. changes by Renaud Deraison (deraison at nessus.org)
- EGD support for OpenSSL (do ./configure --enable-egd=/path/to/egd/socket
in nessus-libraries)
- KB items are now stored with individual dates instead of a global
date for the whole KB file. Yes, this means you have to delete your
old KB files
- When an host could not be pinged, his KB is not altered (nor created)
- fixed memory leaks in nessusd
- nessus-mkcert checks that the certificates were really created
before congratulating the user
- fixed a security problem where anybody with a shell on the nessusd
host could log in
1.1.5 :
. changes by Georges Dagousset (georges.dagousset at alert4web.com) :
- new KB entries for further "optimizations"
- improved find_services.nes
. changes by Renaud Deraison (deraison at nessus.org) :
- cleaned up the KB
- added doc/kb_entries.txt
- bugfix in find_services regarding the pem password
- new reporting GUI
- fixed a problem which would leave some plugin run against a host
considered as dead
- the KB are now stored with properly escaped \n and \r chars
- greatly improved tcp_ping.nasl (and tcp_ping() in libnasl)
. changes by Michel Arboi (arboi at algoriel.fr) :
- replaced PEKS by OpenSSL in the client/server communication
. changes by H D Moore (hdm@secureaustin.com)
- fixed no404.nasl
1.1.4 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed find_services.nes
- plugins that are slow to finish are _really_ killed by the server
- the client better handles the scan of big networks
- nmap_wrapper now updates its progress bar
- nessus-update-plugins support proxies (with or without authentication)
- monitor_backend.c and data_mining.c allow any developer to plug
a database behind the client (by default flatfiles are used)
- bug fixed in nmap_wrapper which would make it kill its parent
process randomly
- minor fix in the tcp_ping() function of NASL (ack would be set
to non-zero for a syn packet)
- fixed Alexis's ftp_write_dirs.nes & ftp_bounce_scan.nes
. changes by Michel Arboi (arboi at noos.fr) :
- find_services accepts password-protected .pem files
- patches in the way files were transmitted between the client
and the server (which could end up in a deadlock)
. changes by Alexis de Bernis <alexisb at tpfh.org) :
- fixed ftp_write_dirs.nes
1.1.3 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'torturecgis.nasl' which supplies bogus args to
the remote CGIs, in order to find the most blantantly broken
ones
- webmirror.nasl now retrieves the list of arguments of each
CGI.
- added filter support in the client. Use the key 'l' to filter
out plugins you don't want to see.
- added the 'safe checks' option which allow the user to not disturb
the network (but which weakens the Nessus tests)
- disabled backward support for port 3001 - the official port
is 1241 now.
1.1.2 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'webmirror.nasl', which extracts the list of
CGIs used by a remote web server (and will do much more).
- fixed a problem in NASL due to the SSL patch that would cause
a fd leak with some plugins.
- added a new plugin category (ACT_DESTRUCTIVE_ATTACK) for plugins
that may harm the remote host.
- SSL certificates & key can be imported
- corrected a bug introduced in 1.1.0 that would make the client not display
the name of the plugin currently being run.
- sending signal SIGUSR1 to nessusd makes the grandfather process (the one
who listens on tcp ports) die without killing its children, thus
allowing a smooth upgrade of nessusd
- updated config.guess and config.sub
1.1.1 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed mem leaks in NASL
- fixed a bug introduced in 1.1.0 regarding recv_line()
- fixed a bug introduced in 1.1.0 in the process management of the plugins
(all the KB would not be filled, resulting in incomplete tests)
- smb_sid2user.nasl is twice as fast ;)
1.1.0 :
. changes by Devin Kowatch (devink at SDSC.EDU) :
- fixed communication problem between client and server
- user-defined timing policy in nmap
- nessus-update-plugins uses wget (or any user-supplied command at
compilation time) if available.
. changes by Michel Arboi (arboi at bigfoot.com) :
- support for the -T option of nmap
- SSL support
. changes by Zorgon (zorgon at antionline.org) :
- support for the --os_guess option of nmap
. changes by Renaud Deraison (deraison at nessus.org) :
- the user can upload files to plugins through the client (ie: it is possible
to upload nmap's results directly to the nmap plugin)
- tests can be run in parallel now
- each user is now granted a home by nessus-adduser
- added nessus-rmuser
- per users plugins
Of course several new plugins were added as well.
2002-05-10 15:18:44 +02:00
|
|
|
lib/nessus/plugins/cvs_in_www.nasl
|
2000-08-04 01:09:21 +02:00
|
|
|
lib/nessus/plugins/cvsweb_shell.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/cvsweb_version.nasl
|
|
|
|
lib/nessus/plugins/dansie_cart.nasl
|
|
|
|
lib/nessus/plugins/daytime.nasl
|
Update libnasl, nessus{-core,-libraries,-plugins} to 1.2.0.
1.1.15/1.2.0 :
. changes by Nicolas Dubee (ndubee@secway.com) :
- Better support for AF_UNIX sockets
. changes by Brian (bmc@snort.org) :
- CVE references
- several bugfixes in the plugins
. changes by Peter Gründl (pgrundl@kpmg.dk) and
Carsten Joergensen (carstenjoergensen@kpmg.dk) :
- Extensive review of the plugins and therefore numerous fixes
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- FD leak in save_kb.c fixed
. changes by Renaud Deraison (deraison at nessus.org)
- It is now possible to upload files to the server when using
the command line client
- lrand48() portability problems worked around
- fixed a bug in the report window that would make it crash
randomly
1.1.14 :
. changes by Renaud Deraison (deraison at nessus.org)
- SMB fixes (thanks to Michael Scheidell)
- When the safe checks option is enabled, dangerous tests with no
alternate code (ie: plugins of type ACT_DESTRUCTIVE_ATTACK and
ACT_DENIAL) are disabled
- Hosts can be designated by their MAC address of instead of their
IP address (mostly useful for DHCP networks)
- Fixed a bug in the report generation which would replace newlines (\n)
by semi-columns (;)
- Fixed a bug in the export of some types of reports, where open ports
with no data associated would not be saved
- Integrated THC's Hydra as a Nessus plugin
- Added new NT security checks (related to user management)
- Plugins of type ACT_SETTINGS can not be disabled
- Fixed a bug which would make nessusd hang when a scanner was reporting
too many open ports (as when a UDP scan reports all UDP ports as
being open)
. changes by Dion Stempfley (dion at riptech.com)
- The client can now filter on category
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- Fixed some plugins causing error messages in some circumstances
(dns_xfer.nasl, snmp_processes.nasl...)
- Stylish changes to prevent gcc -Wall from whining in some files
- XML NG output is now XML compliant
- Bug fixes
. changes by Jenni Scott (jenni.scott@guardent.com) and
Michael Slifcak (michael.slifcak@guardent.com) :
- Improved the reporting of the plugins (better consistency, better
wording)
1.1.13 :
. changes by Michel Arboi (arboi at algoriel.fr)
- New family ACT_SETTINGS dedicated to plugins which just let the user
enter some preferences
- Optional NIDS evasion techniques (url encoding, tcp slicing)
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug in the command line client which would make it ignore
some preferences
- SMB checks can now log into a Windows domain
- NIDS evasion techniques (data injection, short ttl)
- Fixed a bug which would randomly stall the scan
1.1.12 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workarounds on FreeBSD to prevent a kernel panic
(thanks to Michael Scheidell and Stefan Esser)
- nessus can export reports as other file formats again
1.1.11 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug regarding the saving of reports from the GUI
- Improved the backend in many ways (speed-wise, content-wise)
- Changes in the protocol
- More messages are sent between the server and the client (timestamps,
plugins version, ...)
- New .nbe file format, which looks like .nsr but has more information
in it
- Plugins now have versions numbers.
- The user can upload his plugins to the nessusd server from the client
- It is now possible to upload files to the server (ie: nmap's results) in
command-line mode
- Fixed false positives in SNMP plugins when launched against a non-configured
Solaris snmpd
. changes by Guillaume Valadon (guillaume at valadon.net)
- New XML output (the XML layout was defined by Lionel Cons [lionel.cons at cern.ch])
1.1.10 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug introduced in 1.1.9 which would sometimes prevent a user from
aborting an on-going test
- Fixed a bug in the client which would prevent the user from setting a port
range longer than 255 chars
- Fixed bugs in pcap_next() (thanks to Richard van den Berg). Also, pcap_next() is now more flexible.
- Fixed a bug in the command line client which would make it close the
communication too early when the client - server communication is not
ciphered
- Added an "auto-load dependencies at runtime" option
1.1.9 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fix in the GUI, when closing a saved report
- Fixed a bug in ftp_log_in() which would prevent nasl script from
logging into some FTP servers
- Solaris build problems fixed
- Darwin 1.4.1 build problems fixed
- MkLinux DR3 build problems fixed (is anyone using it anymore ?)
- GTK 1.0.x build problems fixed (the use of GTK 1.2 is recommended though)
- Fixed the "wrong call to getopt" problem which would make Nessus
segfault when built with cygwin, and which would prevent options
from working under Solaris & FreeBSD (thanks to Udo Schweigert)
- SMB checks speedup (thanks to Georges Dagousset's suggestion)
- Fixed a bug in the client - server communication that would make the
server close the communication when the client is idle
- Better support for AF_UNIX socket for client-server communication
(compile nessus-core with ./configure --enable-unix-socket)
- Plugins are disabled by default in batch mode
. changes by Michel Arboi (arboi at algoriel.fr)
- Client now properly checks the certificate of the server
. changes by Benoit Brodard (bbrodard at arkoon.net)
- fixed bugs in nasl/tcp.c (checksum, handling of unsigned int)
1.1.8 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workaround for systems with a low number of bpfs (OpenBSD, Darwin)
- Added some length checks for SMB checks
- No more zombies
- Fixed accounts.nes
- Fixed the reporting of the client (reports would be mixed)
- Client removes tempfiles when exiting
- Repaired ptyexecvp() which would not work on Solaris
- Slight bugfix in the NASL interpretor
. changes by Georges Dagousset (georges at alert4web.com)
- More optimizations
- Properly reloads KBs with the same value defined more than once
- Fixes in some plugins dependencies
. changes by Michael Slifcak <Michael.Slifcak at guardent.com>
- More nmap options
- Quiet mode in nessus-adduser
1.1.7 :
. changes by Renaud Deraison (deraison at nessus.org)
- Compiles on platforms without OpenSSL
- Better Solaris support
- Ported under Darwin (many thanks to Dieter Fiebelkorn
(dieter at fiebelkorn.net) who actually started the port and helped
me test this)
- Unscanned ports can now be considered as closed or open (instead of
just open), at user choice
- Upgraded to libtool 1.4.2
- fixed a bug in the client which would make it display the wrong report
when doing multiple scans
- enhanced the plugins filter (that appear when pressing 'l' in the GUI)
- fixed a serious problem in the SMB plugins which would prevent them to work
against Samba and which would make them slow against Windows (pointed out
by Georges Dagousset)
. changes by Iouri Pletnev (Iouri.Pletnec at xacta.com)
- Ported under Cygwin
. changes by Michel Arboi (arboi at algoriel.fr)
- Added nessus-mkrand for hosts with no /dev/random AND no EGD
running
1.1.6 :
. changes by Renaud Deraison (deraison at nessus.org)
- EGD support for OpenSSL (do ./configure --enable-egd=/path/to/egd/socket
in nessus-libraries)
- KB items are now stored with individual dates instead of a global
date for the whole KB file. Yes, this means you have to delete your
old KB files
- When an host could not be pinged, his KB is not altered (nor created)
- fixed memory leaks in nessusd
- nessus-mkcert checks that the certificates were really created
before congratulating the user
- fixed a security problem where anybody with a shell on the nessusd
host could log in
1.1.5 :
. changes by Georges Dagousset (georges.dagousset at alert4web.com) :
- new KB entries for further "optimizations"
- improved find_services.nes
. changes by Renaud Deraison (deraison at nessus.org) :
- cleaned up the KB
- added doc/kb_entries.txt
- bugfix in find_services regarding the pem password
- new reporting GUI
- fixed a problem which would leave some plugin run against a host
considered as dead
- the KB are now stored with properly escaped \n and \r chars
- greatly improved tcp_ping.nasl (and tcp_ping() in libnasl)
. changes by Michel Arboi (arboi at algoriel.fr) :
- replaced PEKS by OpenSSL in the client/server communication
. changes by H D Moore (hdm@secureaustin.com)
- fixed no404.nasl
1.1.4 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed find_services.nes
- plugins that are slow to finish are _really_ killed by the server
- the client better handles the scan of big networks
- nmap_wrapper now updates its progress bar
- nessus-update-plugins support proxies (with or without authentication)
- monitor_backend.c and data_mining.c allow any developer to plug
a database behind the client (by default flatfiles are used)
- bug fixed in nmap_wrapper which would make it kill its parent
process randomly
- minor fix in the tcp_ping() function of NASL (ack would be set
to non-zero for a syn packet)
- fixed Alexis's ftp_write_dirs.nes & ftp_bounce_scan.nes
. changes by Michel Arboi (arboi at noos.fr) :
- find_services accepts password-protected .pem files
- patches in the way files were transmitted between the client
and the server (which could end up in a deadlock)
. changes by Alexis de Bernis <alexisb at tpfh.org) :
- fixed ftp_write_dirs.nes
1.1.3 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'torturecgis.nasl' which supplies bogus args to
the remote CGIs, in order to find the most blantantly broken
ones
- webmirror.nasl now retrieves the list of arguments of each
CGI.
- added filter support in the client. Use the key 'l' to filter
out plugins you don't want to see.
- added the 'safe checks' option which allow the user to not disturb
the network (but which weakens the Nessus tests)
- disabled backward support for port 3001 - the official port
is 1241 now.
1.1.2 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'webmirror.nasl', which extracts the list of
CGIs used by a remote web server (and will do much more).
- fixed a problem in NASL due to the SSL patch that would cause
a fd leak with some plugins.
- added a new plugin category (ACT_DESTRUCTIVE_ATTACK) for plugins
that may harm the remote host.
- SSL certificates & key can be imported
- corrected a bug introduced in 1.1.0 that would make the client not display
the name of the plugin currently being run.
- sending signal SIGUSR1 to nessusd makes the grandfather process (the one
who listens on tcp ports) die without killing its children, thus
allowing a smooth upgrade of nessusd
- updated config.guess and config.sub
1.1.1 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed mem leaks in NASL
- fixed a bug introduced in 1.1.0 regarding recv_line()
- fixed a bug introduced in 1.1.0 in the process management of the plugins
(all the KB would not be filled, resulting in incomplete tests)
- smb_sid2user.nasl is twice as fast ;)
1.1.0 :
. changes by Devin Kowatch (devink at SDSC.EDU) :
- fixed communication problem between client and server
- user-defined timing policy in nmap
- nessus-update-plugins uses wget (or any user-supplied command at
compilation time) if available.
. changes by Michel Arboi (arboi at bigfoot.com) :
- support for the -T option of nmap
- SSL support
. changes by Zorgon (zorgon at antionline.org) :
- support for the --os_guess option of nmap
. changes by Renaud Deraison (deraison at nessus.org) :
- the user can upload files to plugins through the client (ie: it is possible
to upload nmap's results directly to the nmap plugin)
- tests can be run in parallel now
- each user is now granted a home by nessus-adduser
- added nessus-rmuser
- per users plugins
Of course several new plugins were added as well.
2002-05-10 15:18:44 +02:00
|
|
|
lib/nessus/plugins/db2_dos.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/dbman_cgi.nasl
|
2001-12-30 19:38:53 +01:00
|
|
|
lib/nessus/plugins/dcetest.nasl
|
2001-01-28 19:52:32 +01:00
|
|
|
lib/nessus/plugins/dcforum.nasl
|
2001-12-30 19:38:53 +01:00
|
|
|
lib/nessus/plugins/dcshop_information_disclosure.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/deep_throat.nasl
|
|
|
|
lib/nessus/plugins/delegate_overflow.nasl
|
Update libnasl, nessus{-core,-libraries,-plugins} to 1.2.0.
1.1.15/1.2.0 :
. changes by Nicolas Dubee (ndubee@secway.com) :
- Better support for AF_UNIX sockets
. changes by Brian (bmc@snort.org) :
- CVE references
- several bugfixes in the plugins
. changes by Peter Gründl (pgrundl@kpmg.dk) and
Carsten Joergensen (carstenjoergensen@kpmg.dk) :
- Extensive review of the plugins and therefore numerous fixes
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- FD leak in save_kb.c fixed
. changes by Renaud Deraison (deraison at nessus.org)
- It is now possible to upload files to the server when using
the command line client
- lrand48() portability problems worked around
- fixed a bug in the report window that would make it crash
randomly
1.1.14 :
. changes by Renaud Deraison (deraison at nessus.org)
- SMB fixes (thanks to Michael Scheidell)
- When the safe checks option is enabled, dangerous tests with no
alternate code (ie: plugins of type ACT_DESTRUCTIVE_ATTACK and
ACT_DENIAL) are disabled
- Hosts can be designated by their MAC address of instead of their
IP address (mostly useful for DHCP networks)
- Fixed a bug in the report generation which would replace newlines (\n)
by semi-columns (;)
- Fixed a bug in the export of some types of reports, where open ports
with no data associated would not be saved
- Integrated THC's Hydra as a Nessus plugin
- Added new NT security checks (related to user management)
- Plugins of type ACT_SETTINGS can not be disabled
- Fixed a bug which would make nessusd hang when a scanner was reporting
too many open ports (as when a UDP scan reports all UDP ports as
being open)
. changes by Dion Stempfley (dion at riptech.com)
- The client can now filter on category
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- Fixed some plugins causing error messages in some circumstances
(dns_xfer.nasl, snmp_processes.nasl...)
- Stylish changes to prevent gcc -Wall from whining in some files
- XML NG output is now XML compliant
- Bug fixes
. changes by Jenni Scott (jenni.scott@guardent.com) and
Michael Slifcak (michael.slifcak@guardent.com) :
- Improved the reporting of the plugins (better consistency, better
wording)
1.1.13 :
. changes by Michel Arboi (arboi at algoriel.fr)
- New family ACT_SETTINGS dedicated to plugins which just let the user
enter some preferences
- Optional NIDS evasion techniques (url encoding, tcp slicing)
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug in the command line client which would make it ignore
some preferences
- SMB checks can now log into a Windows domain
- NIDS evasion techniques (data injection, short ttl)
- Fixed a bug which would randomly stall the scan
1.1.12 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workarounds on FreeBSD to prevent a kernel panic
(thanks to Michael Scheidell and Stefan Esser)
- nessus can export reports as other file formats again
1.1.11 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug regarding the saving of reports from the GUI
- Improved the backend in many ways (speed-wise, content-wise)
- Changes in the protocol
- More messages are sent between the server and the client (timestamps,
plugins version, ...)
- New .nbe file format, which looks like .nsr but has more information
in it
- Plugins now have versions numbers.
- The user can upload his plugins to the nessusd server from the client
- It is now possible to upload files to the server (ie: nmap's results) in
command-line mode
- Fixed false positives in SNMP plugins when launched against a non-configured
Solaris snmpd
. changes by Guillaume Valadon (guillaume at valadon.net)
- New XML output (the XML layout was defined by Lionel Cons [lionel.cons at cern.ch])
1.1.10 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug introduced in 1.1.9 which would sometimes prevent a user from
aborting an on-going test
- Fixed a bug in the client which would prevent the user from setting a port
range longer than 255 chars
- Fixed bugs in pcap_next() (thanks to Richard van den Berg). Also, pcap_next() is now more flexible.
- Fixed a bug in the command line client which would make it close the
communication too early when the client - server communication is not
ciphered
- Added an "auto-load dependencies at runtime" option
1.1.9 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fix in the GUI, when closing a saved report
- Fixed a bug in ftp_log_in() which would prevent nasl script from
logging into some FTP servers
- Solaris build problems fixed
- Darwin 1.4.1 build problems fixed
- MkLinux DR3 build problems fixed (is anyone using it anymore ?)
- GTK 1.0.x build problems fixed (the use of GTK 1.2 is recommended though)
- Fixed the "wrong call to getopt" problem which would make Nessus
segfault when built with cygwin, and which would prevent options
from working under Solaris & FreeBSD (thanks to Udo Schweigert)
- SMB checks speedup (thanks to Georges Dagousset's suggestion)
- Fixed a bug in the client - server communication that would make the
server close the communication when the client is idle
- Better support for AF_UNIX socket for client-server communication
(compile nessus-core with ./configure --enable-unix-socket)
- Plugins are disabled by default in batch mode
. changes by Michel Arboi (arboi at algoriel.fr)
- Client now properly checks the certificate of the server
. changes by Benoit Brodard (bbrodard at arkoon.net)
- fixed bugs in nasl/tcp.c (checksum, handling of unsigned int)
1.1.8 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workaround for systems with a low number of bpfs (OpenBSD, Darwin)
- Added some length checks for SMB checks
- No more zombies
- Fixed accounts.nes
- Fixed the reporting of the client (reports would be mixed)
- Client removes tempfiles when exiting
- Repaired ptyexecvp() which would not work on Solaris
- Slight bugfix in the NASL interpretor
. changes by Georges Dagousset (georges at alert4web.com)
- More optimizations
- Properly reloads KBs with the same value defined more than once
- Fixes in some plugins dependencies
. changes by Michael Slifcak <Michael.Slifcak at guardent.com>
- More nmap options
- Quiet mode in nessus-adduser
1.1.7 :
. changes by Renaud Deraison (deraison at nessus.org)
- Compiles on platforms without OpenSSL
- Better Solaris support
- Ported under Darwin (many thanks to Dieter Fiebelkorn
(dieter at fiebelkorn.net) who actually started the port and helped
me test this)
- Unscanned ports can now be considered as closed or open (instead of
just open), at user choice
- Upgraded to libtool 1.4.2
- fixed a bug in the client which would make it display the wrong report
when doing multiple scans
- enhanced the plugins filter (that appear when pressing 'l' in the GUI)
- fixed a serious problem in the SMB plugins which would prevent them to work
against Samba and which would make them slow against Windows (pointed out
by Georges Dagousset)
. changes by Iouri Pletnev (Iouri.Pletnec at xacta.com)
- Ported under Cygwin
. changes by Michel Arboi (arboi at algoriel.fr)
- Added nessus-mkrand for hosts with no /dev/random AND no EGD
running
1.1.6 :
. changes by Renaud Deraison (deraison at nessus.org)
- EGD support for OpenSSL (do ./configure --enable-egd=/path/to/egd/socket
in nessus-libraries)
- KB items are now stored with individual dates instead of a global
date for the whole KB file. Yes, this means you have to delete your
old KB files
- When an host could not be pinged, his KB is not altered (nor created)
- fixed memory leaks in nessusd
- nessus-mkcert checks that the certificates were really created
before congratulating the user
- fixed a security problem where anybody with a shell on the nessusd
host could log in
1.1.5 :
. changes by Georges Dagousset (georges.dagousset at alert4web.com) :
- new KB entries for further "optimizations"
- improved find_services.nes
. changes by Renaud Deraison (deraison at nessus.org) :
- cleaned up the KB
- added doc/kb_entries.txt
- bugfix in find_services regarding the pem password
- new reporting GUI
- fixed a problem which would leave some plugin run against a host
considered as dead
- the KB are now stored with properly escaped \n and \r chars
- greatly improved tcp_ping.nasl (and tcp_ping() in libnasl)
. changes by Michel Arboi (arboi at algoriel.fr) :
- replaced PEKS by OpenSSL in the client/server communication
. changes by H D Moore (hdm@secureaustin.com)
- fixed no404.nasl
1.1.4 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed find_services.nes
- plugins that are slow to finish are _really_ killed by the server
- the client better handles the scan of big networks
- nmap_wrapper now updates its progress bar
- nessus-update-plugins support proxies (with or without authentication)
- monitor_backend.c and data_mining.c allow any developer to plug
a database behind the client (by default flatfiles are used)
- bug fixed in nmap_wrapper which would make it kill its parent
process randomly
- minor fix in the tcp_ping() function of NASL (ack would be set
to non-zero for a syn packet)
- fixed Alexis's ftp_write_dirs.nes & ftp_bounce_scan.nes
. changes by Michel Arboi (arboi at noos.fr) :
- find_services accepts password-protected .pem files
- patches in the way files were transmitted between the client
and the server (which could end up in a deadlock)
. changes by Alexis de Bernis <alexisb at tpfh.org) :
- fixed ftp_write_dirs.nes
1.1.3 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'torturecgis.nasl' which supplies bogus args to
the remote CGIs, in order to find the most blantantly broken
ones
- webmirror.nasl now retrieves the list of arguments of each
CGI.
- added filter support in the client. Use the key 'l' to filter
out plugins you don't want to see.
- added the 'safe checks' option which allow the user to not disturb
the network (but which weakens the Nessus tests)
- disabled backward support for port 3001 - the official port
is 1241 now.
1.1.2 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'webmirror.nasl', which extracts the list of
CGIs used by a remote web server (and will do much more).
- fixed a problem in NASL due to the SSL patch that would cause
a fd leak with some plugins.
- added a new plugin category (ACT_DESTRUCTIVE_ATTACK) for plugins
that may harm the remote host.
- SSL certificates & key can be imported
- corrected a bug introduced in 1.1.0 that would make the client not display
the name of the plugin currently being run.
- sending signal SIGUSR1 to nessusd makes the grandfather process (the one
who listens on tcp ports) die without killing its children, thus
allowing a smooth upgrade of nessusd
- updated config.guess and config.sub
1.1.1 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed mem leaks in NASL
- fixed a bug introduced in 1.1.0 regarding recv_line()
- fixed a bug introduced in 1.1.0 in the process management of the plugins
(all the KB would not be filled, resulting in incomplete tests)
- smb_sid2user.nasl is twice as fast ;)
1.1.0 :
. changes by Devin Kowatch (devink at SDSC.EDU) :
- fixed communication problem between client and server
- user-defined timing policy in nmap
- nessus-update-plugins uses wget (or any user-supplied command at
compilation time) if available.
. changes by Michel Arboi (arboi at bigfoot.com) :
- support for the -T option of nmap
- SSL support
. changes by Zorgon (zorgon at antionline.org) :
- support for the --os_guess option of nmap
. changes by Renaud Deraison (deraison at nessus.org) :
- the user can upload files to plugins through the client (ie: it is possible
to upload nmap's results directly to the nmap plugin)
- tests can be run in parallel now
- each user is now granted a home by nessus-adduser
- added nessus-rmuser
- per users plugins
Of course several new plugins were added as well.
2002-05-10 15:18:44 +02:00
|
|
|
lib/nessus/plugins/deltaups_detect.nasl
|
2001-06-17 15:25:54 +02:00
|
|
|
lib/nessus/plugins/dhcp.nasl
|
2001-08-16 19:27:53 +02:00
|
|
|
lib/nessus/plugins/directorypro.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/dmail_overflow.nasl
|
2001-01-28 19:52:32 +01:00
|
|
|
lib/nessus/plugins/dns_xfer.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/doc_browsable.nasl
|
2000-11-12 05:32:02 +01:00
|
|
|
lib/nessus/plugins/doc_package_browseable.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/domino.nasl
|
2001-06-17 15:25:54 +02:00
|
|
|
lib/nessus/plugins/domino_default_db.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/domino_fs_config.nasl
|
|
|
|
lib/nessus/plugins/domino_http_dos.nasl
|
|
|
|
lib/nessus/plugins/dragon_ftp.nasl
|
|
|
|
lib/nessus/plugins/dragon_telnet.nasl
|
Update libnasl, nessus{-core,-libraries,-plugins} to 1.2.0.
1.1.15/1.2.0 :
. changes by Nicolas Dubee (ndubee@secway.com) :
- Better support for AF_UNIX sockets
. changes by Brian (bmc@snort.org) :
- CVE references
- several bugfixes in the plugins
. changes by Peter Gründl (pgrundl@kpmg.dk) and
Carsten Joergensen (carstenjoergensen@kpmg.dk) :
- Extensive review of the plugins and therefore numerous fixes
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- FD leak in save_kb.c fixed
. changes by Renaud Deraison (deraison at nessus.org)
- It is now possible to upload files to the server when using
the command line client
- lrand48() portability problems worked around
- fixed a bug in the report window that would make it crash
randomly
1.1.14 :
. changes by Renaud Deraison (deraison at nessus.org)
- SMB fixes (thanks to Michael Scheidell)
- When the safe checks option is enabled, dangerous tests with no
alternate code (ie: plugins of type ACT_DESTRUCTIVE_ATTACK and
ACT_DENIAL) are disabled
- Hosts can be designated by their MAC address of instead of their
IP address (mostly useful for DHCP networks)
- Fixed a bug in the report generation which would replace newlines (\n)
by semi-columns (;)
- Fixed a bug in the export of some types of reports, where open ports
with no data associated would not be saved
- Integrated THC's Hydra as a Nessus plugin
- Added new NT security checks (related to user management)
- Plugins of type ACT_SETTINGS can not be disabled
- Fixed a bug which would make nessusd hang when a scanner was reporting
too many open ports (as when a UDP scan reports all UDP ports as
being open)
. changes by Dion Stempfley (dion at riptech.com)
- The client can now filter on category
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- Fixed some plugins causing error messages in some circumstances
(dns_xfer.nasl, snmp_processes.nasl...)
- Stylish changes to prevent gcc -Wall from whining in some files
- XML NG output is now XML compliant
- Bug fixes
. changes by Jenni Scott (jenni.scott@guardent.com) and
Michael Slifcak (michael.slifcak@guardent.com) :
- Improved the reporting of the plugins (better consistency, better
wording)
1.1.13 :
. changes by Michel Arboi (arboi at algoriel.fr)
- New family ACT_SETTINGS dedicated to plugins which just let the user
enter some preferences
- Optional NIDS evasion techniques (url encoding, tcp slicing)
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug in the command line client which would make it ignore
some preferences
- SMB checks can now log into a Windows domain
- NIDS evasion techniques (data injection, short ttl)
- Fixed a bug which would randomly stall the scan
1.1.12 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workarounds on FreeBSD to prevent a kernel panic
(thanks to Michael Scheidell and Stefan Esser)
- nessus can export reports as other file formats again
1.1.11 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug regarding the saving of reports from the GUI
- Improved the backend in many ways (speed-wise, content-wise)
- Changes in the protocol
- More messages are sent between the server and the client (timestamps,
plugins version, ...)
- New .nbe file format, which looks like .nsr but has more information
in it
- Plugins now have versions numbers.
- The user can upload his plugins to the nessusd server from the client
- It is now possible to upload files to the server (ie: nmap's results) in
command-line mode
- Fixed false positives in SNMP plugins when launched against a non-configured
Solaris snmpd
. changes by Guillaume Valadon (guillaume at valadon.net)
- New XML output (the XML layout was defined by Lionel Cons [lionel.cons at cern.ch])
1.1.10 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug introduced in 1.1.9 which would sometimes prevent a user from
aborting an on-going test
- Fixed a bug in the client which would prevent the user from setting a port
range longer than 255 chars
- Fixed bugs in pcap_next() (thanks to Richard van den Berg). Also, pcap_next() is now more flexible.
- Fixed a bug in the command line client which would make it close the
communication too early when the client - server communication is not
ciphered
- Added an "auto-load dependencies at runtime" option
1.1.9 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fix in the GUI, when closing a saved report
- Fixed a bug in ftp_log_in() which would prevent nasl script from
logging into some FTP servers
- Solaris build problems fixed
- Darwin 1.4.1 build problems fixed
- MkLinux DR3 build problems fixed (is anyone using it anymore ?)
- GTK 1.0.x build problems fixed (the use of GTK 1.2 is recommended though)
- Fixed the "wrong call to getopt" problem which would make Nessus
segfault when built with cygwin, and which would prevent options
from working under Solaris & FreeBSD (thanks to Udo Schweigert)
- SMB checks speedup (thanks to Georges Dagousset's suggestion)
- Fixed a bug in the client - server communication that would make the
server close the communication when the client is idle
- Better support for AF_UNIX socket for client-server communication
(compile nessus-core with ./configure --enable-unix-socket)
- Plugins are disabled by default in batch mode
. changes by Michel Arboi (arboi at algoriel.fr)
- Client now properly checks the certificate of the server
. changes by Benoit Brodard (bbrodard at arkoon.net)
- fixed bugs in nasl/tcp.c (checksum, handling of unsigned int)
1.1.8 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workaround for systems with a low number of bpfs (OpenBSD, Darwin)
- Added some length checks for SMB checks
- No more zombies
- Fixed accounts.nes
- Fixed the reporting of the client (reports would be mixed)
- Client removes tempfiles when exiting
- Repaired ptyexecvp() which would not work on Solaris
- Slight bugfix in the NASL interpretor
. changes by Georges Dagousset (georges at alert4web.com)
- More optimizations
- Properly reloads KBs with the same value defined more than once
- Fixes in some plugins dependencies
. changes by Michael Slifcak <Michael.Slifcak at guardent.com>
- More nmap options
- Quiet mode in nessus-adduser
1.1.7 :
. changes by Renaud Deraison (deraison at nessus.org)
- Compiles on platforms without OpenSSL
- Better Solaris support
- Ported under Darwin (many thanks to Dieter Fiebelkorn
(dieter at fiebelkorn.net) who actually started the port and helped
me test this)
- Unscanned ports can now be considered as closed or open (instead of
just open), at user choice
- Upgraded to libtool 1.4.2
- fixed a bug in the client which would make it display the wrong report
when doing multiple scans
- enhanced the plugins filter (that appear when pressing 'l' in the GUI)
- fixed a serious problem in the SMB plugins which would prevent them to work
against Samba and which would make them slow against Windows (pointed out
by Georges Dagousset)
. changes by Iouri Pletnev (Iouri.Pletnec at xacta.com)
- Ported under Cygwin
. changes by Michel Arboi (arboi at algoriel.fr)
- Added nessus-mkrand for hosts with no /dev/random AND no EGD
running
1.1.6 :
. changes by Renaud Deraison (deraison at nessus.org)
- EGD support for OpenSSL (do ./configure --enable-egd=/path/to/egd/socket
in nessus-libraries)
- KB items are now stored with individual dates instead of a global
date for the whole KB file. Yes, this means you have to delete your
old KB files
- When an host could not be pinged, his KB is not altered (nor created)
- fixed memory leaks in nessusd
- nessus-mkcert checks that the certificates were really created
before congratulating the user
- fixed a security problem where anybody with a shell on the nessusd
host could log in
1.1.5 :
. changes by Georges Dagousset (georges.dagousset at alert4web.com) :
- new KB entries for further "optimizations"
- improved find_services.nes
. changes by Renaud Deraison (deraison at nessus.org) :
- cleaned up the KB
- added doc/kb_entries.txt
- bugfix in find_services regarding the pem password
- new reporting GUI
- fixed a problem which would leave some plugin run against a host
considered as dead
- the KB are now stored with properly escaped \n and \r chars
- greatly improved tcp_ping.nasl (and tcp_ping() in libnasl)
. changes by Michel Arboi (arboi at algoriel.fr) :
- replaced PEKS by OpenSSL in the client/server communication
. changes by H D Moore (hdm@secureaustin.com)
- fixed no404.nasl
1.1.4 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed find_services.nes
- plugins that are slow to finish are _really_ killed by the server
- the client better handles the scan of big networks
- nmap_wrapper now updates its progress bar
- nessus-update-plugins support proxies (with or without authentication)
- monitor_backend.c and data_mining.c allow any developer to plug
a database behind the client (by default flatfiles are used)
- bug fixed in nmap_wrapper which would make it kill its parent
process randomly
- minor fix in the tcp_ping() function of NASL (ack would be set
to non-zero for a syn packet)
- fixed Alexis's ftp_write_dirs.nes & ftp_bounce_scan.nes
. changes by Michel Arboi (arboi at noos.fr) :
- find_services accepts password-protected .pem files
- patches in the way files were transmitted between the client
and the server (which could end up in a deadlock)
. changes by Alexis de Bernis <alexisb at tpfh.org) :
- fixed ftp_write_dirs.nes
1.1.3 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'torturecgis.nasl' which supplies bogus args to
the remote CGIs, in order to find the most blantantly broken
ones
- webmirror.nasl now retrieves the list of arguments of each
CGI.
- added filter support in the client. Use the key 'l' to filter
out plugins you don't want to see.
- added the 'safe checks' option which allow the user to not disturb
the network (but which weakens the Nessus tests)
- disabled backward support for port 3001 - the official port
is 1241 now.
1.1.2 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'webmirror.nasl', which extracts the list of
CGIs used by a remote web server (and will do much more).
- fixed a problem in NASL due to the SSL patch that would cause
a fd leak with some plugins.
- added a new plugin category (ACT_DESTRUCTIVE_ATTACK) for plugins
that may harm the remote host.
- SSL certificates & key can be imported
- corrected a bug introduced in 1.1.0 that would make the client not display
the name of the plugin currently being run.
- sending signal SIGUSR1 to nessusd makes the grandfather process (the one
who listens on tcp ports) die without killing its children, thus
allowing a smooth upgrade of nessusd
- updated config.guess and config.sub
1.1.1 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed mem leaks in NASL
- fixed a bug introduced in 1.1.0 regarding recv_line()
- fixed a bug introduced in 1.1.0 in the process management of the plugins
(all the KB would not be filled, resulting in incomplete tests)
- smb_sid2user.nasl is twice as fast ;)
1.1.0 :
. changes by Devin Kowatch (devink at SDSC.EDU) :
- fixed communication problem between client and server
- user-defined timing policy in nmap
- nessus-update-plugins uses wget (or any user-supplied command at
compilation time) if available.
. changes by Michel Arboi (arboi at bigfoot.com) :
- support for the -T option of nmap
- SSL support
. changes by Zorgon (zorgon at antionline.org) :
- support for the --os_guess option of nmap
. changes by Renaud Deraison (deraison at nessus.org) :
- the user can upload files to plugins through the client (ie: it is possible
to upload nmap's results directly to the nmap plugin)
- tests can be run in parallel now
- each user is now granted a home by nessus-adduser
- added nessus-rmuser
- per users plugins
Of course several new plugins were added as well.
2002-05-10 15:18:44 +02:00
|
|
|
lib/nessus/plugins/dtspcd.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/dumpenv.nasl
|
|
|
|
lib/nessus/plugins/echo.nasl
|
Update libnasl, nessus{-core,-libraries,-plugins} to 1.2.0.
1.1.15/1.2.0 :
. changes by Nicolas Dubee (ndubee@secway.com) :
- Better support for AF_UNIX sockets
. changes by Brian (bmc@snort.org) :
- CVE references
- several bugfixes in the plugins
. changes by Peter Gründl (pgrundl@kpmg.dk) and
Carsten Joergensen (carstenjoergensen@kpmg.dk) :
- Extensive review of the plugins and therefore numerous fixes
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- FD leak in save_kb.c fixed
. changes by Renaud Deraison (deraison at nessus.org)
- It is now possible to upload files to the server when using
the command line client
- lrand48() portability problems worked around
- fixed a bug in the report window that would make it crash
randomly
1.1.14 :
. changes by Renaud Deraison (deraison at nessus.org)
- SMB fixes (thanks to Michael Scheidell)
- When the safe checks option is enabled, dangerous tests with no
alternate code (ie: plugins of type ACT_DESTRUCTIVE_ATTACK and
ACT_DENIAL) are disabled
- Hosts can be designated by their MAC address of instead of their
IP address (mostly useful for DHCP networks)
- Fixed a bug in the report generation which would replace newlines (\n)
by semi-columns (;)
- Fixed a bug in the export of some types of reports, where open ports
with no data associated would not be saved
- Integrated THC's Hydra as a Nessus plugin
- Added new NT security checks (related to user management)
- Plugins of type ACT_SETTINGS can not be disabled
- Fixed a bug which would make nessusd hang when a scanner was reporting
too many open ports (as when a UDP scan reports all UDP ports as
being open)
. changes by Dion Stempfley (dion at riptech.com)
- The client can now filter on category
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- Fixed some plugins causing error messages in some circumstances
(dns_xfer.nasl, snmp_processes.nasl...)
- Stylish changes to prevent gcc -Wall from whining in some files
- XML NG output is now XML compliant
- Bug fixes
. changes by Jenni Scott (jenni.scott@guardent.com) and
Michael Slifcak (michael.slifcak@guardent.com) :
- Improved the reporting of the plugins (better consistency, better
wording)
1.1.13 :
. changes by Michel Arboi (arboi at algoriel.fr)
- New family ACT_SETTINGS dedicated to plugins which just let the user
enter some preferences
- Optional NIDS evasion techniques (url encoding, tcp slicing)
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug in the command line client which would make it ignore
some preferences
- SMB checks can now log into a Windows domain
- NIDS evasion techniques (data injection, short ttl)
- Fixed a bug which would randomly stall the scan
1.1.12 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workarounds on FreeBSD to prevent a kernel panic
(thanks to Michael Scheidell and Stefan Esser)
- nessus can export reports as other file formats again
1.1.11 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug regarding the saving of reports from the GUI
- Improved the backend in many ways (speed-wise, content-wise)
- Changes in the protocol
- More messages are sent between the server and the client (timestamps,
plugins version, ...)
- New .nbe file format, which looks like .nsr but has more information
in it
- Plugins now have versions numbers.
- The user can upload his plugins to the nessusd server from the client
- It is now possible to upload files to the server (ie: nmap's results) in
command-line mode
- Fixed false positives in SNMP plugins when launched against a non-configured
Solaris snmpd
. changes by Guillaume Valadon (guillaume at valadon.net)
- New XML output (the XML layout was defined by Lionel Cons [lionel.cons at cern.ch])
1.1.10 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug introduced in 1.1.9 which would sometimes prevent a user from
aborting an on-going test
- Fixed a bug in the client which would prevent the user from setting a port
range longer than 255 chars
- Fixed bugs in pcap_next() (thanks to Richard van den Berg). Also, pcap_next() is now more flexible.
- Fixed a bug in the command line client which would make it close the
communication too early when the client - server communication is not
ciphered
- Added an "auto-load dependencies at runtime" option
1.1.9 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fix in the GUI, when closing a saved report
- Fixed a bug in ftp_log_in() which would prevent nasl script from
logging into some FTP servers
- Solaris build problems fixed
- Darwin 1.4.1 build problems fixed
- MkLinux DR3 build problems fixed (is anyone using it anymore ?)
- GTK 1.0.x build problems fixed (the use of GTK 1.2 is recommended though)
- Fixed the "wrong call to getopt" problem which would make Nessus
segfault when built with cygwin, and which would prevent options
from working under Solaris & FreeBSD (thanks to Udo Schweigert)
- SMB checks speedup (thanks to Georges Dagousset's suggestion)
- Fixed a bug in the client - server communication that would make the
server close the communication when the client is idle
- Better support for AF_UNIX socket for client-server communication
(compile nessus-core with ./configure --enable-unix-socket)
- Plugins are disabled by default in batch mode
. changes by Michel Arboi (arboi at algoriel.fr)
- Client now properly checks the certificate of the server
. changes by Benoit Brodard (bbrodard at arkoon.net)
- fixed bugs in nasl/tcp.c (checksum, handling of unsigned int)
1.1.8 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workaround for systems with a low number of bpfs (OpenBSD, Darwin)
- Added some length checks for SMB checks
- No more zombies
- Fixed accounts.nes
- Fixed the reporting of the client (reports would be mixed)
- Client removes tempfiles when exiting
- Repaired ptyexecvp() which would not work on Solaris
- Slight bugfix in the NASL interpretor
. changes by Georges Dagousset (georges at alert4web.com)
- More optimizations
- Properly reloads KBs with the same value defined more than once
- Fixes in some plugins dependencies
. changes by Michael Slifcak <Michael.Slifcak at guardent.com>
- More nmap options
- Quiet mode in nessus-adduser
1.1.7 :
. changes by Renaud Deraison (deraison at nessus.org)
- Compiles on platforms without OpenSSL
- Better Solaris support
- Ported under Darwin (many thanks to Dieter Fiebelkorn
(dieter at fiebelkorn.net) who actually started the port and helped
me test this)
- Unscanned ports can now be considered as closed or open (instead of
just open), at user choice
- Upgraded to libtool 1.4.2
- fixed a bug in the client which would make it display the wrong report
when doing multiple scans
- enhanced the plugins filter (that appear when pressing 'l' in the GUI)
- fixed a serious problem in the SMB plugins which would prevent them to work
against Samba and which would make them slow against Windows (pointed out
by Georges Dagousset)
. changes by Iouri Pletnev (Iouri.Pletnec at xacta.com)
- Ported under Cygwin
. changes by Michel Arboi (arboi at algoriel.fr)
- Added nessus-mkrand for hosts with no /dev/random AND no EGD
running
1.1.6 :
. changes by Renaud Deraison (deraison at nessus.org)
- EGD support for OpenSSL (do ./configure --enable-egd=/path/to/egd/socket
in nessus-libraries)
- KB items are now stored with individual dates instead of a global
date for the whole KB file. Yes, this means you have to delete your
old KB files
- When an host could not be pinged, his KB is not altered (nor created)
- fixed memory leaks in nessusd
- nessus-mkcert checks that the certificates were really created
before congratulating the user
- fixed a security problem where anybody with a shell on the nessusd
host could log in
1.1.5 :
. changes by Georges Dagousset (georges.dagousset at alert4web.com) :
- new KB entries for further "optimizations"
- improved find_services.nes
. changes by Renaud Deraison (deraison at nessus.org) :
- cleaned up the KB
- added doc/kb_entries.txt
- bugfix in find_services regarding the pem password
- new reporting GUI
- fixed a problem which would leave some plugin run against a host
considered as dead
- the KB are now stored with properly escaped \n and \r chars
- greatly improved tcp_ping.nasl (and tcp_ping() in libnasl)
. changes by Michel Arboi (arboi at algoriel.fr) :
- replaced PEKS by OpenSSL in the client/server communication
. changes by H D Moore (hdm@secureaustin.com)
- fixed no404.nasl
1.1.4 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed find_services.nes
- plugins that are slow to finish are _really_ killed by the server
- the client better handles the scan of big networks
- nmap_wrapper now updates its progress bar
- nessus-update-plugins support proxies (with or without authentication)
- monitor_backend.c and data_mining.c allow any developer to plug
a database behind the client (by default flatfiles are used)
- bug fixed in nmap_wrapper which would make it kill its parent
process randomly
- minor fix in the tcp_ping() function of NASL (ack would be set
to non-zero for a syn packet)
- fixed Alexis's ftp_write_dirs.nes & ftp_bounce_scan.nes
. changes by Michel Arboi (arboi at noos.fr) :
- find_services accepts password-protected .pem files
- patches in the way files were transmitted between the client
and the server (which could end up in a deadlock)
. changes by Alexis de Bernis <alexisb at tpfh.org) :
- fixed ftp_write_dirs.nes
1.1.3 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'torturecgis.nasl' which supplies bogus args to
the remote CGIs, in order to find the most blantantly broken
ones
- webmirror.nasl now retrieves the list of arguments of each
CGI.
- added filter support in the client. Use the key 'l' to filter
out plugins you don't want to see.
- added the 'safe checks' option which allow the user to not disturb
the network (but which weakens the Nessus tests)
- disabled backward support for port 3001 - the official port
is 1241 now.
1.1.2 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'webmirror.nasl', which extracts the list of
CGIs used by a remote web server (and will do much more).
- fixed a problem in NASL due to the SSL patch that would cause
a fd leak with some plugins.
- added a new plugin category (ACT_DESTRUCTIVE_ATTACK) for plugins
that may harm the remote host.
- SSL certificates & key can be imported
- corrected a bug introduced in 1.1.0 that would make the client not display
the name of the plugin currently being run.
- sending signal SIGUSR1 to nessusd makes the grandfather process (the one
who listens on tcp ports) die without killing its children, thus
allowing a smooth upgrade of nessusd
- updated config.guess and config.sub
1.1.1 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed mem leaks in NASL
- fixed a bug introduced in 1.1.0 regarding recv_line()
- fixed a bug introduced in 1.1.0 in the process management of the plugins
(all the KB would not be filled, resulting in incomplete tests)
- smb_sid2user.nasl is twice as fast ;)
1.1.0 :
. changes by Devin Kowatch (devink at SDSC.EDU) :
- fixed communication problem between client and server
- user-defined timing policy in nmap
- nessus-update-plugins uses wget (or any user-supplied command at
compilation time) if available.
. changes by Michel Arboi (arboi at bigfoot.com) :
- support for the -T option of nmap
- SSL support
. changes by Zorgon (zorgon at antionline.org) :
- support for the --os_guess option of nmap
. changes by Renaud Deraison (deraison at nessus.org) :
- the user can upload files to plugins through the client (ie: it is possible
to upload nmap's results directly to the nmap plugin)
- tests can be run in parallel now
- each user is now granted a home by nessus-adduser
- added nessus-rmuser
- per users plugins
Of course several new plugins were added as well.
2002-05-10 15:18:44 +02:00
|
|
|
lib/nessus/plugins/eftp_bufferoverflow.nasl
|
|
|
|
lib/nessus/plugins/eftp_directory_traversal.nasl
|
2000-10-15 19:19:49 +02:00
|
|
|
lib/nessus/plugins/eftp_dos.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/eicon_modem_dos.nasl
|
2001-06-17 15:25:54 +02:00
|
|
|
lib/nessus/plugins/empower_path.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/eserv.nasl
|
2001-12-30 19:38:53 +01:00
|
|
|
lib/nessus/plugins/eshop_information_disclosure.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/eviewer.nasl
|
2001-01-28 19:52:32 +01:00
|
|
|
lib/nessus/plugins/ewave_servlet_upload.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/ews.nasl
|
2001-01-28 19:52:32 +01:00
|
|
|
lib/nessus/plugins/exchange_dos.nasl
|
2001-12-30 19:38:53 +01:00
|
|
|
lib/nessus/plugins/exchange_public_folders_information_leak.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/ezshopper.nasl
|
|
|
|
lib/nessus/plugins/fakebo.nasl
|
Update libnasl, nessus{-core,-libraries,-plugins} to 1.2.0.
1.1.15/1.2.0 :
. changes by Nicolas Dubee (ndubee@secway.com) :
- Better support for AF_UNIX sockets
. changes by Brian (bmc@snort.org) :
- CVE references
- several bugfixes in the plugins
. changes by Peter Gründl (pgrundl@kpmg.dk) and
Carsten Joergensen (carstenjoergensen@kpmg.dk) :
- Extensive review of the plugins and therefore numerous fixes
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- FD leak in save_kb.c fixed
. changes by Renaud Deraison (deraison at nessus.org)
- It is now possible to upload files to the server when using
the command line client
- lrand48() portability problems worked around
- fixed a bug in the report window that would make it crash
randomly
1.1.14 :
. changes by Renaud Deraison (deraison at nessus.org)
- SMB fixes (thanks to Michael Scheidell)
- When the safe checks option is enabled, dangerous tests with no
alternate code (ie: plugins of type ACT_DESTRUCTIVE_ATTACK and
ACT_DENIAL) are disabled
- Hosts can be designated by their MAC address of instead of their
IP address (mostly useful for DHCP networks)
- Fixed a bug in the report generation which would replace newlines (\n)
by semi-columns (;)
- Fixed a bug in the export of some types of reports, where open ports
with no data associated would not be saved
- Integrated THC's Hydra as a Nessus plugin
- Added new NT security checks (related to user management)
- Plugins of type ACT_SETTINGS can not be disabled
- Fixed a bug which would make nessusd hang when a scanner was reporting
too many open ports (as when a UDP scan reports all UDP ports as
being open)
. changes by Dion Stempfley (dion at riptech.com)
- The client can now filter on category
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- Fixed some plugins causing error messages in some circumstances
(dns_xfer.nasl, snmp_processes.nasl...)
- Stylish changes to prevent gcc -Wall from whining in some files
- XML NG output is now XML compliant
- Bug fixes
. changes by Jenni Scott (jenni.scott@guardent.com) and
Michael Slifcak (michael.slifcak@guardent.com) :
- Improved the reporting of the plugins (better consistency, better
wording)
1.1.13 :
. changes by Michel Arboi (arboi at algoriel.fr)
- New family ACT_SETTINGS dedicated to plugins which just let the user
enter some preferences
- Optional NIDS evasion techniques (url encoding, tcp slicing)
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug in the command line client which would make it ignore
some preferences
- SMB checks can now log into a Windows domain
- NIDS evasion techniques (data injection, short ttl)
- Fixed a bug which would randomly stall the scan
1.1.12 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workarounds on FreeBSD to prevent a kernel panic
(thanks to Michael Scheidell and Stefan Esser)
- nessus can export reports as other file formats again
1.1.11 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug regarding the saving of reports from the GUI
- Improved the backend in many ways (speed-wise, content-wise)
- Changes in the protocol
- More messages are sent between the server and the client (timestamps,
plugins version, ...)
- New .nbe file format, which looks like .nsr but has more information
in it
- Plugins now have versions numbers.
- The user can upload his plugins to the nessusd server from the client
- It is now possible to upload files to the server (ie: nmap's results) in
command-line mode
- Fixed false positives in SNMP plugins when launched against a non-configured
Solaris snmpd
. changes by Guillaume Valadon (guillaume at valadon.net)
- New XML output (the XML layout was defined by Lionel Cons [lionel.cons at cern.ch])
1.1.10 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug introduced in 1.1.9 which would sometimes prevent a user from
aborting an on-going test
- Fixed a bug in the client which would prevent the user from setting a port
range longer than 255 chars
- Fixed bugs in pcap_next() (thanks to Richard van den Berg). Also, pcap_next() is now more flexible.
- Fixed a bug in the command line client which would make it close the
communication too early when the client - server communication is not
ciphered
- Added an "auto-load dependencies at runtime" option
1.1.9 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fix in the GUI, when closing a saved report
- Fixed a bug in ftp_log_in() which would prevent nasl script from
logging into some FTP servers
- Solaris build problems fixed
- Darwin 1.4.1 build problems fixed
- MkLinux DR3 build problems fixed (is anyone using it anymore ?)
- GTK 1.0.x build problems fixed (the use of GTK 1.2 is recommended though)
- Fixed the "wrong call to getopt" problem which would make Nessus
segfault when built with cygwin, and which would prevent options
from working under Solaris & FreeBSD (thanks to Udo Schweigert)
- SMB checks speedup (thanks to Georges Dagousset's suggestion)
- Fixed a bug in the client - server communication that would make the
server close the communication when the client is idle
- Better support for AF_UNIX socket for client-server communication
(compile nessus-core with ./configure --enable-unix-socket)
- Plugins are disabled by default in batch mode
. changes by Michel Arboi (arboi at algoriel.fr)
- Client now properly checks the certificate of the server
. changes by Benoit Brodard (bbrodard at arkoon.net)
- fixed bugs in nasl/tcp.c (checksum, handling of unsigned int)
1.1.8 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workaround for systems with a low number of bpfs (OpenBSD, Darwin)
- Added some length checks for SMB checks
- No more zombies
- Fixed accounts.nes
- Fixed the reporting of the client (reports would be mixed)
- Client removes tempfiles when exiting
- Repaired ptyexecvp() which would not work on Solaris
- Slight bugfix in the NASL interpretor
. changes by Georges Dagousset (georges at alert4web.com)
- More optimizations
- Properly reloads KBs with the same value defined more than once
- Fixes in some plugins dependencies
. changes by Michael Slifcak <Michael.Slifcak at guardent.com>
- More nmap options
- Quiet mode in nessus-adduser
1.1.7 :
. changes by Renaud Deraison (deraison at nessus.org)
- Compiles on platforms without OpenSSL
- Better Solaris support
- Ported under Darwin (many thanks to Dieter Fiebelkorn
(dieter at fiebelkorn.net) who actually started the port and helped
me test this)
- Unscanned ports can now be considered as closed or open (instead of
just open), at user choice
- Upgraded to libtool 1.4.2
- fixed a bug in the client which would make it display the wrong report
when doing multiple scans
- enhanced the plugins filter (that appear when pressing 'l' in the GUI)
- fixed a serious problem in the SMB plugins which would prevent them to work
against Samba and which would make them slow against Windows (pointed out
by Georges Dagousset)
. changes by Iouri Pletnev (Iouri.Pletnec at xacta.com)
- Ported under Cygwin
. changes by Michel Arboi (arboi at algoriel.fr)
- Added nessus-mkrand for hosts with no /dev/random AND no EGD
running
1.1.6 :
. changes by Renaud Deraison (deraison at nessus.org)
- EGD support for OpenSSL (do ./configure --enable-egd=/path/to/egd/socket
in nessus-libraries)
- KB items are now stored with individual dates instead of a global
date for the whole KB file. Yes, this means you have to delete your
old KB files
- When an host could not be pinged, his KB is not altered (nor created)
- fixed memory leaks in nessusd
- nessus-mkcert checks that the certificates were really created
before congratulating the user
- fixed a security problem where anybody with a shell on the nessusd
host could log in
1.1.5 :
. changes by Georges Dagousset (georges.dagousset at alert4web.com) :
- new KB entries for further "optimizations"
- improved find_services.nes
. changes by Renaud Deraison (deraison at nessus.org) :
- cleaned up the KB
- added doc/kb_entries.txt
- bugfix in find_services regarding the pem password
- new reporting GUI
- fixed a problem which would leave some plugin run against a host
considered as dead
- the KB are now stored with properly escaped \n and \r chars
- greatly improved tcp_ping.nasl (and tcp_ping() in libnasl)
. changes by Michel Arboi (arboi at algoriel.fr) :
- replaced PEKS by OpenSSL in the client/server communication
. changes by H D Moore (hdm@secureaustin.com)
- fixed no404.nasl
1.1.4 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed find_services.nes
- plugins that are slow to finish are _really_ killed by the server
- the client better handles the scan of big networks
- nmap_wrapper now updates its progress bar
- nessus-update-plugins support proxies (with or without authentication)
- monitor_backend.c and data_mining.c allow any developer to plug
a database behind the client (by default flatfiles are used)
- bug fixed in nmap_wrapper which would make it kill its parent
process randomly
- minor fix in the tcp_ping() function of NASL (ack would be set
to non-zero for a syn packet)
- fixed Alexis's ftp_write_dirs.nes & ftp_bounce_scan.nes
. changes by Michel Arboi (arboi at noos.fr) :
- find_services accepts password-protected .pem files
- patches in the way files were transmitted between the client
and the server (which could end up in a deadlock)
. changes by Alexis de Bernis <alexisb at tpfh.org) :
- fixed ftp_write_dirs.nes
1.1.3 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'torturecgis.nasl' which supplies bogus args to
the remote CGIs, in order to find the most blantantly broken
ones
- webmirror.nasl now retrieves the list of arguments of each
CGI.
- added filter support in the client. Use the key 'l' to filter
out plugins you don't want to see.
- added the 'safe checks' option which allow the user to not disturb
the network (but which weakens the Nessus tests)
- disabled backward support for port 3001 - the official port
is 1241 now.
1.1.2 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'webmirror.nasl', which extracts the list of
CGIs used by a remote web server (and will do much more).
- fixed a problem in NASL due to the SSL patch that would cause
a fd leak with some plugins.
- added a new plugin category (ACT_DESTRUCTIVE_ATTACK) for plugins
that may harm the remote host.
- SSL certificates & key can be imported
- corrected a bug introduced in 1.1.0 that would make the client not display
the name of the plugin currently being run.
- sending signal SIGUSR1 to nessusd makes the grandfather process (the one
who listens on tcp ports) die without killing its children, thus
allowing a smooth upgrade of nessusd
- updated config.guess and config.sub
1.1.1 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed mem leaks in NASL
- fixed a bug introduced in 1.1.0 regarding recv_line()
- fixed a bug introduced in 1.1.0 in the process management of the plugins
(all the KB would not be filled, resulting in incomplete tests)
- smb_sid2user.nasl is twice as fast ;)
1.1.0 :
. changes by Devin Kowatch (devink at SDSC.EDU) :
- fixed communication problem between client and server
- user-defined timing policy in nmap
- nessus-update-plugins uses wget (or any user-supplied command at
compilation time) if available.
. changes by Michel Arboi (arboi at bigfoot.com) :
- support for the -T option of nmap
- SSL support
. changes by Zorgon (zorgon at antionline.org) :
- support for the --os_guess option of nmap
. changes by Renaud Deraison (deraison at nessus.org) :
- the user can upload files to plugins through the client (ie: it is possible
to upload nmap's results directly to the nmap plugin)
- tests can be run in parallel now
- each user is now granted a home by nessus-adduser
- added nessus-rmuser
- per users plugins
Of course several new plugins were added as well.
2002-05-10 15:18:44 +02:00
|
|
|
lib/nessus/plugins/faqmanager.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/faxsurvey.nasl
|
Update libnasl, nessus{-core,-libraries,-plugins} to 1.2.0.
1.1.15/1.2.0 :
. changes by Nicolas Dubee (ndubee@secway.com) :
- Better support for AF_UNIX sockets
. changes by Brian (bmc@snort.org) :
- CVE references
- several bugfixes in the plugins
. changes by Peter Gründl (pgrundl@kpmg.dk) and
Carsten Joergensen (carstenjoergensen@kpmg.dk) :
- Extensive review of the plugins and therefore numerous fixes
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- FD leak in save_kb.c fixed
. changes by Renaud Deraison (deraison at nessus.org)
- It is now possible to upload files to the server when using
the command line client
- lrand48() portability problems worked around
- fixed a bug in the report window that would make it crash
randomly
1.1.14 :
. changes by Renaud Deraison (deraison at nessus.org)
- SMB fixes (thanks to Michael Scheidell)
- When the safe checks option is enabled, dangerous tests with no
alternate code (ie: plugins of type ACT_DESTRUCTIVE_ATTACK and
ACT_DENIAL) are disabled
- Hosts can be designated by their MAC address of instead of their
IP address (mostly useful for DHCP networks)
- Fixed a bug in the report generation which would replace newlines (\n)
by semi-columns (;)
- Fixed a bug in the export of some types of reports, where open ports
with no data associated would not be saved
- Integrated THC's Hydra as a Nessus plugin
- Added new NT security checks (related to user management)
- Plugins of type ACT_SETTINGS can not be disabled
- Fixed a bug which would make nessusd hang when a scanner was reporting
too many open ports (as when a UDP scan reports all UDP ports as
being open)
. changes by Dion Stempfley (dion at riptech.com)
- The client can now filter on category
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- Fixed some plugins causing error messages in some circumstances
(dns_xfer.nasl, snmp_processes.nasl...)
- Stylish changes to prevent gcc -Wall from whining in some files
- XML NG output is now XML compliant
- Bug fixes
. changes by Jenni Scott (jenni.scott@guardent.com) and
Michael Slifcak (michael.slifcak@guardent.com) :
- Improved the reporting of the plugins (better consistency, better
wording)
1.1.13 :
. changes by Michel Arboi (arboi at algoriel.fr)
- New family ACT_SETTINGS dedicated to plugins which just let the user
enter some preferences
- Optional NIDS evasion techniques (url encoding, tcp slicing)
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug in the command line client which would make it ignore
some preferences
- SMB checks can now log into a Windows domain
- NIDS evasion techniques (data injection, short ttl)
- Fixed a bug which would randomly stall the scan
1.1.12 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workarounds on FreeBSD to prevent a kernel panic
(thanks to Michael Scheidell and Stefan Esser)
- nessus can export reports as other file formats again
1.1.11 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug regarding the saving of reports from the GUI
- Improved the backend in many ways (speed-wise, content-wise)
- Changes in the protocol
- More messages are sent between the server and the client (timestamps,
plugins version, ...)
- New .nbe file format, which looks like .nsr but has more information
in it
- Plugins now have versions numbers.
- The user can upload his plugins to the nessusd server from the client
- It is now possible to upload files to the server (ie: nmap's results) in
command-line mode
- Fixed false positives in SNMP plugins when launched against a non-configured
Solaris snmpd
. changes by Guillaume Valadon (guillaume at valadon.net)
- New XML output (the XML layout was defined by Lionel Cons [lionel.cons at cern.ch])
1.1.10 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug introduced in 1.1.9 which would sometimes prevent a user from
aborting an on-going test
- Fixed a bug in the client which would prevent the user from setting a port
range longer than 255 chars
- Fixed bugs in pcap_next() (thanks to Richard van den Berg). Also, pcap_next() is now more flexible.
- Fixed a bug in the command line client which would make it close the
communication too early when the client - server communication is not
ciphered
- Added an "auto-load dependencies at runtime" option
1.1.9 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fix in the GUI, when closing a saved report
- Fixed a bug in ftp_log_in() which would prevent nasl script from
logging into some FTP servers
- Solaris build problems fixed
- Darwin 1.4.1 build problems fixed
- MkLinux DR3 build problems fixed (is anyone using it anymore ?)
- GTK 1.0.x build problems fixed (the use of GTK 1.2 is recommended though)
- Fixed the "wrong call to getopt" problem which would make Nessus
segfault when built with cygwin, and which would prevent options
from working under Solaris & FreeBSD (thanks to Udo Schweigert)
- SMB checks speedup (thanks to Georges Dagousset's suggestion)
- Fixed a bug in the client - server communication that would make the
server close the communication when the client is idle
- Better support for AF_UNIX socket for client-server communication
(compile nessus-core with ./configure --enable-unix-socket)
- Plugins are disabled by default in batch mode
. changes by Michel Arboi (arboi at algoriel.fr)
- Client now properly checks the certificate of the server
. changes by Benoit Brodard (bbrodard at arkoon.net)
- fixed bugs in nasl/tcp.c (checksum, handling of unsigned int)
1.1.8 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workaround for systems with a low number of bpfs (OpenBSD, Darwin)
- Added some length checks for SMB checks
- No more zombies
- Fixed accounts.nes
- Fixed the reporting of the client (reports would be mixed)
- Client removes tempfiles when exiting
- Repaired ptyexecvp() which would not work on Solaris
- Slight bugfix in the NASL interpretor
. changes by Georges Dagousset (georges at alert4web.com)
- More optimizations
- Properly reloads KBs with the same value defined more than once
- Fixes in some plugins dependencies
. changes by Michael Slifcak <Michael.Slifcak at guardent.com>
- More nmap options
- Quiet mode in nessus-adduser
1.1.7 :
. changes by Renaud Deraison (deraison at nessus.org)
- Compiles on platforms without OpenSSL
- Better Solaris support
- Ported under Darwin (many thanks to Dieter Fiebelkorn
(dieter at fiebelkorn.net) who actually started the port and helped
me test this)
- Unscanned ports can now be considered as closed or open (instead of
just open), at user choice
- Upgraded to libtool 1.4.2
- fixed a bug in the client which would make it display the wrong report
when doing multiple scans
- enhanced the plugins filter (that appear when pressing 'l' in the GUI)
- fixed a serious problem in the SMB plugins which would prevent them to work
against Samba and which would make them slow against Windows (pointed out
by Georges Dagousset)
. changes by Iouri Pletnev (Iouri.Pletnec at xacta.com)
- Ported under Cygwin
. changes by Michel Arboi (arboi at algoriel.fr)
- Added nessus-mkrand for hosts with no /dev/random AND no EGD
running
1.1.6 :
. changes by Renaud Deraison (deraison at nessus.org)
- EGD support for OpenSSL (do ./configure --enable-egd=/path/to/egd/socket
in nessus-libraries)
- KB items are now stored with individual dates instead of a global
date for the whole KB file. Yes, this means you have to delete your
old KB files
- When an host could not be pinged, his KB is not altered (nor created)
- fixed memory leaks in nessusd
- nessus-mkcert checks that the certificates were really created
before congratulating the user
- fixed a security problem where anybody with a shell on the nessusd
host could log in
1.1.5 :
. changes by Georges Dagousset (georges.dagousset at alert4web.com) :
- new KB entries for further "optimizations"
- improved find_services.nes
. changes by Renaud Deraison (deraison at nessus.org) :
- cleaned up the KB
- added doc/kb_entries.txt
- bugfix in find_services regarding the pem password
- new reporting GUI
- fixed a problem which would leave some plugin run against a host
considered as dead
- the KB are now stored with properly escaped \n and \r chars
- greatly improved tcp_ping.nasl (and tcp_ping() in libnasl)
. changes by Michel Arboi (arboi at algoriel.fr) :
- replaced PEKS by OpenSSL in the client/server communication
. changes by H D Moore (hdm@secureaustin.com)
- fixed no404.nasl
1.1.4 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed find_services.nes
- plugins that are slow to finish are _really_ killed by the server
- the client better handles the scan of big networks
- nmap_wrapper now updates its progress bar
- nessus-update-plugins support proxies (with or without authentication)
- monitor_backend.c and data_mining.c allow any developer to plug
a database behind the client (by default flatfiles are used)
- bug fixed in nmap_wrapper which would make it kill its parent
process randomly
- minor fix in the tcp_ping() function of NASL (ack would be set
to non-zero for a syn packet)
- fixed Alexis's ftp_write_dirs.nes & ftp_bounce_scan.nes
. changes by Michel Arboi (arboi at noos.fr) :
- find_services accepts password-protected .pem files
- patches in the way files were transmitted between the client
and the server (which could end up in a deadlock)
. changes by Alexis de Bernis <alexisb at tpfh.org) :
- fixed ftp_write_dirs.nes
1.1.3 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'torturecgis.nasl' which supplies bogus args to
the remote CGIs, in order to find the most blantantly broken
ones
- webmirror.nasl now retrieves the list of arguments of each
CGI.
- added filter support in the client. Use the key 'l' to filter
out plugins you don't want to see.
- added the 'safe checks' option which allow the user to not disturb
the network (but which weakens the Nessus tests)
- disabled backward support for port 3001 - the official port
is 1241 now.
1.1.2 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'webmirror.nasl', which extracts the list of
CGIs used by a remote web server (and will do much more).
- fixed a problem in NASL due to the SSL patch that would cause
a fd leak with some plugins.
- added a new plugin category (ACT_DESTRUCTIVE_ATTACK) for plugins
that may harm the remote host.
- SSL certificates & key can be imported
- corrected a bug introduced in 1.1.0 that would make the client not display
the name of the plugin currently being run.
- sending signal SIGUSR1 to nessusd makes the grandfather process (the one
who listens on tcp ports) die without killing its children, thus
allowing a smooth upgrade of nessusd
- updated config.guess and config.sub
1.1.1 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed mem leaks in NASL
- fixed a bug introduced in 1.1.0 regarding recv_line()
- fixed a bug introduced in 1.1.0 in the process management of the plugins
(all the KB would not be filled, resulting in incomplete tests)
- smb_sid2user.nasl is twice as fast ;)
1.1.0 :
. changes by Devin Kowatch (devink at SDSC.EDU) :
- fixed communication problem between client and server
- user-defined timing policy in nmap
- nessus-update-plugins uses wget (or any user-supplied command at
compilation time) if available.
. changes by Michel Arboi (arboi at bigfoot.com) :
- support for the -T option of nmap
- SSL support
. changes by Zorgon (zorgon at antionline.org) :
- support for the --os_guess option of nmap
. changes by Renaud Deraison (deraison at nessus.org) :
- the user can upload files to plugins through the client (ie: it is possible
to upload nmap's results directly to the nmap plugin)
- tests can be run in parallel now
- each user is now granted a home by nessus-adduser
- added nessus-rmuser
- per users plugins
Of course several new plugins were added as well.
2002-05-10 15:18:44 +02:00
|
|
|
lib/nessus/plugins/fcgi_echo.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/find_service.nes
|
|
|
|
lib/nessus/plugins/finger.nasl
|
|
|
|
lib/nessus/plugins/finger_0.nasl
|
|
|
|
lib/nessus/plugins/finger_backdoor.nasl
|
|
|
|
lib/nessus/plugins/finger_cgi.nasl
|
|
|
|
lib/nessus/plugins/finger_dot.nasl
|
2000-11-12 05:32:02 +01:00
|
|
|
lib/nessus/plugins/finger_freebsd.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/finger_redirection.nasl
|
2001-12-30 19:38:53 +01:00
|
|
|
lib/nessus/plugins/finger_solaris_disclosure.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/firewall1_dos.nasl
|
|
|
|
lib/nessus/plugins/formhandler.nasl
|
|
|
|
lib/nessus/plugins/formmail_pl.nasl
|
2001-12-30 19:38:53 +01:00
|
|
|
lib/nessus/plugins/formmail_version_disclosure.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/fp_htimage.nasl
|
|
|
|
lib/nessus/plugins/frontpage.nasl
|
|
|
|
lib/nessus/plugins/frontpage_authors.nasl
|
2000-10-15 19:19:49 +02:00
|
|
|
lib/nessus/plugins/frontpage_dos.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/frontpage_dvwssr.nasl
|
2001-08-16 19:27:53 +02:00
|
|
|
lib/nessus/plugins/frontpage_overflow.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/frontpage_shtml.nasl
|
|
|
|
lib/nessus/plugins/ftp_anonymous.nasl
|
|
|
|
lib/nessus/plugins/ftp_backdoor.nasl
|
|
|
|
lib/nessus/plugins/ftp_bounce.nasl
|
|
|
|
lib/nessus/plugins/ftp_bounce_scan.nes
|
|
|
|
lib/nessus/plugins/ftp_check_user.nasl
|
|
|
|
lib/nessus/plugins/ftp_cwd_root.nasl
|
2001-06-17 15:25:54 +02:00
|
|
|
lib/nessus/plugins/ftp_glob_overflow.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/ftp_overflow.nasl
|
|
|
|
lib/nessus/plugins/ftp_pasv_dos.nasl
|
|
|
|
lib/nessus/plugins/ftp_pasv_on_connect.nasl
|
2000-08-04 01:09:21 +02:00
|
|
|
lib/nessus/plugins/ftp_pl.nasl
|
2001-08-16 19:27:53 +02:00
|
|
|
lib/nessus/plugins/ftp_qnx_stack_overflow.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/ftp_realpath.nasl
|
|
|
|
lib/nessus/plugins/ftp_root.nasl
|
|
|
|
lib/nessus/plugins/ftp_servu_dos.nasl
|
2000-10-15 19:19:49 +02:00
|
|
|
lib/nessus/plugins/ftp_servu_dos2.nasl
|
2001-01-28 19:52:32 +01:00
|
|
|
lib/nessus/plugins/ftp_servu_traversal.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/ftp_site_exec.nasl
|
2001-06-17 15:25:54 +02:00
|
|
|
lib/nessus/plugins/ftp_sol_check_user.nasl
|
Update libnasl, nessus{-core,-libraries,-plugins} to 1.2.0.
1.1.15/1.2.0 :
. changes by Nicolas Dubee (ndubee@secway.com) :
- Better support for AF_UNIX sockets
. changes by Brian (bmc@snort.org) :
- CVE references
- several bugfixes in the plugins
. changes by Peter Gründl (pgrundl@kpmg.dk) and
Carsten Joergensen (carstenjoergensen@kpmg.dk) :
- Extensive review of the plugins and therefore numerous fixes
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- FD leak in save_kb.c fixed
. changes by Renaud Deraison (deraison at nessus.org)
- It is now possible to upload files to the server when using
the command line client
- lrand48() portability problems worked around
- fixed a bug in the report window that would make it crash
randomly
1.1.14 :
. changes by Renaud Deraison (deraison at nessus.org)
- SMB fixes (thanks to Michael Scheidell)
- When the safe checks option is enabled, dangerous tests with no
alternate code (ie: plugins of type ACT_DESTRUCTIVE_ATTACK and
ACT_DENIAL) are disabled
- Hosts can be designated by their MAC address of instead of their
IP address (mostly useful for DHCP networks)
- Fixed a bug in the report generation which would replace newlines (\n)
by semi-columns (;)
- Fixed a bug in the export of some types of reports, where open ports
with no data associated would not be saved
- Integrated THC's Hydra as a Nessus plugin
- Added new NT security checks (related to user management)
- Plugins of type ACT_SETTINGS can not be disabled
- Fixed a bug which would make nessusd hang when a scanner was reporting
too many open ports (as when a UDP scan reports all UDP ports as
being open)
. changes by Dion Stempfley (dion at riptech.com)
- The client can now filter on category
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- Fixed some plugins causing error messages in some circumstances
(dns_xfer.nasl, snmp_processes.nasl...)
- Stylish changes to prevent gcc -Wall from whining in some files
- XML NG output is now XML compliant
- Bug fixes
. changes by Jenni Scott (jenni.scott@guardent.com) and
Michael Slifcak (michael.slifcak@guardent.com) :
- Improved the reporting of the plugins (better consistency, better
wording)
1.1.13 :
. changes by Michel Arboi (arboi at algoriel.fr)
- New family ACT_SETTINGS dedicated to plugins which just let the user
enter some preferences
- Optional NIDS evasion techniques (url encoding, tcp slicing)
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug in the command line client which would make it ignore
some preferences
- SMB checks can now log into a Windows domain
- NIDS evasion techniques (data injection, short ttl)
- Fixed a bug which would randomly stall the scan
1.1.12 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workarounds on FreeBSD to prevent a kernel panic
(thanks to Michael Scheidell and Stefan Esser)
- nessus can export reports as other file formats again
1.1.11 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug regarding the saving of reports from the GUI
- Improved the backend in many ways (speed-wise, content-wise)
- Changes in the protocol
- More messages are sent between the server and the client (timestamps,
plugins version, ...)
- New .nbe file format, which looks like .nsr but has more information
in it
- Plugins now have versions numbers.
- The user can upload his plugins to the nessusd server from the client
- It is now possible to upload files to the server (ie: nmap's results) in
command-line mode
- Fixed false positives in SNMP plugins when launched against a non-configured
Solaris snmpd
. changes by Guillaume Valadon (guillaume at valadon.net)
- New XML output (the XML layout was defined by Lionel Cons [lionel.cons at cern.ch])
1.1.10 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug introduced in 1.1.9 which would sometimes prevent a user from
aborting an on-going test
- Fixed a bug in the client which would prevent the user from setting a port
range longer than 255 chars
- Fixed bugs in pcap_next() (thanks to Richard van den Berg). Also, pcap_next() is now more flexible.
- Fixed a bug in the command line client which would make it close the
communication too early when the client - server communication is not
ciphered
- Added an "auto-load dependencies at runtime" option
1.1.9 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fix in the GUI, when closing a saved report
- Fixed a bug in ftp_log_in() which would prevent nasl script from
logging into some FTP servers
- Solaris build problems fixed
- Darwin 1.4.1 build problems fixed
- MkLinux DR3 build problems fixed (is anyone using it anymore ?)
- GTK 1.0.x build problems fixed (the use of GTK 1.2 is recommended though)
- Fixed the "wrong call to getopt" problem which would make Nessus
segfault when built with cygwin, and which would prevent options
from working under Solaris & FreeBSD (thanks to Udo Schweigert)
- SMB checks speedup (thanks to Georges Dagousset's suggestion)
- Fixed a bug in the client - server communication that would make the
server close the communication when the client is idle
- Better support for AF_UNIX socket for client-server communication
(compile nessus-core with ./configure --enable-unix-socket)
- Plugins are disabled by default in batch mode
. changes by Michel Arboi (arboi at algoriel.fr)
- Client now properly checks the certificate of the server
. changes by Benoit Brodard (bbrodard at arkoon.net)
- fixed bugs in nasl/tcp.c (checksum, handling of unsigned int)
1.1.8 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workaround for systems with a low number of bpfs (OpenBSD, Darwin)
- Added some length checks for SMB checks
- No more zombies
- Fixed accounts.nes
- Fixed the reporting of the client (reports would be mixed)
- Client removes tempfiles when exiting
- Repaired ptyexecvp() which would not work on Solaris
- Slight bugfix in the NASL interpretor
. changes by Georges Dagousset (georges at alert4web.com)
- More optimizations
- Properly reloads KBs with the same value defined more than once
- Fixes in some plugins dependencies
. changes by Michael Slifcak <Michael.Slifcak at guardent.com>
- More nmap options
- Quiet mode in nessus-adduser
1.1.7 :
. changes by Renaud Deraison (deraison at nessus.org)
- Compiles on platforms without OpenSSL
- Better Solaris support
- Ported under Darwin (many thanks to Dieter Fiebelkorn
(dieter at fiebelkorn.net) who actually started the port and helped
me test this)
- Unscanned ports can now be considered as closed or open (instead of
just open), at user choice
- Upgraded to libtool 1.4.2
- fixed a bug in the client which would make it display the wrong report
when doing multiple scans
- enhanced the plugins filter (that appear when pressing 'l' in the GUI)
- fixed a serious problem in the SMB plugins which would prevent them to work
against Samba and which would make them slow against Windows (pointed out
by Georges Dagousset)
. changes by Iouri Pletnev (Iouri.Pletnec at xacta.com)
- Ported under Cygwin
. changes by Michel Arboi (arboi at algoriel.fr)
- Added nessus-mkrand for hosts with no /dev/random AND no EGD
running
1.1.6 :
. changes by Renaud Deraison (deraison at nessus.org)
- EGD support for OpenSSL (do ./configure --enable-egd=/path/to/egd/socket
in nessus-libraries)
- KB items are now stored with individual dates instead of a global
date for the whole KB file. Yes, this means you have to delete your
old KB files
- When an host could not be pinged, his KB is not altered (nor created)
- fixed memory leaks in nessusd
- nessus-mkcert checks that the certificates were really created
before congratulating the user
- fixed a security problem where anybody with a shell on the nessusd
host could log in
1.1.5 :
. changes by Georges Dagousset (georges.dagousset at alert4web.com) :
- new KB entries for further "optimizations"
- improved find_services.nes
. changes by Renaud Deraison (deraison at nessus.org) :
- cleaned up the KB
- added doc/kb_entries.txt
- bugfix in find_services regarding the pem password
- new reporting GUI
- fixed a problem which would leave some plugin run against a host
considered as dead
- the KB are now stored with properly escaped \n and \r chars
- greatly improved tcp_ping.nasl (and tcp_ping() in libnasl)
. changes by Michel Arboi (arboi at algoriel.fr) :
- replaced PEKS by OpenSSL in the client/server communication
. changes by H D Moore (hdm@secureaustin.com)
- fixed no404.nasl
1.1.4 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed find_services.nes
- plugins that are slow to finish are _really_ killed by the server
- the client better handles the scan of big networks
- nmap_wrapper now updates its progress bar
- nessus-update-plugins support proxies (with or without authentication)
- monitor_backend.c and data_mining.c allow any developer to plug
a database behind the client (by default flatfiles are used)
- bug fixed in nmap_wrapper which would make it kill its parent
process randomly
- minor fix in the tcp_ping() function of NASL (ack would be set
to non-zero for a syn packet)
- fixed Alexis's ftp_write_dirs.nes & ftp_bounce_scan.nes
. changes by Michel Arboi (arboi at noos.fr) :
- find_services accepts password-protected .pem files
- patches in the way files were transmitted between the client
and the server (which could end up in a deadlock)
. changes by Alexis de Bernis <alexisb at tpfh.org) :
- fixed ftp_write_dirs.nes
1.1.3 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'torturecgis.nasl' which supplies bogus args to
the remote CGIs, in order to find the most blantantly broken
ones
- webmirror.nasl now retrieves the list of arguments of each
CGI.
- added filter support in the client. Use the key 'l' to filter
out plugins you don't want to see.
- added the 'safe checks' option which allow the user to not disturb
the network (but which weakens the Nessus tests)
- disabled backward support for port 3001 - the official port
is 1241 now.
1.1.2 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'webmirror.nasl', which extracts the list of
CGIs used by a remote web server (and will do much more).
- fixed a problem in NASL due to the SSL patch that would cause
a fd leak with some plugins.
- added a new plugin category (ACT_DESTRUCTIVE_ATTACK) for plugins
that may harm the remote host.
- SSL certificates & key can be imported
- corrected a bug introduced in 1.1.0 that would make the client not display
the name of the plugin currently being run.
- sending signal SIGUSR1 to nessusd makes the grandfather process (the one
who listens on tcp ports) die without killing its children, thus
allowing a smooth upgrade of nessusd
- updated config.guess and config.sub
1.1.1 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed mem leaks in NASL
- fixed a bug introduced in 1.1.0 regarding recv_line()
- fixed a bug introduced in 1.1.0 in the process management of the plugins
(all the KB would not be filled, resulting in incomplete tests)
- smb_sid2user.nasl is twice as fast ;)
1.1.0 :
. changes by Devin Kowatch (devink at SDSC.EDU) :
- fixed communication problem between client and server
- user-defined timing policy in nmap
- nessus-update-plugins uses wget (or any user-supplied command at
compilation time) if available.
. changes by Michel Arboi (arboi at bigfoot.com) :
- support for the -T option of nmap
- SSL support
. changes by Zorgon (zorgon at antionline.org) :
- support for the --os_guess option of nmap
. changes by Renaud Deraison (deraison at nessus.org) :
- the user can upload files to plugins through the client (ie: it is possible
to upload nmap's results directly to the nmap plugin)
- tests can be run in parallel now
- each user is now granted a home by nessus-adduser
- added nessus-rmuser
- per users plugins
Of course several new plugins were added as well.
2002-05-10 15:18:44 +02:00
|
|
|
lib/nessus/plugins/ftp_w98_devname_dos.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/ftp_write_dirs.nes
|
|
|
|
lib/nessus/plugins/ftpgate.nasl
|
2001-12-30 19:38:53 +01:00
|
|
|
lib/nessus/plugins/ftpglob.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/ftpserver_detect_type_nd_version.nasl
|
|
|
|
lib/nessus/plugins/gatecrasher.nasl
|
|
|
|
lib/nessus/plugins/gauntlet_overflow.nasl
|
|
|
|
lib/nessus/plugins/girlfriend.nasl
|
|
|
|
lib/nessus/plugins/glimpse.nasl
|
|
|
|
lib/nessus/plugins/gnapster_get_file.nasl
|
2001-08-16 19:27:53 +02:00
|
|
|
lib/nessus/plugins/goodtech_ftpd_dos.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/groupwise_overflow.nasl
|
Update libnasl, nessus{-core,-libraries,-plugins} to 1.2.0.
1.1.15/1.2.0 :
. changes by Nicolas Dubee (ndubee@secway.com) :
- Better support for AF_UNIX sockets
. changes by Brian (bmc@snort.org) :
- CVE references
- several bugfixes in the plugins
. changes by Peter Gründl (pgrundl@kpmg.dk) and
Carsten Joergensen (carstenjoergensen@kpmg.dk) :
- Extensive review of the plugins and therefore numerous fixes
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- FD leak in save_kb.c fixed
. changes by Renaud Deraison (deraison at nessus.org)
- It is now possible to upload files to the server when using
the command line client
- lrand48() portability problems worked around
- fixed a bug in the report window that would make it crash
randomly
1.1.14 :
. changes by Renaud Deraison (deraison at nessus.org)
- SMB fixes (thanks to Michael Scheidell)
- When the safe checks option is enabled, dangerous tests with no
alternate code (ie: plugins of type ACT_DESTRUCTIVE_ATTACK and
ACT_DENIAL) are disabled
- Hosts can be designated by their MAC address of instead of their
IP address (mostly useful for DHCP networks)
- Fixed a bug in the report generation which would replace newlines (\n)
by semi-columns (;)
- Fixed a bug in the export of some types of reports, where open ports
with no data associated would not be saved
- Integrated THC's Hydra as a Nessus plugin
- Added new NT security checks (related to user management)
- Plugins of type ACT_SETTINGS can not be disabled
- Fixed a bug which would make nessusd hang when a scanner was reporting
too many open ports (as when a UDP scan reports all UDP ports as
being open)
. changes by Dion Stempfley (dion at riptech.com)
- The client can now filter on category
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- Fixed some plugins causing error messages in some circumstances
(dns_xfer.nasl, snmp_processes.nasl...)
- Stylish changes to prevent gcc -Wall from whining in some files
- XML NG output is now XML compliant
- Bug fixes
. changes by Jenni Scott (jenni.scott@guardent.com) and
Michael Slifcak (michael.slifcak@guardent.com) :
- Improved the reporting of the plugins (better consistency, better
wording)
1.1.13 :
. changes by Michel Arboi (arboi at algoriel.fr)
- New family ACT_SETTINGS dedicated to plugins which just let the user
enter some preferences
- Optional NIDS evasion techniques (url encoding, tcp slicing)
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug in the command line client which would make it ignore
some preferences
- SMB checks can now log into a Windows domain
- NIDS evasion techniques (data injection, short ttl)
- Fixed a bug which would randomly stall the scan
1.1.12 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workarounds on FreeBSD to prevent a kernel panic
(thanks to Michael Scheidell and Stefan Esser)
- nessus can export reports as other file formats again
1.1.11 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug regarding the saving of reports from the GUI
- Improved the backend in many ways (speed-wise, content-wise)
- Changes in the protocol
- More messages are sent between the server and the client (timestamps,
plugins version, ...)
- New .nbe file format, which looks like .nsr but has more information
in it
- Plugins now have versions numbers.
- The user can upload his plugins to the nessusd server from the client
- It is now possible to upload files to the server (ie: nmap's results) in
command-line mode
- Fixed false positives in SNMP plugins when launched against a non-configured
Solaris snmpd
. changes by Guillaume Valadon (guillaume at valadon.net)
- New XML output (the XML layout was defined by Lionel Cons [lionel.cons at cern.ch])
1.1.10 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug introduced in 1.1.9 which would sometimes prevent a user from
aborting an on-going test
- Fixed a bug in the client which would prevent the user from setting a port
range longer than 255 chars
- Fixed bugs in pcap_next() (thanks to Richard van den Berg). Also, pcap_next() is now more flexible.
- Fixed a bug in the command line client which would make it close the
communication too early when the client - server communication is not
ciphered
- Added an "auto-load dependencies at runtime" option
1.1.9 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fix in the GUI, when closing a saved report
- Fixed a bug in ftp_log_in() which would prevent nasl script from
logging into some FTP servers
- Solaris build problems fixed
- Darwin 1.4.1 build problems fixed
- MkLinux DR3 build problems fixed (is anyone using it anymore ?)
- GTK 1.0.x build problems fixed (the use of GTK 1.2 is recommended though)
- Fixed the "wrong call to getopt" problem which would make Nessus
segfault when built with cygwin, and which would prevent options
from working under Solaris & FreeBSD (thanks to Udo Schweigert)
- SMB checks speedup (thanks to Georges Dagousset's suggestion)
- Fixed a bug in the client - server communication that would make the
server close the communication when the client is idle
- Better support for AF_UNIX socket for client-server communication
(compile nessus-core with ./configure --enable-unix-socket)
- Plugins are disabled by default in batch mode
. changes by Michel Arboi (arboi at algoriel.fr)
- Client now properly checks the certificate of the server
. changes by Benoit Brodard (bbrodard at arkoon.net)
- fixed bugs in nasl/tcp.c (checksum, handling of unsigned int)
1.1.8 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workaround for systems with a low number of bpfs (OpenBSD, Darwin)
- Added some length checks for SMB checks
- No more zombies
- Fixed accounts.nes
- Fixed the reporting of the client (reports would be mixed)
- Client removes tempfiles when exiting
- Repaired ptyexecvp() which would not work on Solaris
- Slight bugfix in the NASL interpretor
. changes by Georges Dagousset (georges at alert4web.com)
- More optimizations
- Properly reloads KBs with the same value defined more than once
- Fixes in some plugins dependencies
. changes by Michael Slifcak <Michael.Slifcak at guardent.com>
- More nmap options
- Quiet mode in nessus-adduser
1.1.7 :
. changes by Renaud Deraison (deraison at nessus.org)
- Compiles on platforms without OpenSSL
- Better Solaris support
- Ported under Darwin (many thanks to Dieter Fiebelkorn
(dieter at fiebelkorn.net) who actually started the port and helped
me test this)
- Unscanned ports can now be considered as closed or open (instead of
just open), at user choice
- Upgraded to libtool 1.4.2
- fixed a bug in the client which would make it display the wrong report
when doing multiple scans
- enhanced the plugins filter (that appear when pressing 'l' in the GUI)
- fixed a serious problem in the SMB plugins which would prevent them to work
against Samba and which would make them slow against Windows (pointed out
by Georges Dagousset)
. changes by Iouri Pletnev (Iouri.Pletnec at xacta.com)
- Ported under Cygwin
. changes by Michel Arboi (arboi at algoriel.fr)
- Added nessus-mkrand for hosts with no /dev/random AND no EGD
running
1.1.6 :
. changes by Renaud Deraison (deraison at nessus.org)
- EGD support for OpenSSL (do ./configure --enable-egd=/path/to/egd/socket
in nessus-libraries)
- KB items are now stored with individual dates instead of a global
date for the whole KB file. Yes, this means you have to delete your
old KB files
- When an host could not be pinged, his KB is not altered (nor created)
- fixed memory leaks in nessusd
- nessus-mkcert checks that the certificates were really created
before congratulating the user
- fixed a security problem where anybody with a shell on the nessusd
host could log in
1.1.5 :
. changes by Georges Dagousset (georges.dagousset at alert4web.com) :
- new KB entries for further "optimizations"
- improved find_services.nes
. changes by Renaud Deraison (deraison at nessus.org) :
- cleaned up the KB
- added doc/kb_entries.txt
- bugfix in find_services regarding the pem password
- new reporting GUI
- fixed a problem which would leave some plugin run against a host
considered as dead
- the KB are now stored with properly escaped \n and \r chars
- greatly improved tcp_ping.nasl (and tcp_ping() in libnasl)
. changes by Michel Arboi (arboi at algoriel.fr) :
- replaced PEKS by OpenSSL in the client/server communication
. changes by H D Moore (hdm@secureaustin.com)
- fixed no404.nasl
1.1.4 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed find_services.nes
- plugins that are slow to finish are _really_ killed by the server
- the client better handles the scan of big networks
- nmap_wrapper now updates its progress bar
- nessus-update-plugins support proxies (with or without authentication)
- monitor_backend.c and data_mining.c allow any developer to plug
a database behind the client (by default flatfiles are used)
- bug fixed in nmap_wrapper which would make it kill its parent
process randomly
- minor fix in the tcp_ping() function of NASL (ack would be set
to non-zero for a syn packet)
- fixed Alexis's ftp_write_dirs.nes & ftp_bounce_scan.nes
. changes by Michel Arboi (arboi at noos.fr) :
- find_services accepts password-protected .pem files
- patches in the way files were transmitted between the client
and the server (which could end up in a deadlock)
. changes by Alexis de Bernis <alexisb at tpfh.org) :
- fixed ftp_write_dirs.nes
1.1.3 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'torturecgis.nasl' which supplies bogus args to
the remote CGIs, in order to find the most blantantly broken
ones
- webmirror.nasl now retrieves the list of arguments of each
CGI.
- added filter support in the client. Use the key 'l' to filter
out plugins you don't want to see.
- added the 'safe checks' option which allow the user to not disturb
the network (but which weakens the Nessus tests)
- disabled backward support for port 3001 - the official port
is 1241 now.
1.1.2 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'webmirror.nasl', which extracts the list of
CGIs used by a remote web server (and will do much more).
- fixed a problem in NASL due to the SSL patch that would cause
a fd leak with some plugins.
- added a new plugin category (ACT_DESTRUCTIVE_ATTACK) for plugins
that may harm the remote host.
- SSL certificates & key can be imported
- corrected a bug introduced in 1.1.0 that would make the client not display
the name of the plugin currently being run.
- sending signal SIGUSR1 to nessusd makes the grandfather process (the one
who listens on tcp ports) die without killing its children, thus
allowing a smooth upgrade of nessusd
- updated config.guess and config.sub
1.1.1 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed mem leaks in NASL
- fixed a bug introduced in 1.1.0 regarding recv_line()
- fixed a bug introduced in 1.1.0 in the process management of the plugins
(all the KB would not be filled, resulting in incomplete tests)
- smb_sid2user.nasl is twice as fast ;)
1.1.0 :
. changes by Devin Kowatch (devink at SDSC.EDU) :
- fixed communication problem between client and server
- user-defined timing policy in nmap
- nessus-update-plugins uses wget (or any user-supplied command at
compilation time) if available.
. changes by Michel Arboi (arboi at bigfoot.com) :
- support for the -T option of nmap
- SSL support
. changes by Zorgon (zorgon at antionline.org) :
- support for the --os_guess option of nmap
. changes by Renaud Deraison (deraison at nessus.org) :
- the user can upload files to plugins through the client (ie: it is possible
to upload nmap's results directly to the nmap plugin)
- tests can be run in parallel now
- each user is now granted a home by nessus-adduser
- added nessus-rmuser
- per users plugins
Of course several new plugins were added as well.
2002-05-10 15:18:44 +02:00
|
|
|
lib/nessus/plugins/groupwise_web_interface_help_hole.nasl
|
|
|
|
lib/nessus/plugins/groupwise_web_interface_htmlver_hole.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/guestbook.nasl
|
|
|
|
lib/nessus/plugins/guestbook_pl.nasl
|
2000-08-04 01:09:21 +02:00
|
|
|
lib/nessus/plugins/guild_ftp.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/handler.nasl
|
2001-12-30 19:38:53 +01:00
|
|
|
lib/nessus/plugins/healthd_detect.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/homefree.nasl
|
|
|
|
lib/nessus/plugins/hotsync.nasl
|
|
|
|
lib/nessus/plugins/hp_printer_display.nasl
|
|
|
|
lib/nessus/plugins/hp_remote_print.nasl
|
2000-10-15 19:19:49 +02:00
|
|
|
lib/nessus/plugins/hpux_ftpd.nasl
|
2001-06-17 15:25:54 +02:00
|
|
|
lib/nessus/plugins/hsweb_location.nasl
|
2001-03-10 19:53:39 +01:00
|
|
|
lib/nessus/plugins/hsx.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/htdig.nasl
|
2000-10-15 19:19:49 +02:00
|
|
|
lib/nessus/plugins/htgrep.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/htmlscript.nasl
|
2001-12-30 19:38:53 +01:00
|
|
|
lib/nessus/plugins/htsearch_config_switch.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/htsearch_location.nasl
|
2001-12-30 19:38:53 +01:00
|
|
|
lib/nessus/plugins/http-rpc-epmap.nasl
|
Update libnasl, nessus{-core,-libraries,-plugins} to 1.2.0.
1.1.15/1.2.0 :
. changes by Nicolas Dubee (ndubee@secway.com) :
- Better support for AF_UNIX sockets
. changes by Brian (bmc@snort.org) :
- CVE references
- several bugfixes in the plugins
. changes by Peter Gründl (pgrundl@kpmg.dk) and
Carsten Joergensen (carstenjoergensen@kpmg.dk) :
- Extensive review of the plugins and therefore numerous fixes
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- FD leak in save_kb.c fixed
. changes by Renaud Deraison (deraison at nessus.org)
- It is now possible to upload files to the server when using
the command line client
- lrand48() portability problems worked around
- fixed a bug in the report window that would make it crash
randomly
1.1.14 :
. changes by Renaud Deraison (deraison at nessus.org)
- SMB fixes (thanks to Michael Scheidell)
- When the safe checks option is enabled, dangerous tests with no
alternate code (ie: plugins of type ACT_DESTRUCTIVE_ATTACK and
ACT_DENIAL) are disabled
- Hosts can be designated by their MAC address of instead of their
IP address (mostly useful for DHCP networks)
- Fixed a bug in the report generation which would replace newlines (\n)
by semi-columns (;)
- Fixed a bug in the export of some types of reports, where open ports
with no data associated would not be saved
- Integrated THC's Hydra as a Nessus plugin
- Added new NT security checks (related to user management)
- Plugins of type ACT_SETTINGS can not be disabled
- Fixed a bug which would make nessusd hang when a scanner was reporting
too many open ports (as when a UDP scan reports all UDP ports as
being open)
. changes by Dion Stempfley (dion at riptech.com)
- The client can now filter on category
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- Fixed some plugins causing error messages in some circumstances
(dns_xfer.nasl, snmp_processes.nasl...)
- Stylish changes to prevent gcc -Wall from whining in some files
- XML NG output is now XML compliant
- Bug fixes
. changes by Jenni Scott (jenni.scott@guardent.com) and
Michael Slifcak (michael.slifcak@guardent.com) :
- Improved the reporting of the plugins (better consistency, better
wording)
1.1.13 :
. changes by Michel Arboi (arboi at algoriel.fr)
- New family ACT_SETTINGS dedicated to plugins which just let the user
enter some preferences
- Optional NIDS evasion techniques (url encoding, tcp slicing)
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug in the command line client which would make it ignore
some preferences
- SMB checks can now log into a Windows domain
- NIDS evasion techniques (data injection, short ttl)
- Fixed a bug which would randomly stall the scan
1.1.12 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workarounds on FreeBSD to prevent a kernel panic
(thanks to Michael Scheidell and Stefan Esser)
- nessus can export reports as other file formats again
1.1.11 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug regarding the saving of reports from the GUI
- Improved the backend in many ways (speed-wise, content-wise)
- Changes in the protocol
- More messages are sent between the server and the client (timestamps,
plugins version, ...)
- New .nbe file format, which looks like .nsr but has more information
in it
- Plugins now have versions numbers.
- The user can upload his plugins to the nessusd server from the client
- It is now possible to upload files to the server (ie: nmap's results) in
command-line mode
- Fixed false positives in SNMP plugins when launched against a non-configured
Solaris snmpd
. changes by Guillaume Valadon (guillaume at valadon.net)
- New XML output (the XML layout was defined by Lionel Cons [lionel.cons at cern.ch])
1.1.10 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug introduced in 1.1.9 which would sometimes prevent a user from
aborting an on-going test
- Fixed a bug in the client which would prevent the user from setting a port
range longer than 255 chars
- Fixed bugs in pcap_next() (thanks to Richard van den Berg). Also, pcap_next() is now more flexible.
- Fixed a bug in the command line client which would make it close the
communication too early when the client - server communication is not
ciphered
- Added an "auto-load dependencies at runtime" option
1.1.9 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fix in the GUI, when closing a saved report
- Fixed a bug in ftp_log_in() which would prevent nasl script from
logging into some FTP servers
- Solaris build problems fixed
- Darwin 1.4.1 build problems fixed
- MkLinux DR3 build problems fixed (is anyone using it anymore ?)
- GTK 1.0.x build problems fixed (the use of GTK 1.2 is recommended though)
- Fixed the "wrong call to getopt" problem which would make Nessus
segfault when built with cygwin, and which would prevent options
from working under Solaris & FreeBSD (thanks to Udo Schweigert)
- SMB checks speedup (thanks to Georges Dagousset's suggestion)
- Fixed a bug in the client - server communication that would make the
server close the communication when the client is idle
- Better support for AF_UNIX socket for client-server communication
(compile nessus-core with ./configure --enable-unix-socket)
- Plugins are disabled by default in batch mode
. changes by Michel Arboi (arboi at algoriel.fr)
- Client now properly checks the certificate of the server
. changes by Benoit Brodard (bbrodard at arkoon.net)
- fixed bugs in nasl/tcp.c (checksum, handling of unsigned int)
1.1.8 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workaround for systems with a low number of bpfs (OpenBSD, Darwin)
- Added some length checks for SMB checks
- No more zombies
- Fixed accounts.nes
- Fixed the reporting of the client (reports would be mixed)
- Client removes tempfiles when exiting
- Repaired ptyexecvp() which would not work on Solaris
- Slight bugfix in the NASL interpretor
. changes by Georges Dagousset (georges at alert4web.com)
- More optimizations
- Properly reloads KBs with the same value defined more than once
- Fixes in some plugins dependencies
. changes by Michael Slifcak <Michael.Slifcak at guardent.com>
- More nmap options
- Quiet mode in nessus-adduser
1.1.7 :
. changes by Renaud Deraison (deraison at nessus.org)
- Compiles on platforms without OpenSSL
- Better Solaris support
- Ported under Darwin (many thanks to Dieter Fiebelkorn
(dieter at fiebelkorn.net) who actually started the port and helped
me test this)
- Unscanned ports can now be considered as closed or open (instead of
just open), at user choice
- Upgraded to libtool 1.4.2
- fixed a bug in the client which would make it display the wrong report
when doing multiple scans
- enhanced the plugins filter (that appear when pressing 'l' in the GUI)
- fixed a serious problem in the SMB plugins which would prevent them to work
against Samba and which would make them slow against Windows (pointed out
by Georges Dagousset)
. changes by Iouri Pletnev (Iouri.Pletnec at xacta.com)
- Ported under Cygwin
. changes by Michel Arboi (arboi at algoriel.fr)
- Added nessus-mkrand for hosts with no /dev/random AND no EGD
running
1.1.6 :
. changes by Renaud Deraison (deraison at nessus.org)
- EGD support for OpenSSL (do ./configure --enable-egd=/path/to/egd/socket
in nessus-libraries)
- KB items are now stored with individual dates instead of a global
date for the whole KB file. Yes, this means you have to delete your
old KB files
- When an host could not be pinged, his KB is not altered (nor created)
- fixed memory leaks in nessusd
- nessus-mkcert checks that the certificates were really created
before congratulating the user
- fixed a security problem where anybody with a shell on the nessusd
host could log in
1.1.5 :
. changes by Georges Dagousset (georges.dagousset at alert4web.com) :
- new KB entries for further "optimizations"
- improved find_services.nes
. changes by Renaud Deraison (deraison at nessus.org) :
- cleaned up the KB
- added doc/kb_entries.txt
- bugfix in find_services regarding the pem password
- new reporting GUI
- fixed a problem which would leave some plugin run against a host
considered as dead
- the KB are now stored with properly escaped \n and \r chars
- greatly improved tcp_ping.nasl (and tcp_ping() in libnasl)
. changes by Michel Arboi (arboi at algoriel.fr) :
- replaced PEKS by OpenSSL in the client/server communication
. changes by H D Moore (hdm@secureaustin.com)
- fixed no404.nasl
1.1.4 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed find_services.nes
- plugins that are slow to finish are _really_ killed by the server
- the client better handles the scan of big networks
- nmap_wrapper now updates its progress bar
- nessus-update-plugins support proxies (with or without authentication)
- monitor_backend.c and data_mining.c allow any developer to plug
a database behind the client (by default flatfiles are used)
- bug fixed in nmap_wrapper which would make it kill its parent
process randomly
- minor fix in the tcp_ping() function of NASL (ack would be set
to non-zero for a syn packet)
- fixed Alexis's ftp_write_dirs.nes & ftp_bounce_scan.nes
. changes by Michel Arboi (arboi at noos.fr) :
- find_services accepts password-protected .pem files
- patches in the way files were transmitted between the client
and the server (which could end up in a deadlock)
. changes by Alexis de Bernis <alexisb at tpfh.org) :
- fixed ftp_write_dirs.nes
1.1.3 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'torturecgis.nasl' which supplies bogus args to
the remote CGIs, in order to find the most blantantly broken
ones
- webmirror.nasl now retrieves the list of arguments of each
CGI.
- added filter support in the client. Use the key 'l' to filter
out plugins you don't want to see.
- added the 'safe checks' option which allow the user to not disturb
the network (but which weakens the Nessus tests)
- disabled backward support for port 3001 - the official port
is 1241 now.
1.1.2 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'webmirror.nasl', which extracts the list of
CGIs used by a remote web server (and will do much more).
- fixed a problem in NASL due to the SSL patch that would cause
a fd leak with some plugins.
- added a new plugin category (ACT_DESTRUCTIVE_ATTACK) for plugins
that may harm the remote host.
- SSL certificates & key can be imported
- corrected a bug introduced in 1.1.0 that would make the client not display
the name of the plugin currently being run.
- sending signal SIGUSR1 to nessusd makes the grandfather process (the one
who listens on tcp ports) die without killing its children, thus
allowing a smooth upgrade of nessusd
- updated config.guess and config.sub
1.1.1 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed mem leaks in NASL
- fixed a bug introduced in 1.1.0 regarding recv_line()
- fixed a bug introduced in 1.1.0 in the process management of the plugins
(all the KB would not be filled, resulting in incomplete tests)
- smb_sid2user.nasl is twice as fast ;)
1.1.0 :
. changes by Devin Kowatch (devink at SDSC.EDU) :
- fixed communication problem between client and server
- user-defined timing policy in nmap
- nessus-update-plugins uses wget (or any user-supplied command at
compilation time) if available.
. changes by Michel Arboi (arboi at bigfoot.com) :
- support for the -T option of nmap
- SSL support
. changes by Zorgon (zorgon at antionline.org) :
- support for the --os_guess option of nmap
. changes by Renaud Deraison (deraison at nessus.org) :
- the user can upload files to plugins through the client (ie: it is possible
to upload nmap's results directly to the nmap plugin)
- tests can be run in parallel now
- each user is now granted a home by nessus-adduser
- added nessus-rmuser
- per users plugins
Of course several new plugins were added as well.
2002-05-10 15:18:44 +02:00
|
|
|
lib/nessus/plugins/http_ids_evasion.nasl
|
2000-10-15 19:19:49 +02:00
|
|
|
lib/nessus/plugins/http_methods.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/http_version.nasl
|
Update libnasl, nessus{-core,-libraries,-plugins} to 1.2.0.
1.1.15/1.2.0 :
. changes by Nicolas Dubee (ndubee@secway.com) :
- Better support for AF_UNIX sockets
. changes by Brian (bmc@snort.org) :
- CVE references
- several bugfixes in the plugins
. changes by Peter Gründl (pgrundl@kpmg.dk) and
Carsten Joergensen (carstenjoergensen@kpmg.dk) :
- Extensive review of the plugins and therefore numerous fixes
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- FD leak in save_kb.c fixed
. changes by Renaud Deraison (deraison at nessus.org)
- It is now possible to upload files to the server when using
the command line client
- lrand48() portability problems worked around
- fixed a bug in the report window that would make it crash
randomly
1.1.14 :
. changes by Renaud Deraison (deraison at nessus.org)
- SMB fixes (thanks to Michael Scheidell)
- When the safe checks option is enabled, dangerous tests with no
alternate code (ie: plugins of type ACT_DESTRUCTIVE_ATTACK and
ACT_DENIAL) are disabled
- Hosts can be designated by their MAC address of instead of their
IP address (mostly useful for DHCP networks)
- Fixed a bug in the report generation which would replace newlines (\n)
by semi-columns (;)
- Fixed a bug in the export of some types of reports, where open ports
with no data associated would not be saved
- Integrated THC's Hydra as a Nessus plugin
- Added new NT security checks (related to user management)
- Plugins of type ACT_SETTINGS can not be disabled
- Fixed a bug which would make nessusd hang when a scanner was reporting
too many open ports (as when a UDP scan reports all UDP ports as
being open)
. changes by Dion Stempfley (dion at riptech.com)
- The client can now filter on category
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- Fixed some plugins causing error messages in some circumstances
(dns_xfer.nasl, snmp_processes.nasl...)
- Stylish changes to prevent gcc -Wall from whining in some files
- XML NG output is now XML compliant
- Bug fixes
. changes by Jenni Scott (jenni.scott@guardent.com) and
Michael Slifcak (michael.slifcak@guardent.com) :
- Improved the reporting of the plugins (better consistency, better
wording)
1.1.13 :
. changes by Michel Arboi (arboi at algoriel.fr)
- New family ACT_SETTINGS dedicated to plugins which just let the user
enter some preferences
- Optional NIDS evasion techniques (url encoding, tcp slicing)
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug in the command line client which would make it ignore
some preferences
- SMB checks can now log into a Windows domain
- NIDS evasion techniques (data injection, short ttl)
- Fixed a bug which would randomly stall the scan
1.1.12 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workarounds on FreeBSD to prevent a kernel panic
(thanks to Michael Scheidell and Stefan Esser)
- nessus can export reports as other file formats again
1.1.11 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug regarding the saving of reports from the GUI
- Improved the backend in many ways (speed-wise, content-wise)
- Changes in the protocol
- More messages are sent between the server and the client (timestamps,
plugins version, ...)
- New .nbe file format, which looks like .nsr but has more information
in it
- Plugins now have versions numbers.
- The user can upload his plugins to the nessusd server from the client
- It is now possible to upload files to the server (ie: nmap's results) in
command-line mode
- Fixed false positives in SNMP plugins when launched against a non-configured
Solaris snmpd
. changes by Guillaume Valadon (guillaume at valadon.net)
- New XML output (the XML layout was defined by Lionel Cons [lionel.cons at cern.ch])
1.1.10 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug introduced in 1.1.9 which would sometimes prevent a user from
aborting an on-going test
- Fixed a bug in the client which would prevent the user from setting a port
range longer than 255 chars
- Fixed bugs in pcap_next() (thanks to Richard van den Berg). Also, pcap_next() is now more flexible.
- Fixed a bug in the command line client which would make it close the
communication too early when the client - server communication is not
ciphered
- Added an "auto-load dependencies at runtime" option
1.1.9 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fix in the GUI, when closing a saved report
- Fixed a bug in ftp_log_in() which would prevent nasl script from
logging into some FTP servers
- Solaris build problems fixed
- Darwin 1.4.1 build problems fixed
- MkLinux DR3 build problems fixed (is anyone using it anymore ?)
- GTK 1.0.x build problems fixed (the use of GTK 1.2 is recommended though)
- Fixed the "wrong call to getopt" problem which would make Nessus
segfault when built with cygwin, and which would prevent options
from working under Solaris & FreeBSD (thanks to Udo Schweigert)
- SMB checks speedup (thanks to Georges Dagousset's suggestion)
- Fixed a bug in the client - server communication that would make the
server close the communication when the client is idle
- Better support for AF_UNIX socket for client-server communication
(compile nessus-core with ./configure --enable-unix-socket)
- Plugins are disabled by default in batch mode
. changes by Michel Arboi (arboi at algoriel.fr)
- Client now properly checks the certificate of the server
. changes by Benoit Brodard (bbrodard at arkoon.net)
- fixed bugs in nasl/tcp.c (checksum, handling of unsigned int)
1.1.8 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workaround for systems with a low number of bpfs (OpenBSD, Darwin)
- Added some length checks for SMB checks
- No more zombies
- Fixed accounts.nes
- Fixed the reporting of the client (reports would be mixed)
- Client removes tempfiles when exiting
- Repaired ptyexecvp() which would not work on Solaris
- Slight bugfix in the NASL interpretor
. changes by Georges Dagousset (georges at alert4web.com)
- More optimizations
- Properly reloads KBs with the same value defined more than once
- Fixes in some plugins dependencies
. changes by Michael Slifcak <Michael.Slifcak at guardent.com>
- More nmap options
- Quiet mode in nessus-adduser
1.1.7 :
. changes by Renaud Deraison (deraison at nessus.org)
- Compiles on platforms without OpenSSL
- Better Solaris support
- Ported under Darwin (many thanks to Dieter Fiebelkorn
(dieter at fiebelkorn.net) who actually started the port and helped
me test this)
- Unscanned ports can now be considered as closed or open (instead of
just open), at user choice
- Upgraded to libtool 1.4.2
- fixed a bug in the client which would make it display the wrong report
when doing multiple scans
- enhanced the plugins filter (that appear when pressing 'l' in the GUI)
- fixed a serious problem in the SMB plugins which would prevent them to work
against Samba and which would make them slow against Windows (pointed out
by Georges Dagousset)
. changes by Iouri Pletnev (Iouri.Pletnec at xacta.com)
- Ported under Cygwin
. changes by Michel Arboi (arboi at algoriel.fr)
- Added nessus-mkrand for hosts with no /dev/random AND no EGD
running
1.1.6 :
. changes by Renaud Deraison (deraison at nessus.org)
- EGD support for OpenSSL (do ./configure --enable-egd=/path/to/egd/socket
in nessus-libraries)
- KB items are now stored with individual dates instead of a global
date for the whole KB file. Yes, this means you have to delete your
old KB files
- When an host could not be pinged, his KB is not altered (nor created)
- fixed memory leaks in nessusd
- nessus-mkcert checks that the certificates were really created
before congratulating the user
- fixed a security problem where anybody with a shell on the nessusd
host could log in
1.1.5 :
. changes by Georges Dagousset (georges.dagousset at alert4web.com) :
- new KB entries for further "optimizations"
- improved find_services.nes
. changes by Renaud Deraison (deraison at nessus.org) :
- cleaned up the KB
- added doc/kb_entries.txt
- bugfix in find_services regarding the pem password
- new reporting GUI
- fixed a problem which would leave some plugin run against a host
considered as dead
- the KB are now stored with properly escaped \n and \r chars
- greatly improved tcp_ping.nasl (and tcp_ping() in libnasl)
. changes by Michel Arboi (arboi at algoriel.fr) :
- replaced PEKS by OpenSSL in the client/server communication
. changes by H D Moore (hdm@secureaustin.com)
- fixed no404.nasl
1.1.4 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed find_services.nes
- plugins that are slow to finish are _really_ killed by the server
- the client better handles the scan of big networks
- nmap_wrapper now updates its progress bar
- nessus-update-plugins support proxies (with or without authentication)
- monitor_backend.c and data_mining.c allow any developer to plug
a database behind the client (by default flatfiles are used)
- bug fixed in nmap_wrapper which would make it kill its parent
process randomly
- minor fix in the tcp_ping() function of NASL (ack would be set
to non-zero for a syn packet)
- fixed Alexis's ftp_write_dirs.nes & ftp_bounce_scan.nes
. changes by Michel Arboi (arboi at noos.fr) :
- find_services accepts password-protected .pem files
- patches in the way files were transmitted between the client
and the server (which could end up in a deadlock)
. changes by Alexis de Bernis <alexisb at tpfh.org) :
- fixed ftp_write_dirs.nes
1.1.3 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'torturecgis.nasl' which supplies bogus args to
the remote CGIs, in order to find the most blantantly broken
ones
- webmirror.nasl now retrieves the list of arguments of each
CGI.
- added filter support in the client. Use the key 'l' to filter
out plugins you don't want to see.
- added the 'safe checks' option which allow the user to not disturb
the network (but which weakens the Nessus tests)
- disabled backward support for port 3001 - the official port
is 1241 now.
1.1.2 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'webmirror.nasl', which extracts the list of
CGIs used by a remote web server (and will do much more).
- fixed a problem in NASL due to the SSL patch that would cause
a fd leak with some plugins.
- added a new plugin category (ACT_DESTRUCTIVE_ATTACK) for plugins
that may harm the remote host.
- SSL certificates & key can be imported
- corrected a bug introduced in 1.1.0 that would make the client not display
the name of the plugin currently being run.
- sending signal SIGUSR1 to nessusd makes the grandfather process (the one
who listens on tcp ports) die without killing its children, thus
allowing a smooth upgrade of nessusd
- updated config.guess and config.sub
1.1.1 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed mem leaks in NASL
- fixed a bug introduced in 1.1.0 regarding recv_line()
- fixed a bug introduced in 1.1.0 in the process management of the plugins
(all the KB would not be filled, resulting in incomplete tests)
- smb_sid2user.nasl is twice as fast ;)
1.1.0 :
. changes by Devin Kowatch (devink at SDSC.EDU) :
- fixed communication problem between client and server
- user-defined timing policy in nmap
- nessus-update-plugins uses wget (or any user-supplied command at
compilation time) if available.
. changes by Michel Arboi (arboi at bigfoot.com) :
- support for the -T option of nmap
- SSL support
. changes by Zorgon (zorgon at antionline.org) :
- support for the --os_guess option of nmap
. changes by Renaud Deraison (deraison at nessus.org) :
- the user can upload files to plugins through the client (ie: it is possible
to upload nmap's results directly to the nmap plugin)
- tests can be run in parallel now
- each user is now granted a home by nessus-adduser
- added nessus-rmuser
- per users plugins
Of course several new plugins were added as well.
2002-05-10 15:18:44 +02:00
|
|
|
lib/nessus/plugins/http_w98_devname_dos.nasl
|
2000-11-12 05:32:02 +01:00
|
|
|
lib/nessus/plugins/http_webshopper.nasl
|
|
|
|
lib/nessus/plugins/http_webstore.nasl
|
|
|
|
lib/nessus/plugins/httpd_boa.nasl
|
2000-08-04 01:09:21 +02:00
|
|
|
lib/nessus/plugins/httpd_nobody.nasl
|
2001-01-28 19:52:32 +01:00
|
|
|
lib/nessus/plugins/httpver.nasl
|
Update libnasl, nessus{-core,-libraries,-plugins} to 1.2.0.
1.1.15/1.2.0 :
. changes by Nicolas Dubee (ndubee@secway.com) :
- Better support for AF_UNIX sockets
. changes by Brian (bmc@snort.org) :
- CVE references
- several bugfixes in the plugins
. changes by Peter Gründl (pgrundl@kpmg.dk) and
Carsten Joergensen (carstenjoergensen@kpmg.dk) :
- Extensive review of the plugins and therefore numerous fixes
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- FD leak in save_kb.c fixed
. changes by Renaud Deraison (deraison at nessus.org)
- It is now possible to upload files to the server when using
the command line client
- lrand48() portability problems worked around
- fixed a bug in the report window that would make it crash
randomly
1.1.14 :
. changes by Renaud Deraison (deraison at nessus.org)
- SMB fixes (thanks to Michael Scheidell)
- When the safe checks option is enabled, dangerous tests with no
alternate code (ie: plugins of type ACT_DESTRUCTIVE_ATTACK and
ACT_DENIAL) are disabled
- Hosts can be designated by their MAC address of instead of their
IP address (mostly useful for DHCP networks)
- Fixed a bug in the report generation which would replace newlines (\n)
by semi-columns (;)
- Fixed a bug in the export of some types of reports, where open ports
with no data associated would not be saved
- Integrated THC's Hydra as a Nessus plugin
- Added new NT security checks (related to user management)
- Plugins of type ACT_SETTINGS can not be disabled
- Fixed a bug which would make nessusd hang when a scanner was reporting
too many open ports (as when a UDP scan reports all UDP ports as
being open)
. changes by Dion Stempfley (dion at riptech.com)
- The client can now filter on category
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- Fixed some plugins causing error messages in some circumstances
(dns_xfer.nasl, snmp_processes.nasl...)
- Stylish changes to prevent gcc -Wall from whining in some files
- XML NG output is now XML compliant
- Bug fixes
. changes by Jenni Scott (jenni.scott@guardent.com) and
Michael Slifcak (michael.slifcak@guardent.com) :
- Improved the reporting of the plugins (better consistency, better
wording)
1.1.13 :
. changes by Michel Arboi (arboi at algoriel.fr)
- New family ACT_SETTINGS dedicated to plugins which just let the user
enter some preferences
- Optional NIDS evasion techniques (url encoding, tcp slicing)
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug in the command line client which would make it ignore
some preferences
- SMB checks can now log into a Windows domain
- NIDS evasion techniques (data injection, short ttl)
- Fixed a bug which would randomly stall the scan
1.1.12 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workarounds on FreeBSD to prevent a kernel panic
(thanks to Michael Scheidell and Stefan Esser)
- nessus can export reports as other file formats again
1.1.11 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug regarding the saving of reports from the GUI
- Improved the backend in many ways (speed-wise, content-wise)
- Changes in the protocol
- More messages are sent between the server and the client (timestamps,
plugins version, ...)
- New .nbe file format, which looks like .nsr but has more information
in it
- Plugins now have versions numbers.
- The user can upload his plugins to the nessusd server from the client
- It is now possible to upload files to the server (ie: nmap's results) in
command-line mode
- Fixed false positives in SNMP plugins when launched against a non-configured
Solaris snmpd
. changes by Guillaume Valadon (guillaume at valadon.net)
- New XML output (the XML layout was defined by Lionel Cons [lionel.cons at cern.ch])
1.1.10 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug introduced in 1.1.9 which would sometimes prevent a user from
aborting an on-going test
- Fixed a bug in the client which would prevent the user from setting a port
range longer than 255 chars
- Fixed bugs in pcap_next() (thanks to Richard van den Berg). Also, pcap_next() is now more flexible.
- Fixed a bug in the command line client which would make it close the
communication too early when the client - server communication is not
ciphered
- Added an "auto-load dependencies at runtime" option
1.1.9 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fix in the GUI, when closing a saved report
- Fixed a bug in ftp_log_in() which would prevent nasl script from
logging into some FTP servers
- Solaris build problems fixed
- Darwin 1.4.1 build problems fixed
- MkLinux DR3 build problems fixed (is anyone using it anymore ?)
- GTK 1.0.x build problems fixed (the use of GTK 1.2 is recommended though)
- Fixed the "wrong call to getopt" problem which would make Nessus
segfault when built with cygwin, and which would prevent options
from working under Solaris & FreeBSD (thanks to Udo Schweigert)
- SMB checks speedup (thanks to Georges Dagousset's suggestion)
- Fixed a bug in the client - server communication that would make the
server close the communication when the client is idle
- Better support for AF_UNIX socket for client-server communication
(compile nessus-core with ./configure --enable-unix-socket)
- Plugins are disabled by default in batch mode
. changes by Michel Arboi (arboi at algoriel.fr)
- Client now properly checks the certificate of the server
. changes by Benoit Brodard (bbrodard at arkoon.net)
- fixed bugs in nasl/tcp.c (checksum, handling of unsigned int)
1.1.8 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workaround for systems with a low number of bpfs (OpenBSD, Darwin)
- Added some length checks for SMB checks
- No more zombies
- Fixed accounts.nes
- Fixed the reporting of the client (reports would be mixed)
- Client removes tempfiles when exiting
- Repaired ptyexecvp() which would not work on Solaris
- Slight bugfix in the NASL interpretor
. changes by Georges Dagousset (georges at alert4web.com)
- More optimizations
- Properly reloads KBs with the same value defined more than once
- Fixes in some plugins dependencies
. changes by Michael Slifcak <Michael.Slifcak at guardent.com>
- More nmap options
- Quiet mode in nessus-adduser
1.1.7 :
. changes by Renaud Deraison (deraison at nessus.org)
- Compiles on platforms without OpenSSL
- Better Solaris support
- Ported under Darwin (many thanks to Dieter Fiebelkorn
(dieter at fiebelkorn.net) who actually started the port and helped
me test this)
- Unscanned ports can now be considered as closed or open (instead of
just open), at user choice
- Upgraded to libtool 1.4.2
- fixed a bug in the client which would make it display the wrong report
when doing multiple scans
- enhanced the plugins filter (that appear when pressing 'l' in the GUI)
- fixed a serious problem in the SMB plugins which would prevent them to work
against Samba and which would make them slow against Windows (pointed out
by Georges Dagousset)
. changes by Iouri Pletnev (Iouri.Pletnec at xacta.com)
- Ported under Cygwin
. changes by Michel Arboi (arboi at algoriel.fr)
- Added nessus-mkrand for hosts with no /dev/random AND no EGD
running
1.1.6 :
. changes by Renaud Deraison (deraison at nessus.org)
- EGD support for OpenSSL (do ./configure --enable-egd=/path/to/egd/socket
in nessus-libraries)
- KB items are now stored with individual dates instead of a global
date for the whole KB file. Yes, this means you have to delete your
old KB files
- When an host could not be pinged, his KB is not altered (nor created)
- fixed memory leaks in nessusd
- nessus-mkcert checks that the certificates were really created
before congratulating the user
- fixed a security problem where anybody with a shell on the nessusd
host could log in
1.1.5 :
. changes by Georges Dagousset (georges.dagousset at alert4web.com) :
- new KB entries for further "optimizations"
- improved find_services.nes
. changes by Renaud Deraison (deraison at nessus.org) :
- cleaned up the KB
- added doc/kb_entries.txt
- bugfix in find_services regarding the pem password
- new reporting GUI
- fixed a problem which would leave some plugin run against a host
considered as dead
- the KB are now stored with properly escaped \n and \r chars
- greatly improved tcp_ping.nasl (and tcp_ping() in libnasl)
. changes by Michel Arboi (arboi at algoriel.fr) :
- replaced PEKS by OpenSSL in the client/server communication
. changes by H D Moore (hdm@secureaustin.com)
- fixed no404.nasl
1.1.4 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed find_services.nes
- plugins that are slow to finish are _really_ killed by the server
- the client better handles the scan of big networks
- nmap_wrapper now updates its progress bar
- nessus-update-plugins support proxies (with or without authentication)
- monitor_backend.c and data_mining.c allow any developer to plug
a database behind the client (by default flatfiles are used)
- bug fixed in nmap_wrapper which would make it kill its parent
process randomly
- minor fix in the tcp_ping() function of NASL (ack would be set
to non-zero for a syn packet)
- fixed Alexis's ftp_write_dirs.nes & ftp_bounce_scan.nes
. changes by Michel Arboi (arboi at noos.fr) :
- find_services accepts password-protected .pem files
- patches in the way files were transmitted between the client
and the server (which could end up in a deadlock)
. changes by Alexis de Bernis <alexisb at tpfh.org) :
- fixed ftp_write_dirs.nes
1.1.3 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'torturecgis.nasl' which supplies bogus args to
the remote CGIs, in order to find the most blantantly broken
ones
- webmirror.nasl now retrieves the list of arguments of each
CGI.
- added filter support in the client. Use the key 'l' to filter
out plugins you don't want to see.
- added the 'safe checks' option which allow the user to not disturb
the network (but which weakens the Nessus tests)
- disabled backward support for port 3001 - the official port
is 1241 now.
1.1.2 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'webmirror.nasl', which extracts the list of
CGIs used by a remote web server (and will do much more).
- fixed a problem in NASL due to the SSL patch that would cause
a fd leak with some plugins.
- added a new plugin category (ACT_DESTRUCTIVE_ATTACK) for plugins
that may harm the remote host.
- SSL certificates & key can be imported
- corrected a bug introduced in 1.1.0 that would make the client not display
the name of the plugin currently being run.
- sending signal SIGUSR1 to nessusd makes the grandfather process (the one
who listens on tcp ports) die without killing its children, thus
allowing a smooth upgrade of nessusd
- updated config.guess and config.sub
1.1.1 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed mem leaks in NASL
- fixed a bug introduced in 1.1.0 regarding recv_line()
- fixed a bug introduced in 1.1.0 in the process management of the plugins
(all the KB would not be filled, resulting in incomplete tests)
- smb_sid2user.nasl is twice as fast ;)
1.1.0 :
. changes by Devin Kowatch (devink at SDSC.EDU) :
- fixed communication problem between client and server
- user-defined timing policy in nmap
- nessus-update-plugins uses wget (or any user-supplied command at
compilation time) if available.
. changes by Michel Arboi (arboi at bigfoot.com) :
- support for the -T option of nmap
- SSL support
. changes by Zorgon (zorgon at antionline.org) :
- support for the --os_guess option of nmap
. changes by Renaud Deraison (deraison at nessus.org) :
- the user can upload files to plugins through the client (ie: it is possible
to upload nmap's results directly to the nmap plugin)
- tests can be run in parallel now
- each user is now granted a home by nessus-adduser
- added nessus-rmuser
- per users plugins
Of course several new plugins were added as well.
2002-05-10 15:18:44 +02:00
|
|
|
lib/nessus/plugins/hydra.nes
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/hyperbomb.nasl
|
|
|
|
lib/nessus/plugins/i2odialogd.nasl
|
|
|
|
lib/nessus/plugins/iChat.nasl
|
|
|
|
lib/nessus/plugins/iParty.nasl
|
2001-12-30 19:38:53 +01:00
|
|
|
lib/nessus/plugins/ibm_server_code.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/icat.nasl
|
|
|
|
lib/nessus/plugins/icecap_default_pw.nasl
|
2001-03-10 19:53:39 +01:00
|
|
|
lib/nessus/plugins/icecast_overflow.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/icmp_mask_req.nasl
|
|
|
|
lib/nessus/plugins/icmp_timestamp.nasl
|
|
|
|
lib/nessus/plugins/icq_crash.nasl
|
|
|
|
lib/nessus/plugins/idq_dll.nasl
|
Update libnasl, nessus{-core,-libraries,-plugins} to 1.2.0.
1.1.15/1.2.0 :
. changes by Nicolas Dubee (ndubee@secway.com) :
- Better support for AF_UNIX sockets
. changes by Brian (bmc@snort.org) :
- CVE references
- several bugfixes in the plugins
. changes by Peter Gründl (pgrundl@kpmg.dk) and
Carsten Joergensen (carstenjoergensen@kpmg.dk) :
- Extensive review of the plugins and therefore numerous fixes
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- FD leak in save_kb.c fixed
. changes by Renaud Deraison (deraison at nessus.org)
- It is now possible to upload files to the server when using
the command line client
- lrand48() portability problems worked around
- fixed a bug in the report window that would make it crash
randomly
1.1.14 :
. changes by Renaud Deraison (deraison at nessus.org)
- SMB fixes (thanks to Michael Scheidell)
- When the safe checks option is enabled, dangerous tests with no
alternate code (ie: plugins of type ACT_DESTRUCTIVE_ATTACK and
ACT_DENIAL) are disabled
- Hosts can be designated by their MAC address of instead of their
IP address (mostly useful for DHCP networks)
- Fixed a bug in the report generation which would replace newlines (\n)
by semi-columns (;)
- Fixed a bug in the export of some types of reports, where open ports
with no data associated would not be saved
- Integrated THC's Hydra as a Nessus plugin
- Added new NT security checks (related to user management)
- Plugins of type ACT_SETTINGS can not be disabled
- Fixed a bug which would make nessusd hang when a scanner was reporting
too many open ports (as when a UDP scan reports all UDP ports as
being open)
. changes by Dion Stempfley (dion at riptech.com)
- The client can now filter on category
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- Fixed some plugins causing error messages in some circumstances
(dns_xfer.nasl, snmp_processes.nasl...)
- Stylish changes to prevent gcc -Wall from whining in some files
- XML NG output is now XML compliant
- Bug fixes
. changes by Jenni Scott (jenni.scott@guardent.com) and
Michael Slifcak (michael.slifcak@guardent.com) :
- Improved the reporting of the plugins (better consistency, better
wording)
1.1.13 :
. changes by Michel Arboi (arboi at algoriel.fr)
- New family ACT_SETTINGS dedicated to plugins which just let the user
enter some preferences
- Optional NIDS evasion techniques (url encoding, tcp slicing)
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug in the command line client which would make it ignore
some preferences
- SMB checks can now log into a Windows domain
- NIDS evasion techniques (data injection, short ttl)
- Fixed a bug which would randomly stall the scan
1.1.12 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workarounds on FreeBSD to prevent a kernel panic
(thanks to Michael Scheidell and Stefan Esser)
- nessus can export reports as other file formats again
1.1.11 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug regarding the saving of reports from the GUI
- Improved the backend in many ways (speed-wise, content-wise)
- Changes in the protocol
- More messages are sent between the server and the client (timestamps,
plugins version, ...)
- New .nbe file format, which looks like .nsr but has more information
in it
- Plugins now have versions numbers.
- The user can upload his plugins to the nessusd server from the client
- It is now possible to upload files to the server (ie: nmap's results) in
command-line mode
- Fixed false positives in SNMP plugins when launched against a non-configured
Solaris snmpd
. changes by Guillaume Valadon (guillaume at valadon.net)
- New XML output (the XML layout was defined by Lionel Cons [lionel.cons at cern.ch])
1.1.10 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug introduced in 1.1.9 which would sometimes prevent a user from
aborting an on-going test
- Fixed a bug in the client which would prevent the user from setting a port
range longer than 255 chars
- Fixed bugs in pcap_next() (thanks to Richard van den Berg). Also, pcap_next() is now more flexible.
- Fixed a bug in the command line client which would make it close the
communication too early when the client - server communication is not
ciphered
- Added an "auto-load dependencies at runtime" option
1.1.9 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fix in the GUI, when closing a saved report
- Fixed a bug in ftp_log_in() which would prevent nasl script from
logging into some FTP servers
- Solaris build problems fixed
- Darwin 1.4.1 build problems fixed
- MkLinux DR3 build problems fixed (is anyone using it anymore ?)
- GTK 1.0.x build problems fixed (the use of GTK 1.2 is recommended though)
- Fixed the "wrong call to getopt" problem which would make Nessus
segfault when built with cygwin, and which would prevent options
from working under Solaris & FreeBSD (thanks to Udo Schweigert)
- SMB checks speedup (thanks to Georges Dagousset's suggestion)
- Fixed a bug in the client - server communication that would make the
server close the communication when the client is idle
- Better support for AF_UNIX socket for client-server communication
(compile nessus-core with ./configure --enable-unix-socket)
- Plugins are disabled by default in batch mode
. changes by Michel Arboi (arboi at algoriel.fr)
- Client now properly checks the certificate of the server
. changes by Benoit Brodard (bbrodard at arkoon.net)
- fixed bugs in nasl/tcp.c (checksum, handling of unsigned int)
1.1.8 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workaround for systems with a low number of bpfs (OpenBSD, Darwin)
- Added some length checks for SMB checks
- No more zombies
- Fixed accounts.nes
- Fixed the reporting of the client (reports would be mixed)
- Client removes tempfiles when exiting
- Repaired ptyexecvp() which would not work on Solaris
- Slight bugfix in the NASL interpretor
. changes by Georges Dagousset (georges at alert4web.com)
- More optimizations
- Properly reloads KBs with the same value defined more than once
- Fixes in some plugins dependencies
. changes by Michael Slifcak <Michael.Slifcak at guardent.com>
- More nmap options
- Quiet mode in nessus-adduser
1.1.7 :
. changes by Renaud Deraison (deraison at nessus.org)
- Compiles on platforms without OpenSSL
- Better Solaris support
- Ported under Darwin (many thanks to Dieter Fiebelkorn
(dieter at fiebelkorn.net) who actually started the port and helped
me test this)
- Unscanned ports can now be considered as closed or open (instead of
just open), at user choice
- Upgraded to libtool 1.4.2
- fixed a bug in the client which would make it display the wrong report
when doing multiple scans
- enhanced the plugins filter (that appear when pressing 'l' in the GUI)
- fixed a serious problem in the SMB plugins which would prevent them to work
against Samba and which would make them slow against Windows (pointed out
by Georges Dagousset)
. changes by Iouri Pletnev (Iouri.Pletnec at xacta.com)
- Ported under Cygwin
. changes by Michel Arboi (arboi at algoriel.fr)
- Added nessus-mkrand for hosts with no /dev/random AND no EGD
running
1.1.6 :
. changes by Renaud Deraison (deraison at nessus.org)
- EGD support for OpenSSL (do ./configure --enable-egd=/path/to/egd/socket
in nessus-libraries)
- KB items are now stored with individual dates instead of a global
date for the whole KB file. Yes, this means you have to delete your
old KB files
- When an host could not be pinged, his KB is not altered (nor created)
- fixed memory leaks in nessusd
- nessus-mkcert checks that the certificates were really created
before congratulating the user
- fixed a security problem where anybody with a shell on the nessusd
host could log in
1.1.5 :
. changes by Georges Dagousset (georges.dagousset at alert4web.com) :
- new KB entries for further "optimizations"
- improved find_services.nes
. changes by Renaud Deraison (deraison at nessus.org) :
- cleaned up the KB
- added doc/kb_entries.txt
- bugfix in find_services regarding the pem password
- new reporting GUI
- fixed a problem which would leave some plugin run against a host
considered as dead
- the KB are now stored with properly escaped \n and \r chars
- greatly improved tcp_ping.nasl (and tcp_ping() in libnasl)
. changes by Michel Arboi (arboi at algoriel.fr) :
- replaced PEKS by OpenSSL in the client/server communication
. changes by H D Moore (hdm@secureaustin.com)
- fixed no404.nasl
1.1.4 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed find_services.nes
- plugins that are slow to finish are _really_ killed by the server
- the client better handles the scan of big networks
- nmap_wrapper now updates its progress bar
- nessus-update-plugins support proxies (with or without authentication)
- monitor_backend.c and data_mining.c allow any developer to plug
a database behind the client (by default flatfiles are used)
- bug fixed in nmap_wrapper which would make it kill its parent
process randomly
- minor fix in the tcp_ping() function of NASL (ack would be set
to non-zero for a syn packet)
- fixed Alexis's ftp_write_dirs.nes & ftp_bounce_scan.nes
. changes by Michel Arboi (arboi at noos.fr) :
- find_services accepts password-protected .pem files
- patches in the way files were transmitted between the client
and the server (which could end up in a deadlock)
. changes by Alexis de Bernis <alexisb at tpfh.org) :
- fixed ftp_write_dirs.nes
1.1.3 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'torturecgis.nasl' which supplies bogus args to
the remote CGIs, in order to find the most blantantly broken
ones
- webmirror.nasl now retrieves the list of arguments of each
CGI.
- added filter support in the client. Use the key 'l' to filter
out plugins you don't want to see.
- added the 'safe checks' option which allow the user to not disturb
the network (but which weakens the Nessus tests)
- disabled backward support for port 3001 - the official port
is 1241 now.
1.1.2 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'webmirror.nasl', which extracts the list of
CGIs used by a remote web server (and will do much more).
- fixed a problem in NASL due to the SSL patch that would cause
a fd leak with some plugins.
- added a new plugin category (ACT_DESTRUCTIVE_ATTACK) for plugins
that may harm the remote host.
- SSL certificates & key can be imported
- corrected a bug introduced in 1.1.0 that would make the client not display
the name of the plugin currently being run.
- sending signal SIGUSR1 to nessusd makes the grandfather process (the one
who listens on tcp ports) die without killing its children, thus
allowing a smooth upgrade of nessusd
- updated config.guess and config.sub
1.1.1 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed mem leaks in NASL
- fixed a bug introduced in 1.1.0 regarding recv_line()
- fixed a bug introduced in 1.1.0 in the process management of the plugins
(all the KB would not be filled, resulting in incomplete tests)
- smb_sid2user.nasl is twice as fast ;)
1.1.0 :
. changes by Devin Kowatch (devink at SDSC.EDU) :
- fixed communication problem between client and server
- user-defined timing policy in nmap
- nessus-update-plugins uses wget (or any user-supplied command at
compilation time) if available.
. changes by Michel Arboi (arboi at bigfoot.com) :
- support for the -T option of nmap
- SSL support
. changes by Zorgon (zorgon at antionline.org) :
- support for the --os_guess option of nmap
. changes by Renaud Deraison (deraison at nessus.org) :
- the user can upload files to plugins through the client (ie: it is possible
to upload nmap's results directly to the nmap plugin)
- tests can be run in parallel now
- each user is now granted a home by nessus-adduser
- added nessus-rmuser
- per users plugins
Of course several new plugins were added as well.
2002-05-10 15:18:44 +02:00
|
|
|
lib/nessus/plugins/ids_evasion.nasl
|
2001-06-17 15:25:54 +02:00
|
|
|
lib/nessus/plugins/iis5_isapi_printer.nasl
|
|
|
|
lib/nessus/plugins/iis5_printer.nasl
|
2000-10-15 19:19:49 +02:00
|
|
|
lib/nessus/plugins/iis_anything_idq.nasl
|
Update libnasl, nessus{-core,-libraries,-plugins} to 1.2.0.
1.1.15/1.2.0 :
. changes by Nicolas Dubee (ndubee@secway.com) :
- Better support for AF_UNIX sockets
. changes by Brian (bmc@snort.org) :
- CVE references
- several bugfixes in the plugins
. changes by Peter Gründl (pgrundl@kpmg.dk) and
Carsten Joergensen (carstenjoergensen@kpmg.dk) :
- Extensive review of the plugins and therefore numerous fixes
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- FD leak in save_kb.c fixed
. changes by Renaud Deraison (deraison at nessus.org)
- It is now possible to upload files to the server when using
the command line client
- lrand48() portability problems worked around
- fixed a bug in the report window that would make it crash
randomly
1.1.14 :
. changes by Renaud Deraison (deraison at nessus.org)
- SMB fixes (thanks to Michael Scheidell)
- When the safe checks option is enabled, dangerous tests with no
alternate code (ie: plugins of type ACT_DESTRUCTIVE_ATTACK and
ACT_DENIAL) are disabled
- Hosts can be designated by their MAC address of instead of their
IP address (mostly useful for DHCP networks)
- Fixed a bug in the report generation which would replace newlines (\n)
by semi-columns (;)
- Fixed a bug in the export of some types of reports, where open ports
with no data associated would not be saved
- Integrated THC's Hydra as a Nessus plugin
- Added new NT security checks (related to user management)
- Plugins of type ACT_SETTINGS can not be disabled
- Fixed a bug which would make nessusd hang when a scanner was reporting
too many open ports (as when a UDP scan reports all UDP ports as
being open)
. changes by Dion Stempfley (dion at riptech.com)
- The client can now filter on category
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- Fixed some plugins causing error messages in some circumstances
(dns_xfer.nasl, snmp_processes.nasl...)
- Stylish changes to prevent gcc -Wall from whining in some files
- XML NG output is now XML compliant
- Bug fixes
. changes by Jenni Scott (jenni.scott@guardent.com) and
Michael Slifcak (michael.slifcak@guardent.com) :
- Improved the reporting of the plugins (better consistency, better
wording)
1.1.13 :
. changes by Michel Arboi (arboi at algoriel.fr)
- New family ACT_SETTINGS dedicated to plugins which just let the user
enter some preferences
- Optional NIDS evasion techniques (url encoding, tcp slicing)
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug in the command line client which would make it ignore
some preferences
- SMB checks can now log into a Windows domain
- NIDS evasion techniques (data injection, short ttl)
- Fixed a bug which would randomly stall the scan
1.1.12 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workarounds on FreeBSD to prevent a kernel panic
(thanks to Michael Scheidell and Stefan Esser)
- nessus can export reports as other file formats again
1.1.11 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug regarding the saving of reports from the GUI
- Improved the backend in many ways (speed-wise, content-wise)
- Changes in the protocol
- More messages are sent between the server and the client (timestamps,
plugins version, ...)
- New .nbe file format, which looks like .nsr but has more information
in it
- Plugins now have versions numbers.
- The user can upload his plugins to the nessusd server from the client
- It is now possible to upload files to the server (ie: nmap's results) in
command-line mode
- Fixed false positives in SNMP plugins when launched against a non-configured
Solaris snmpd
. changes by Guillaume Valadon (guillaume at valadon.net)
- New XML output (the XML layout was defined by Lionel Cons [lionel.cons at cern.ch])
1.1.10 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug introduced in 1.1.9 which would sometimes prevent a user from
aborting an on-going test
- Fixed a bug in the client which would prevent the user from setting a port
range longer than 255 chars
- Fixed bugs in pcap_next() (thanks to Richard van den Berg). Also, pcap_next() is now more flexible.
- Fixed a bug in the command line client which would make it close the
communication too early when the client - server communication is not
ciphered
- Added an "auto-load dependencies at runtime" option
1.1.9 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fix in the GUI, when closing a saved report
- Fixed a bug in ftp_log_in() which would prevent nasl script from
logging into some FTP servers
- Solaris build problems fixed
- Darwin 1.4.1 build problems fixed
- MkLinux DR3 build problems fixed (is anyone using it anymore ?)
- GTK 1.0.x build problems fixed (the use of GTK 1.2 is recommended though)
- Fixed the "wrong call to getopt" problem which would make Nessus
segfault when built with cygwin, and which would prevent options
from working under Solaris & FreeBSD (thanks to Udo Schweigert)
- SMB checks speedup (thanks to Georges Dagousset's suggestion)
- Fixed a bug in the client - server communication that would make the
server close the communication when the client is idle
- Better support for AF_UNIX socket for client-server communication
(compile nessus-core with ./configure --enable-unix-socket)
- Plugins are disabled by default in batch mode
. changes by Michel Arboi (arboi at algoriel.fr)
- Client now properly checks the certificate of the server
. changes by Benoit Brodard (bbrodard at arkoon.net)
- fixed bugs in nasl/tcp.c (checksum, handling of unsigned int)
1.1.8 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workaround for systems with a low number of bpfs (OpenBSD, Darwin)
- Added some length checks for SMB checks
- No more zombies
- Fixed accounts.nes
- Fixed the reporting of the client (reports would be mixed)
- Client removes tempfiles when exiting
- Repaired ptyexecvp() which would not work on Solaris
- Slight bugfix in the NASL interpretor
. changes by Georges Dagousset (georges at alert4web.com)
- More optimizations
- Properly reloads KBs with the same value defined more than once
- Fixes in some plugins dependencies
. changes by Michael Slifcak <Michael.Slifcak at guardent.com>
- More nmap options
- Quiet mode in nessus-adduser
1.1.7 :
. changes by Renaud Deraison (deraison at nessus.org)
- Compiles on platforms without OpenSSL
- Better Solaris support
- Ported under Darwin (many thanks to Dieter Fiebelkorn
(dieter at fiebelkorn.net) who actually started the port and helped
me test this)
- Unscanned ports can now be considered as closed or open (instead of
just open), at user choice
- Upgraded to libtool 1.4.2
- fixed a bug in the client which would make it display the wrong report
when doing multiple scans
- enhanced the plugins filter (that appear when pressing 'l' in the GUI)
- fixed a serious problem in the SMB plugins which would prevent them to work
against Samba and which would make them slow against Windows (pointed out
by Georges Dagousset)
. changes by Iouri Pletnev (Iouri.Pletnec at xacta.com)
- Ported under Cygwin
. changes by Michel Arboi (arboi at algoriel.fr)
- Added nessus-mkrand for hosts with no /dev/random AND no EGD
running
1.1.6 :
. changes by Renaud Deraison (deraison at nessus.org)
- EGD support for OpenSSL (do ./configure --enable-egd=/path/to/egd/socket
in nessus-libraries)
- KB items are now stored with individual dates instead of a global
date for the whole KB file. Yes, this means you have to delete your
old KB files
- When an host could not be pinged, his KB is not altered (nor created)
- fixed memory leaks in nessusd
- nessus-mkcert checks that the certificates were really created
before congratulating the user
- fixed a security problem where anybody with a shell on the nessusd
host could log in
1.1.5 :
. changes by Georges Dagousset (georges.dagousset at alert4web.com) :
- new KB entries for further "optimizations"
- improved find_services.nes
. changes by Renaud Deraison (deraison at nessus.org) :
- cleaned up the KB
- added doc/kb_entries.txt
- bugfix in find_services regarding the pem password
- new reporting GUI
- fixed a problem which would leave some plugin run against a host
considered as dead
- the KB are now stored with properly escaped \n and \r chars
- greatly improved tcp_ping.nasl (and tcp_ping() in libnasl)
. changes by Michel Arboi (arboi at algoriel.fr) :
- replaced PEKS by OpenSSL in the client/server communication
. changes by H D Moore (hdm@secureaustin.com)
- fixed no404.nasl
1.1.4 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed find_services.nes
- plugins that are slow to finish are _really_ killed by the server
- the client better handles the scan of big networks
- nmap_wrapper now updates its progress bar
- nessus-update-plugins support proxies (with or without authentication)
- monitor_backend.c and data_mining.c allow any developer to plug
a database behind the client (by default flatfiles are used)
- bug fixed in nmap_wrapper which would make it kill its parent
process randomly
- minor fix in the tcp_ping() function of NASL (ack would be set
to non-zero for a syn packet)
- fixed Alexis's ftp_write_dirs.nes & ftp_bounce_scan.nes
. changes by Michel Arboi (arboi at noos.fr) :
- find_services accepts password-protected .pem files
- patches in the way files were transmitted between the client
and the server (which could end up in a deadlock)
. changes by Alexis de Bernis <alexisb at tpfh.org) :
- fixed ftp_write_dirs.nes
1.1.3 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'torturecgis.nasl' which supplies bogus args to
the remote CGIs, in order to find the most blantantly broken
ones
- webmirror.nasl now retrieves the list of arguments of each
CGI.
- added filter support in the client. Use the key 'l' to filter
out plugins you don't want to see.
- added the 'safe checks' option which allow the user to not disturb
the network (but which weakens the Nessus tests)
- disabled backward support for port 3001 - the official port
is 1241 now.
1.1.2 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'webmirror.nasl', which extracts the list of
CGIs used by a remote web server (and will do much more).
- fixed a problem in NASL due to the SSL patch that would cause
a fd leak with some plugins.
- added a new plugin category (ACT_DESTRUCTIVE_ATTACK) for plugins
that may harm the remote host.
- SSL certificates & key can be imported
- corrected a bug introduced in 1.1.0 that would make the client not display
the name of the plugin currently being run.
- sending signal SIGUSR1 to nessusd makes the grandfather process (the one
who listens on tcp ports) die without killing its children, thus
allowing a smooth upgrade of nessusd
- updated config.guess and config.sub
1.1.1 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed mem leaks in NASL
- fixed a bug introduced in 1.1.0 regarding recv_line()
- fixed a bug introduced in 1.1.0 in the process management of the plugins
(all the KB would not be filled, resulting in incomplete tests)
- smb_sid2user.nasl is twice as fast ;)
1.1.0 :
. changes by Devin Kowatch (devink at SDSC.EDU) :
- fixed communication problem between client and server
- user-defined timing policy in nmap
- nessus-update-plugins uses wget (or any user-supplied command at
compilation time) if available.
. changes by Michel Arboi (arboi at bigfoot.com) :
- support for the -T option of nmap
- SSL support
. changes by Zorgon (zorgon at antionline.org) :
- support for the --os_guess option of nmap
. changes by Renaud Deraison (deraison at nessus.org) :
- the user can upload files to plugins through the client (ie: it is possible
to upload nmap's results directly to the nmap plugin)
- tests can be run in parallel now
- each user is now granted a home by nessus-adduser
- added nessus-rmuser
- per users plugins
Of course several new plugins were added as well.
2002-05-10 15:18:44 +02:00
|
|
|
lib/nessus/plugins/iis_asp_overflow.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/iis_authentification_manager.nasl
|
2001-01-28 19:52:32 +01:00
|
|
|
lib/nessus/plugins/iis_bdir.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/iis_buffer_overflow.nasl
|
|
|
|
lib/nessus/plugins/iis_crash.nasl
|
2001-06-17 15:25:54 +02:00
|
|
|
lib/nessus/plugins/iis_decode_bug.nasl
|
2000-11-12 05:32:02 +01:00
|
|
|
lib/nessus/plugins/iis_dir_traversal.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/iis_dos_ussrback.nasl
|
2001-01-28 19:52:32 +01:00
|
|
|
lib/nessus/plugins/iis_dot_cnf.nasl
|
2001-08-16 19:27:53 +02:00
|
|
|
lib/nessus/plugins/iis_frag_disclosure.nasl
|
Update libnasl, nessus{-core,-libraries,-plugins} to 1.2.0.
1.1.15/1.2.0 :
. changes by Nicolas Dubee (ndubee@secway.com) :
- Better support for AF_UNIX sockets
. changes by Brian (bmc@snort.org) :
- CVE references
- several bugfixes in the plugins
. changes by Peter Gründl (pgrundl@kpmg.dk) and
Carsten Joergensen (carstenjoergensen@kpmg.dk) :
- Extensive review of the plugins and therefore numerous fixes
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- FD leak in save_kb.c fixed
. changes by Renaud Deraison (deraison at nessus.org)
- It is now possible to upload files to the server when using
the command line client
- lrand48() portability problems worked around
- fixed a bug in the report window that would make it crash
randomly
1.1.14 :
. changes by Renaud Deraison (deraison at nessus.org)
- SMB fixes (thanks to Michael Scheidell)
- When the safe checks option is enabled, dangerous tests with no
alternate code (ie: plugins of type ACT_DESTRUCTIVE_ATTACK and
ACT_DENIAL) are disabled
- Hosts can be designated by their MAC address of instead of their
IP address (mostly useful for DHCP networks)
- Fixed a bug in the report generation which would replace newlines (\n)
by semi-columns (;)
- Fixed a bug in the export of some types of reports, where open ports
with no data associated would not be saved
- Integrated THC's Hydra as a Nessus plugin
- Added new NT security checks (related to user management)
- Plugins of type ACT_SETTINGS can not be disabled
- Fixed a bug which would make nessusd hang when a scanner was reporting
too many open ports (as when a UDP scan reports all UDP ports as
being open)
. changes by Dion Stempfley (dion at riptech.com)
- The client can now filter on category
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- Fixed some plugins causing error messages in some circumstances
(dns_xfer.nasl, snmp_processes.nasl...)
- Stylish changes to prevent gcc -Wall from whining in some files
- XML NG output is now XML compliant
- Bug fixes
. changes by Jenni Scott (jenni.scott@guardent.com) and
Michael Slifcak (michael.slifcak@guardent.com) :
- Improved the reporting of the plugins (better consistency, better
wording)
1.1.13 :
. changes by Michel Arboi (arboi at algoriel.fr)
- New family ACT_SETTINGS dedicated to plugins which just let the user
enter some preferences
- Optional NIDS evasion techniques (url encoding, tcp slicing)
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug in the command line client which would make it ignore
some preferences
- SMB checks can now log into a Windows domain
- NIDS evasion techniques (data injection, short ttl)
- Fixed a bug which would randomly stall the scan
1.1.12 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workarounds on FreeBSD to prevent a kernel panic
(thanks to Michael Scheidell and Stefan Esser)
- nessus can export reports as other file formats again
1.1.11 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug regarding the saving of reports from the GUI
- Improved the backend in many ways (speed-wise, content-wise)
- Changes in the protocol
- More messages are sent between the server and the client (timestamps,
plugins version, ...)
- New .nbe file format, which looks like .nsr but has more information
in it
- Plugins now have versions numbers.
- The user can upload his plugins to the nessusd server from the client
- It is now possible to upload files to the server (ie: nmap's results) in
command-line mode
- Fixed false positives in SNMP plugins when launched against a non-configured
Solaris snmpd
. changes by Guillaume Valadon (guillaume at valadon.net)
- New XML output (the XML layout was defined by Lionel Cons [lionel.cons at cern.ch])
1.1.10 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug introduced in 1.1.9 which would sometimes prevent a user from
aborting an on-going test
- Fixed a bug in the client which would prevent the user from setting a port
range longer than 255 chars
- Fixed bugs in pcap_next() (thanks to Richard van den Berg). Also, pcap_next() is now more flexible.
- Fixed a bug in the command line client which would make it close the
communication too early when the client - server communication is not
ciphered
- Added an "auto-load dependencies at runtime" option
1.1.9 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fix in the GUI, when closing a saved report
- Fixed a bug in ftp_log_in() which would prevent nasl script from
logging into some FTP servers
- Solaris build problems fixed
- Darwin 1.4.1 build problems fixed
- MkLinux DR3 build problems fixed (is anyone using it anymore ?)
- GTK 1.0.x build problems fixed (the use of GTK 1.2 is recommended though)
- Fixed the "wrong call to getopt" problem which would make Nessus
segfault when built with cygwin, and which would prevent options
from working under Solaris & FreeBSD (thanks to Udo Schweigert)
- SMB checks speedup (thanks to Georges Dagousset's suggestion)
- Fixed a bug in the client - server communication that would make the
server close the communication when the client is idle
- Better support for AF_UNIX socket for client-server communication
(compile nessus-core with ./configure --enable-unix-socket)
- Plugins are disabled by default in batch mode
. changes by Michel Arboi (arboi at algoriel.fr)
- Client now properly checks the certificate of the server
. changes by Benoit Brodard (bbrodard at arkoon.net)
- fixed bugs in nasl/tcp.c (checksum, handling of unsigned int)
1.1.8 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workaround for systems with a low number of bpfs (OpenBSD, Darwin)
- Added some length checks for SMB checks
- No more zombies
- Fixed accounts.nes
- Fixed the reporting of the client (reports would be mixed)
- Client removes tempfiles when exiting
- Repaired ptyexecvp() which would not work on Solaris
- Slight bugfix in the NASL interpretor
. changes by Georges Dagousset (georges at alert4web.com)
- More optimizations
- Properly reloads KBs with the same value defined more than once
- Fixes in some plugins dependencies
. changes by Michael Slifcak <Michael.Slifcak at guardent.com>
- More nmap options
- Quiet mode in nessus-adduser
1.1.7 :
. changes by Renaud Deraison (deraison at nessus.org)
- Compiles on platforms without OpenSSL
- Better Solaris support
- Ported under Darwin (many thanks to Dieter Fiebelkorn
(dieter at fiebelkorn.net) who actually started the port and helped
me test this)
- Unscanned ports can now be considered as closed or open (instead of
just open), at user choice
- Upgraded to libtool 1.4.2
- fixed a bug in the client which would make it display the wrong report
when doing multiple scans
- enhanced the plugins filter (that appear when pressing 'l' in the GUI)
- fixed a serious problem in the SMB plugins which would prevent them to work
against Samba and which would make them slow against Windows (pointed out
by Georges Dagousset)
. changes by Iouri Pletnev (Iouri.Pletnec at xacta.com)
- Ported under Cygwin
. changes by Michel Arboi (arboi at algoriel.fr)
- Added nessus-mkrand for hosts with no /dev/random AND no EGD
running
1.1.6 :
. changes by Renaud Deraison (deraison at nessus.org)
- EGD support for OpenSSL (do ./configure --enable-egd=/path/to/egd/socket
in nessus-libraries)
- KB items are now stored with individual dates instead of a global
date for the whole KB file. Yes, this means you have to delete your
old KB files
- When an host could not be pinged, his KB is not altered (nor created)
- fixed memory leaks in nessusd
- nessus-mkcert checks that the certificates were really created
before congratulating the user
- fixed a security problem where anybody with a shell on the nessusd
host could log in
1.1.5 :
. changes by Georges Dagousset (georges.dagousset at alert4web.com) :
- new KB entries for further "optimizations"
- improved find_services.nes
. changes by Renaud Deraison (deraison at nessus.org) :
- cleaned up the KB
- added doc/kb_entries.txt
- bugfix in find_services regarding the pem password
- new reporting GUI
- fixed a problem which would leave some plugin run against a host
considered as dead
- the KB are now stored with properly escaped \n and \r chars
- greatly improved tcp_ping.nasl (and tcp_ping() in libnasl)
. changes by Michel Arboi (arboi at algoriel.fr) :
- replaced PEKS by OpenSSL in the client/server communication
. changes by H D Moore (hdm@secureaustin.com)
- fixed no404.nasl
1.1.4 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed find_services.nes
- plugins that are slow to finish are _really_ killed by the server
- the client better handles the scan of big networks
- nmap_wrapper now updates its progress bar
- nessus-update-plugins support proxies (with or without authentication)
- monitor_backend.c and data_mining.c allow any developer to plug
a database behind the client (by default flatfiles are used)
- bug fixed in nmap_wrapper which would make it kill its parent
process randomly
- minor fix in the tcp_ping() function of NASL (ack would be set
to non-zero for a syn packet)
- fixed Alexis's ftp_write_dirs.nes & ftp_bounce_scan.nes
. changes by Michel Arboi (arboi at noos.fr) :
- find_services accepts password-protected .pem files
- patches in the way files were transmitted between the client
and the server (which could end up in a deadlock)
. changes by Alexis de Bernis <alexisb at tpfh.org) :
- fixed ftp_write_dirs.nes
1.1.3 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'torturecgis.nasl' which supplies bogus args to
the remote CGIs, in order to find the most blantantly broken
ones
- webmirror.nasl now retrieves the list of arguments of each
CGI.
- added filter support in the client. Use the key 'l' to filter
out plugins you don't want to see.
- added the 'safe checks' option which allow the user to not disturb
the network (but which weakens the Nessus tests)
- disabled backward support for port 3001 - the official port
is 1241 now.
1.1.2 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'webmirror.nasl', which extracts the list of
CGIs used by a remote web server (and will do much more).
- fixed a problem in NASL due to the SSL patch that would cause
a fd leak with some plugins.
- added a new plugin category (ACT_DESTRUCTIVE_ATTACK) for plugins
that may harm the remote host.
- SSL certificates & key can be imported
- corrected a bug introduced in 1.1.0 that would make the client not display
the name of the plugin currently being run.
- sending signal SIGUSR1 to nessusd makes the grandfather process (the one
who listens on tcp ports) die without killing its children, thus
allowing a smooth upgrade of nessusd
- updated config.guess and config.sub
1.1.1 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed mem leaks in NASL
- fixed a bug introduced in 1.1.0 regarding recv_line()
- fixed a bug introduced in 1.1.0 in the process management of the plugins
(all the KB would not be filled, resulting in incomplete tests)
- smb_sid2user.nasl is twice as fast ;)
1.1.0 :
. changes by Devin Kowatch (devink at SDSC.EDU) :
- fixed communication problem between client and server
- user-defined timing policy in nmap
- nessus-update-plugins uses wget (or any user-supplied command at
compilation time) if available.
. changes by Michel Arboi (arboi at bigfoot.com) :
- support for the -T option of nmap
- SSL support
. changes by Zorgon (zorgon at antionline.org) :
- support for the --os_guess option of nmap
. changes by Renaud Deraison (deraison at nessus.org) :
- the user can upload files to plugins through the client (ie: it is possible
to upload nmap's results directly to the nmap plugin)
- tests can be run in parallel now
- each user is now granted a home by nessus-adduser
- added nessus-rmuser
- per users plugins
Of course several new plugins were added as well.
2002-05-10 15:18:44 +02:00
|
|
|
lib/nessus/plugins/iis_frontpage_dos.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/iis_ftp_crash.nasl
|
Update libnasl, nessus{-core,-libraries,-plugins} to 1.2.0.
1.1.15/1.2.0 :
. changes by Nicolas Dubee (ndubee@secway.com) :
- Better support for AF_UNIX sockets
. changes by Brian (bmc@snort.org) :
- CVE references
- several bugfixes in the plugins
. changes by Peter Gründl (pgrundl@kpmg.dk) and
Carsten Joergensen (carstenjoergensen@kpmg.dk) :
- Extensive review of the plugins and therefore numerous fixes
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- FD leak in save_kb.c fixed
. changes by Renaud Deraison (deraison at nessus.org)
- It is now possible to upload files to the server when using
the command line client
- lrand48() portability problems worked around
- fixed a bug in the report window that would make it crash
randomly
1.1.14 :
. changes by Renaud Deraison (deraison at nessus.org)
- SMB fixes (thanks to Michael Scheidell)
- When the safe checks option is enabled, dangerous tests with no
alternate code (ie: plugins of type ACT_DESTRUCTIVE_ATTACK and
ACT_DENIAL) are disabled
- Hosts can be designated by their MAC address of instead of their
IP address (mostly useful for DHCP networks)
- Fixed a bug in the report generation which would replace newlines (\n)
by semi-columns (;)
- Fixed a bug in the export of some types of reports, where open ports
with no data associated would not be saved
- Integrated THC's Hydra as a Nessus plugin
- Added new NT security checks (related to user management)
- Plugins of type ACT_SETTINGS can not be disabled
- Fixed a bug which would make nessusd hang when a scanner was reporting
too many open ports (as when a UDP scan reports all UDP ports as
being open)
. changes by Dion Stempfley (dion at riptech.com)
- The client can now filter on category
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- Fixed some plugins causing error messages in some circumstances
(dns_xfer.nasl, snmp_processes.nasl...)
- Stylish changes to prevent gcc -Wall from whining in some files
- XML NG output is now XML compliant
- Bug fixes
. changes by Jenni Scott (jenni.scott@guardent.com) and
Michael Slifcak (michael.slifcak@guardent.com) :
- Improved the reporting of the plugins (better consistency, better
wording)
1.1.13 :
. changes by Michel Arboi (arboi at algoriel.fr)
- New family ACT_SETTINGS dedicated to plugins which just let the user
enter some preferences
- Optional NIDS evasion techniques (url encoding, tcp slicing)
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug in the command line client which would make it ignore
some preferences
- SMB checks can now log into a Windows domain
- NIDS evasion techniques (data injection, short ttl)
- Fixed a bug which would randomly stall the scan
1.1.12 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workarounds on FreeBSD to prevent a kernel panic
(thanks to Michael Scheidell and Stefan Esser)
- nessus can export reports as other file formats again
1.1.11 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug regarding the saving of reports from the GUI
- Improved the backend in many ways (speed-wise, content-wise)
- Changes in the protocol
- More messages are sent between the server and the client (timestamps,
plugins version, ...)
- New .nbe file format, which looks like .nsr but has more information
in it
- Plugins now have versions numbers.
- The user can upload his plugins to the nessusd server from the client
- It is now possible to upload files to the server (ie: nmap's results) in
command-line mode
- Fixed false positives in SNMP plugins when launched against a non-configured
Solaris snmpd
. changes by Guillaume Valadon (guillaume at valadon.net)
- New XML output (the XML layout was defined by Lionel Cons [lionel.cons at cern.ch])
1.1.10 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug introduced in 1.1.9 which would sometimes prevent a user from
aborting an on-going test
- Fixed a bug in the client which would prevent the user from setting a port
range longer than 255 chars
- Fixed bugs in pcap_next() (thanks to Richard van den Berg). Also, pcap_next() is now more flexible.
- Fixed a bug in the command line client which would make it close the
communication too early when the client - server communication is not
ciphered
- Added an "auto-load dependencies at runtime" option
1.1.9 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fix in the GUI, when closing a saved report
- Fixed a bug in ftp_log_in() which would prevent nasl script from
logging into some FTP servers
- Solaris build problems fixed
- Darwin 1.4.1 build problems fixed
- MkLinux DR3 build problems fixed (is anyone using it anymore ?)
- GTK 1.0.x build problems fixed (the use of GTK 1.2 is recommended though)
- Fixed the "wrong call to getopt" problem which would make Nessus
segfault when built with cygwin, and which would prevent options
from working under Solaris & FreeBSD (thanks to Udo Schweigert)
- SMB checks speedup (thanks to Georges Dagousset's suggestion)
- Fixed a bug in the client - server communication that would make the
server close the communication when the client is idle
- Better support for AF_UNIX socket for client-server communication
(compile nessus-core with ./configure --enable-unix-socket)
- Plugins are disabled by default in batch mode
. changes by Michel Arboi (arboi at algoriel.fr)
- Client now properly checks the certificate of the server
. changes by Benoit Brodard (bbrodard at arkoon.net)
- fixed bugs in nasl/tcp.c (checksum, handling of unsigned int)
1.1.8 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workaround for systems with a low number of bpfs (OpenBSD, Darwin)
- Added some length checks for SMB checks
- No more zombies
- Fixed accounts.nes
- Fixed the reporting of the client (reports would be mixed)
- Client removes tempfiles when exiting
- Repaired ptyexecvp() which would not work on Solaris
- Slight bugfix in the NASL interpretor
. changes by Georges Dagousset (georges at alert4web.com)
- More optimizations
- Properly reloads KBs with the same value defined more than once
- Fixes in some plugins dependencies
. changes by Michael Slifcak <Michael.Slifcak at guardent.com>
- More nmap options
- Quiet mode in nessus-adduser
1.1.7 :
. changes by Renaud Deraison (deraison at nessus.org)
- Compiles on platforms without OpenSSL
- Better Solaris support
- Ported under Darwin (many thanks to Dieter Fiebelkorn
(dieter at fiebelkorn.net) who actually started the port and helped
me test this)
- Unscanned ports can now be considered as closed or open (instead of
just open), at user choice
- Upgraded to libtool 1.4.2
- fixed a bug in the client which would make it display the wrong report
when doing multiple scans
- enhanced the plugins filter (that appear when pressing 'l' in the GUI)
- fixed a serious problem in the SMB plugins which would prevent them to work
against Samba and which would make them slow against Windows (pointed out
by Georges Dagousset)
. changes by Iouri Pletnev (Iouri.Pletnec at xacta.com)
- Ported under Cygwin
. changes by Michel Arboi (arboi at algoriel.fr)
- Added nessus-mkrand for hosts with no /dev/random AND no EGD
running
1.1.6 :
. changes by Renaud Deraison (deraison at nessus.org)
- EGD support for OpenSSL (do ./configure --enable-egd=/path/to/egd/socket
in nessus-libraries)
- KB items are now stored with individual dates instead of a global
date for the whole KB file. Yes, this means you have to delete your
old KB files
- When an host could not be pinged, his KB is not altered (nor created)
- fixed memory leaks in nessusd
- nessus-mkcert checks that the certificates were really created
before congratulating the user
- fixed a security problem where anybody with a shell on the nessusd
host could log in
1.1.5 :
. changes by Georges Dagousset (georges.dagousset at alert4web.com) :
- new KB entries for further "optimizations"
- improved find_services.nes
. changes by Renaud Deraison (deraison at nessus.org) :
- cleaned up the KB
- added doc/kb_entries.txt
- bugfix in find_services regarding the pem password
- new reporting GUI
- fixed a problem which would leave some plugin run against a host
considered as dead
- the KB are now stored with properly escaped \n and \r chars
- greatly improved tcp_ping.nasl (and tcp_ping() in libnasl)
. changes by Michel Arboi (arboi at algoriel.fr) :
- replaced PEKS by OpenSSL in the client/server communication
. changes by H D Moore (hdm@secureaustin.com)
- fixed no404.nasl
1.1.4 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed find_services.nes
- plugins that are slow to finish are _really_ killed by the server
- the client better handles the scan of big networks
- nmap_wrapper now updates its progress bar
- nessus-update-plugins support proxies (with or without authentication)
- monitor_backend.c and data_mining.c allow any developer to plug
a database behind the client (by default flatfiles are used)
- bug fixed in nmap_wrapper which would make it kill its parent
process randomly
- minor fix in the tcp_ping() function of NASL (ack would be set
to non-zero for a syn packet)
- fixed Alexis's ftp_write_dirs.nes & ftp_bounce_scan.nes
. changes by Michel Arboi (arboi at noos.fr) :
- find_services accepts password-protected .pem files
- patches in the way files were transmitted between the client
and the server (which could end up in a deadlock)
. changes by Alexis de Bernis <alexisb at tpfh.org) :
- fixed ftp_write_dirs.nes
1.1.3 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'torturecgis.nasl' which supplies bogus args to
the remote CGIs, in order to find the most blantantly broken
ones
- webmirror.nasl now retrieves the list of arguments of each
CGI.
- added filter support in the client. Use the key 'l' to filter
out plugins you don't want to see.
- added the 'safe checks' option which allow the user to not disturb
the network (but which weakens the Nessus tests)
- disabled backward support for port 3001 - the official port
is 1241 now.
1.1.2 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'webmirror.nasl', which extracts the list of
CGIs used by a remote web server (and will do much more).
- fixed a problem in NASL due to the SSL patch that would cause
a fd leak with some plugins.
- added a new plugin category (ACT_DESTRUCTIVE_ATTACK) for plugins
that may harm the remote host.
- SSL certificates & key can be imported
- corrected a bug introduced in 1.1.0 that would make the client not display
the name of the plugin currently being run.
- sending signal SIGUSR1 to nessusd makes the grandfather process (the one
who listens on tcp ports) die without killing its children, thus
allowing a smooth upgrade of nessusd
- updated config.guess and config.sub
1.1.1 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed mem leaks in NASL
- fixed a bug introduced in 1.1.0 regarding recv_line()
- fixed a bug introduced in 1.1.0 in the process management of the plugins
(all the KB would not be filled, resulting in incomplete tests)
- smb_sid2user.nasl is twice as fast ;)
1.1.0 :
. changes by Devin Kowatch (devink at SDSC.EDU) :
- fixed communication problem between client and server
- user-defined timing policy in nmap
- nessus-update-plugins uses wget (or any user-supplied command at
compilation time) if available.
. changes by Michel Arboi (arboi at bigfoot.com) :
- support for the -T option of nmap
- SSL support
. changes by Zorgon (zorgon at antionline.org) :
- support for the --os_guess option of nmap
. changes by Renaud Deraison (deraison at nessus.org) :
- the user can upload files to plugins through the client (ie: it is possible
to upload nmap's results directly to the nmap plugin)
- tests can be run in parallel now
- each user is now granted a home by nessus-adduser
- added nessus-rmuser
- per users plugins
Of course several new plugins were added as well.
2002-05-10 15:18:44 +02:00
|
|
|
lib/nessus/plugins/iis_htr_isapi.nasl
|
2001-08-16 19:27:53 +02:00
|
|
|
lib/nessus/plugins/iis_ida_isapi.nasl
|
|
|
|
lib/nessus/plugins/iis_isapi_overflow.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/iis_malformed_request.nasl
|
2001-12-30 19:38:53 +01:00
|
|
|
lib/nessus/plugins/iis_nat.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/iis_perl_problem.nasl
|
2001-06-17 15:25:54 +02:00
|
|
|
lib/nessus/plugins/iis_propfind2.nasl
|
|
|
|
lib/nessus/plugins/iis_propfind_dos.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/iis_repost_asp.nasl
|
|
|
|
lib/nessus/plugins/iis_samples.nasl
|
|
|
|
lib/nessus/plugins/iis_scripts.nasl
|
2001-01-28 19:52:32 +01:00
|
|
|
lib/nessus/plugins/iis_viewcode.nasl
|
2001-12-30 19:38:53 +01:00
|
|
|
lib/nessus/plugins/iis_webdav_lock_memory_leak.nasl
|
Update libnasl, nessus{-core,-libraries,-plugins} to 1.2.0.
1.1.15/1.2.0 :
. changes by Nicolas Dubee (ndubee@secway.com) :
- Better support for AF_UNIX sockets
. changes by Brian (bmc@snort.org) :
- CVE references
- several bugfixes in the plugins
. changes by Peter Gründl (pgrundl@kpmg.dk) and
Carsten Joergensen (carstenjoergensen@kpmg.dk) :
- Extensive review of the plugins and therefore numerous fixes
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- FD leak in save_kb.c fixed
. changes by Renaud Deraison (deraison at nessus.org)
- It is now possible to upload files to the server when using
the command line client
- lrand48() portability problems worked around
- fixed a bug in the report window that would make it crash
randomly
1.1.14 :
. changes by Renaud Deraison (deraison at nessus.org)
- SMB fixes (thanks to Michael Scheidell)
- When the safe checks option is enabled, dangerous tests with no
alternate code (ie: plugins of type ACT_DESTRUCTIVE_ATTACK and
ACT_DENIAL) are disabled
- Hosts can be designated by their MAC address of instead of their
IP address (mostly useful for DHCP networks)
- Fixed a bug in the report generation which would replace newlines (\n)
by semi-columns (;)
- Fixed a bug in the export of some types of reports, where open ports
with no data associated would not be saved
- Integrated THC's Hydra as a Nessus plugin
- Added new NT security checks (related to user management)
- Plugins of type ACT_SETTINGS can not be disabled
- Fixed a bug which would make nessusd hang when a scanner was reporting
too many open ports (as when a UDP scan reports all UDP ports as
being open)
. changes by Dion Stempfley (dion at riptech.com)
- The client can now filter on category
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- Fixed some plugins causing error messages in some circumstances
(dns_xfer.nasl, snmp_processes.nasl...)
- Stylish changes to prevent gcc -Wall from whining in some files
- XML NG output is now XML compliant
- Bug fixes
. changes by Jenni Scott (jenni.scott@guardent.com) and
Michael Slifcak (michael.slifcak@guardent.com) :
- Improved the reporting of the plugins (better consistency, better
wording)
1.1.13 :
. changes by Michel Arboi (arboi at algoriel.fr)
- New family ACT_SETTINGS dedicated to plugins which just let the user
enter some preferences
- Optional NIDS evasion techniques (url encoding, tcp slicing)
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug in the command line client which would make it ignore
some preferences
- SMB checks can now log into a Windows domain
- NIDS evasion techniques (data injection, short ttl)
- Fixed a bug which would randomly stall the scan
1.1.12 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workarounds on FreeBSD to prevent a kernel panic
(thanks to Michael Scheidell and Stefan Esser)
- nessus can export reports as other file formats again
1.1.11 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug regarding the saving of reports from the GUI
- Improved the backend in many ways (speed-wise, content-wise)
- Changes in the protocol
- More messages are sent between the server and the client (timestamps,
plugins version, ...)
- New .nbe file format, which looks like .nsr but has more information
in it
- Plugins now have versions numbers.
- The user can upload his plugins to the nessusd server from the client
- It is now possible to upload files to the server (ie: nmap's results) in
command-line mode
- Fixed false positives in SNMP plugins when launched against a non-configured
Solaris snmpd
. changes by Guillaume Valadon (guillaume at valadon.net)
- New XML output (the XML layout was defined by Lionel Cons [lionel.cons at cern.ch])
1.1.10 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug introduced in 1.1.9 which would sometimes prevent a user from
aborting an on-going test
- Fixed a bug in the client which would prevent the user from setting a port
range longer than 255 chars
- Fixed bugs in pcap_next() (thanks to Richard van den Berg). Also, pcap_next() is now more flexible.
- Fixed a bug in the command line client which would make it close the
communication too early when the client - server communication is not
ciphered
- Added an "auto-load dependencies at runtime" option
1.1.9 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fix in the GUI, when closing a saved report
- Fixed a bug in ftp_log_in() which would prevent nasl script from
logging into some FTP servers
- Solaris build problems fixed
- Darwin 1.4.1 build problems fixed
- MkLinux DR3 build problems fixed (is anyone using it anymore ?)
- GTK 1.0.x build problems fixed (the use of GTK 1.2 is recommended though)
- Fixed the "wrong call to getopt" problem which would make Nessus
segfault when built with cygwin, and which would prevent options
from working under Solaris & FreeBSD (thanks to Udo Schweigert)
- SMB checks speedup (thanks to Georges Dagousset's suggestion)
- Fixed a bug in the client - server communication that would make the
server close the communication when the client is idle
- Better support for AF_UNIX socket for client-server communication
(compile nessus-core with ./configure --enable-unix-socket)
- Plugins are disabled by default in batch mode
. changes by Michel Arboi (arboi at algoriel.fr)
- Client now properly checks the certificate of the server
. changes by Benoit Brodard (bbrodard at arkoon.net)
- fixed bugs in nasl/tcp.c (checksum, handling of unsigned int)
1.1.8 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workaround for systems with a low number of bpfs (OpenBSD, Darwin)
- Added some length checks for SMB checks
- No more zombies
- Fixed accounts.nes
- Fixed the reporting of the client (reports would be mixed)
- Client removes tempfiles when exiting
- Repaired ptyexecvp() which would not work on Solaris
- Slight bugfix in the NASL interpretor
. changes by Georges Dagousset (georges at alert4web.com)
- More optimizations
- Properly reloads KBs with the same value defined more than once
- Fixes in some plugins dependencies
. changes by Michael Slifcak <Michael.Slifcak at guardent.com>
- More nmap options
- Quiet mode in nessus-adduser
1.1.7 :
. changes by Renaud Deraison (deraison at nessus.org)
- Compiles on platforms without OpenSSL
- Better Solaris support
- Ported under Darwin (many thanks to Dieter Fiebelkorn
(dieter at fiebelkorn.net) who actually started the port and helped
me test this)
- Unscanned ports can now be considered as closed or open (instead of
just open), at user choice
- Upgraded to libtool 1.4.2
- fixed a bug in the client which would make it display the wrong report
when doing multiple scans
- enhanced the plugins filter (that appear when pressing 'l' in the GUI)
- fixed a serious problem in the SMB plugins which would prevent them to work
against Samba and which would make them slow against Windows (pointed out
by Georges Dagousset)
. changes by Iouri Pletnev (Iouri.Pletnec at xacta.com)
- Ported under Cygwin
. changes by Michel Arboi (arboi at algoriel.fr)
- Added nessus-mkrand for hosts with no /dev/random AND no EGD
running
1.1.6 :
. changes by Renaud Deraison (deraison at nessus.org)
- EGD support for OpenSSL (do ./configure --enable-egd=/path/to/egd/socket
in nessus-libraries)
- KB items are now stored with individual dates instead of a global
date for the whole KB file. Yes, this means you have to delete your
old KB files
- When an host could not be pinged, his KB is not altered (nor created)
- fixed memory leaks in nessusd
- nessus-mkcert checks that the certificates were really created
before congratulating the user
- fixed a security problem where anybody with a shell on the nessusd
host could log in
1.1.5 :
. changes by Georges Dagousset (georges.dagousset at alert4web.com) :
- new KB entries for further "optimizations"
- improved find_services.nes
. changes by Renaud Deraison (deraison at nessus.org) :
- cleaned up the KB
- added doc/kb_entries.txt
- bugfix in find_services regarding the pem password
- new reporting GUI
- fixed a problem which would leave some plugin run against a host
considered as dead
- the KB are now stored with properly escaped \n and \r chars
- greatly improved tcp_ping.nasl (and tcp_ping() in libnasl)
. changes by Michel Arboi (arboi at algoriel.fr) :
- replaced PEKS by OpenSSL in the client/server communication
. changes by H D Moore (hdm@secureaustin.com)
- fixed no404.nasl
1.1.4 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed find_services.nes
- plugins that are slow to finish are _really_ killed by the server
- the client better handles the scan of big networks
- nmap_wrapper now updates its progress bar
- nessus-update-plugins support proxies (with or without authentication)
- monitor_backend.c and data_mining.c allow any developer to plug
a database behind the client (by default flatfiles are used)
- bug fixed in nmap_wrapper which would make it kill its parent
process randomly
- minor fix in the tcp_ping() function of NASL (ack would be set
to non-zero for a syn packet)
- fixed Alexis's ftp_write_dirs.nes & ftp_bounce_scan.nes
. changes by Michel Arboi (arboi at noos.fr) :
- find_services accepts password-protected .pem files
- patches in the way files were transmitted between the client
and the server (which could end up in a deadlock)
. changes by Alexis de Bernis <alexisb at tpfh.org) :
- fixed ftp_write_dirs.nes
1.1.3 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'torturecgis.nasl' which supplies bogus args to
the remote CGIs, in order to find the most blantantly broken
ones
- webmirror.nasl now retrieves the list of arguments of each
CGI.
- added filter support in the client. Use the key 'l' to filter
out plugins you don't want to see.
- added the 'safe checks' option which allow the user to not disturb
the network (but which weakens the Nessus tests)
- disabled backward support for port 3001 - the official port
is 1241 now.
1.1.2 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'webmirror.nasl', which extracts the list of
CGIs used by a remote web server (and will do much more).
- fixed a problem in NASL due to the SSL patch that would cause
a fd leak with some plugins.
- added a new plugin category (ACT_DESTRUCTIVE_ATTACK) for plugins
that may harm the remote host.
- SSL certificates & key can be imported
- corrected a bug introduced in 1.1.0 that would make the client not display
the name of the plugin currently being run.
- sending signal SIGUSR1 to nessusd makes the grandfather process (the one
who listens on tcp ports) die without killing its children, thus
allowing a smooth upgrade of nessusd
- updated config.guess and config.sub
1.1.1 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed mem leaks in NASL
- fixed a bug introduced in 1.1.0 regarding recv_line()
- fixed a bug introduced in 1.1.0 in the process management of the plugins
(all the KB would not be filled, resulting in incomplete tests)
- smb_sid2user.nasl is twice as fast ;)
1.1.0 :
. changes by Devin Kowatch (devink at SDSC.EDU) :
- fixed communication problem between client and server
- user-defined timing policy in nmap
- nessus-update-plugins uses wget (or any user-supplied command at
compilation time) if available.
. changes by Michel Arboi (arboi at bigfoot.com) :
- support for the -T option of nmap
- SSL support
. changes by Zorgon (zorgon at antionline.org) :
- support for the --os_guess option of nmap
. changes by Renaud Deraison (deraison at nessus.org) :
- the user can upload files to plugins through the client (ie: it is possible
to upload nmap's results directly to the nmap plugin)
- tests can be run in parallel now
- each user is now granted a home by nessus-adduser
- added nessus-rmuser
- per users plugins
Of course several new plugins were added as well.
2002-05-10 15:18:44 +02:00
|
|
|
lib/nessus/plugins/iis_xss_404.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/iisadmin.nasl
|
|
|
|
lib/nessus/plugins/imagemap.nasl
|
2000-10-15 19:19:49 +02:00
|
|
|
lib/nessus/plugins/imail_host_overflow.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/imail_imapd_overflow.nasl
|
|
|
|
lib/nessus/plugins/imail_imonitor_overflow.nasl
|
2001-06-17 15:25:54 +02:00
|
|
|
lib/nessus/plugins/imap4_rev1_overflow.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/imap_overflow.nasl
|
|
|
|
lib/nessus/plugins/imate_overflow.nasl
|
2001-12-30 19:38:53 +01:00
|
|
|
lib/nessus/plugins/imp_session_hijacking.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/in_fingerd.nasl
|
|
|
|
lib/nessus/plugins/info2www.nasl
|
2001-12-30 19:38:53 +01:00
|
|
|
lib/nessus/plugins/informix_traversal.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/infosrch.nasl
|
|
|
|
lib/nessus/plugins/inn.nasl
|
|
|
|
lib/nessus/plugins/innd_overflow.nasl
|
|
|
|
lib/nessus/plugins/interscan_dos.nasl
|
2001-12-30 19:38:53 +01:00
|
|
|
lib/nessus/plugins/interscan_vw_cgi.nasl
|
2001-01-28 19:52:32 +01:00
|
|
|
lib/nessus/plugins/iplanet_dir_serv.nasl
|
Update libnasl, nessus{-core,-libraries,-plugins} to 1.2.0.
1.1.15/1.2.0 :
. changes by Nicolas Dubee (ndubee@secway.com) :
- Better support for AF_UNIX sockets
. changes by Brian (bmc@snort.org) :
- CVE references
- several bugfixes in the plugins
. changes by Peter Gründl (pgrundl@kpmg.dk) and
Carsten Joergensen (carstenjoergensen@kpmg.dk) :
- Extensive review of the plugins and therefore numerous fixes
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- FD leak in save_kb.c fixed
. changes by Renaud Deraison (deraison at nessus.org)
- It is now possible to upload files to the server when using
the command line client
- lrand48() portability problems worked around
- fixed a bug in the report window that would make it crash
randomly
1.1.14 :
. changes by Renaud Deraison (deraison at nessus.org)
- SMB fixes (thanks to Michael Scheidell)
- When the safe checks option is enabled, dangerous tests with no
alternate code (ie: plugins of type ACT_DESTRUCTIVE_ATTACK and
ACT_DENIAL) are disabled
- Hosts can be designated by their MAC address of instead of their
IP address (mostly useful for DHCP networks)
- Fixed a bug in the report generation which would replace newlines (\n)
by semi-columns (;)
- Fixed a bug in the export of some types of reports, where open ports
with no data associated would not be saved
- Integrated THC's Hydra as a Nessus plugin
- Added new NT security checks (related to user management)
- Plugins of type ACT_SETTINGS can not be disabled
- Fixed a bug which would make nessusd hang when a scanner was reporting
too many open ports (as when a UDP scan reports all UDP ports as
being open)
. changes by Dion Stempfley (dion at riptech.com)
- The client can now filter on category
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- Fixed some plugins causing error messages in some circumstances
(dns_xfer.nasl, snmp_processes.nasl...)
- Stylish changes to prevent gcc -Wall from whining in some files
- XML NG output is now XML compliant
- Bug fixes
. changes by Jenni Scott (jenni.scott@guardent.com) and
Michael Slifcak (michael.slifcak@guardent.com) :
- Improved the reporting of the plugins (better consistency, better
wording)
1.1.13 :
. changes by Michel Arboi (arboi at algoriel.fr)
- New family ACT_SETTINGS dedicated to plugins which just let the user
enter some preferences
- Optional NIDS evasion techniques (url encoding, tcp slicing)
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug in the command line client which would make it ignore
some preferences
- SMB checks can now log into a Windows domain
- NIDS evasion techniques (data injection, short ttl)
- Fixed a bug which would randomly stall the scan
1.1.12 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workarounds on FreeBSD to prevent a kernel panic
(thanks to Michael Scheidell and Stefan Esser)
- nessus can export reports as other file formats again
1.1.11 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug regarding the saving of reports from the GUI
- Improved the backend in many ways (speed-wise, content-wise)
- Changes in the protocol
- More messages are sent between the server and the client (timestamps,
plugins version, ...)
- New .nbe file format, which looks like .nsr but has more information
in it
- Plugins now have versions numbers.
- The user can upload his plugins to the nessusd server from the client
- It is now possible to upload files to the server (ie: nmap's results) in
command-line mode
- Fixed false positives in SNMP plugins when launched against a non-configured
Solaris snmpd
. changes by Guillaume Valadon (guillaume at valadon.net)
- New XML output (the XML layout was defined by Lionel Cons [lionel.cons at cern.ch])
1.1.10 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug introduced in 1.1.9 which would sometimes prevent a user from
aborting an on-going test
- Fixed a bug in the client which would prevent the user from setting a port
range longer than 255 chars
- Fixed bugs in pcap_next() (thanks to Richard van den Berg). Also, pcap_next() is now more flexible.
- Fixed a bug in the command line client which would make it close the
communication too early when the client - server communication is not
ciphered
- Added an "auto-load dependencies at runtime" option
1.1.9 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fix in the GUI, when closing a saved report
- Fixed a bug in ftp_log_in() which would prevent nasl script from
logging into some FTP servers
- Solaris build problems fixed
- Darwin 1.4.1 build problems fixed
- MkLinux DR3 build problems fixed (is anyone using it anymore ?)
- GTK 1.0.x build problems fixed (the use of GTK 1.2 is recommended though)
- Fixed the "wrong call to getopt" problem which would make Nessus
segfault when built with cygwin, and which would prevent options
from working under Solaris & FreeBSD (thanks to Udo Schweigert)
- SMB checks speedup (thanks to Georges Dagousset's suggestion)
- Fixed a bug in the client - server communication that would make the
server close the communication when the client is idle
- Better support for AF_UNIX socket for client-server communication
(compile nessus-core with ./configure --enable-unix-socket)
- Plugins are disabled by default in batch mode
. changes by Michel Arboi (arboi at algoriel.fr)
- Client now properly checks the certificate of the server
. changes by Benoit Brodard (bbrodard at arkoon.net)
- fixed bugs in nasl/tcp.c (checksum, handling of unsigned int)
1.1.8 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workaround for systems with a low number of bpfs (OpenBSD, Darwin)
- Added some length checks for SMB checks
- No more zombies
- Fixed accounts.nes
- Fixed the reporting of the client (reports would be mixed)
- Client removes tempfiles when exiting
- Repaired ptyexecvp() which would not work on Solaris
- Slight bugfix in the NASL interpretor
. changes by Georges Dagousset (georges at alert4web.com)
- More optimizations
- Properly reloads KBs with the same value defined more than once
- Fixes in some plugins dependencies
. changes by Michael Slifcak <Michael.Slifcak at guardent.com>
- More nmap options
- Quiet mode in nessus-adduser
1.1.7 :
. changes by Renaud Deraison (deraison at nessus.org)
- Compiles on platforms without OpenSSL
- Better Solaris support
- Ported under Darwin (many thanks to Dieter Fiebelkorn
(dieter at fiebelkorn.net) who actually started the port and helped
me test this)
- Unscanned ports can now be considered as closed or open (instead of
just open), at user choice
- Upgraded to libtool 1.4.2
- fixed a bug in the client which would make it display the wrong report
when doing multiple scans
- enhanced the plugins filter (that appear when pressing 'l' in the GUI)
- fixed a serious problem in the SMB plugins which would prevent them to work
against Samba and which would make them slow against Windows (pointed out
by Georges Dagousset)
. changes by Iouri Pletnev (Iouri.Pletnec at xacta.com)
- Ported under Cygwin
. changes by Michel Arboi (arboi at algoriel.fr)
- Added nessus-mkrand for hosts with no /dev/random AND no EGD
running
1.1.6 :
. changes by Renaud Deraison (deraison at nessus.org)
- EGD support for OpenSSL (do ./configure --enable-egd=/path/to/egd/socket
in nessus-libraries)
- KB items are now stored with individual dates instead of a global
date for the whole KB file. Yes, this means you have to delete your
old KB files
- When an host could not be pinged, his KB is not altered (nor created)
- fixed memory leaks in nessusd
- nessus-mkcert checks that the certificates were really created
before congratulating the user
- fixed a security problem where anybody with a shell on the nessusd
host could log in
1.1.5 :
. changes by Georges Dagousset (georges.dagousset at alert4web.com) :
- new KB entries for further "optimizations"
- improved find_services.nes
. changes by Renaud Deraison (deraison at nessus.org) :
- cleaned up the KB
- added doc/kb_entries.txt
- bugfix in find_services regarding the pem password
- new reporting GUI
- fixed a problem which would leave some plugin run against a host
considered as dead
- the KB are now stored with properly escaped \n and \r chars
- greatly improved tcp_ping.nasl (and tcp_ping() in libnasl)
. changes by Michel Arboi (arboi at algoriel.fr) :
- replaced PEKS by OpenSSL in the client/server communication
. changes by H D Moore (hdm@secureaustin.com)
- fixed no404.nasl
1.1.4 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed find_services.nes
- plugins that are slow to finish are _really_ killed by the server
- the client better handles the scan of big networks
- nmap_wrapper now updates its progress bar
- nessus-update-plugins support proxies (with or without authentication)
- monitor_backend.c and data_mining.c allow any developer to plug
a database behind the client (by default flatfiles are used)
- bug fixed in nmap_wrapper which would make it kill its parent
process randomly
- minor fix in the tcp_ping() function of NASL (ack would be set
to non-zero for a syn packet)
- fixed Alexis's ftp_write_dirs.nes & ftp_bounce_scan.nes
. changes by Michel Arboi (arboi at noos.fr) :
- find_services accepts password-protected .pem files
- patches in the way files were transmitted between the client
and the server (which could end up in a deadlock)
. changes by Alexis de Bernis <alexisb at tpfh.org) :
- fixed ftp_write_dirs.nes
1.1.3 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'torturecgis.nasl' which supplies bogus args to
the remote CGIs, in order to find the most blantantly broken
ones
- webmirror.nasl now retrieves the list of arguments of each
CGI.
- added filter support in the client. Use the key 'l' to filter
out plugins you don't want to see.
- added the 'safe checks' option which allow the user to not disturb
the network (but which weakens the Nessus tests)
- disabled backward support for port 3001 - the official port
is 1241 now.
1.1.2 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'webmirror.nasl', which extracts the list of
CGIs used by a remote web server (and will do much more).
- fixed a problem in NASL due to the SSL patch that would cause
a fd leak with some plugins.
- added a new plugin category (ACT_DESTRUCTIVE_ATTACK) for plugins
that may harm the remote host.
- SSL certificates & key can be imported
- corrected a bug introduced in 1.1.0 that would make the client not display
the name of the plugin currently being run.
- sending signal SIGUSR1 to nessusd makes the grandfather process (the one
who listens on tcp ports) die without killing its children, thus
allowing a smooth upgrade of nessusd
- updated config.guess and config.sub
1.1.1 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed mem leaks in NASL
- fixed a bug introduced in 1.1.0 regarding recv_line()
- fixed a bug introduced in 1.1.0 in the process management of the plugins
(all the KB would not be filled, resulting in incomplete tests)
- smb_sid2user.nasl is twice as fast ;)
1.1.0 :
. changes by Devin Kowatch (devink at SDSC.EDU) :
- fixed communication problem between client and server
- user-defined timing policy in nmap
- nessus-update-plugins uses wget (or any user-supplied command at
compilation time) if available.
. changes by Michel Arboi (arboi at bigfoot.com) :
- support for the -T option of nmap
- SSL support
. changes by Zorgon (zorgon at antionline.org) :
- support for the --os_guess option of nmap
. changes by Renaud Deraison (deraison at nessus.org) :
- the user can upload files to plugins through the client (ie: it is possible
to upload nmap's results directly to the nmap plugin)
- tests can be run in parallel now
- each user is now granted a home by nessus-adduser
- added nessus-rmuser
- per users plugins
Of course several new plugins were added as well.
2002-05-10 15:18:44 +02:00
|
|
|
lib/nessus/plugins/iplanet_traversal.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/ipop2d.nasl
|
2000-08-04 01:09:21 +02:00
|
|
|
lib/nessus/plugins/ipop2d_readfiles.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/ithousemail_bof.nasl
|
2000-11-12 05:32:02 +01:00
|
|
|
lib/nessus/plugins/iws_shtml.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/jj.nasl
|
|
|
|
lib/nessus/plugins/jrun.nasl
|
2001-06-17 15:25:54 +02:00
|
|
|
lib/nessus/plugins/jrun_dir_listing.nasl
|
2001-12-30 19:38:53 +01:00
|
|
|
lib/nessus/plugins/jrun_getdir.nasl
|
Update libnasl, nessus{-core,-libraries,-plugins} to 1.2.0.
1.1.15/1.2.0 :
. changes by Nicolas Dubee (ndubee@secway.com) :
- Better support for AF_UNIX sockets
. changes by Brian (bmc@snort.org) :
- CVE references
- several bugfixes in the plugins
. changes by Peter Gründl (pgrundl@kpmg.dk) and
Carsten Joergensen (carstenjoergensen@kpmg.dk) :
- Extensive review of the plugins and therefore numerous fixes
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- FD leak in save_kb.c fixed
. changes by Renaud Deraison (deraison at nessus.org)
- It is now possible to upload files to the server when using
the command line client
- lrand48() portability problems worked around
- fixed a bug in the report window that would make it crash
randomly
1.1.14 :
. changes by Renaud Deraison (deraison at nessus.org)
- SMB fixes (thanks to Michael Scheidell)
- When the safe checks option is enabled, dangerous tests with no
alternate code (ie: plugins of type ACT_DESTRUCTIVE_ATTACK and
ACT_DENIAL) are disabled
- Hosts can be designated by their MAC address of instead of their
IP address (mostly useful for DHCP networks)
- Fixed a bug in the report generation which would replace newlines (\n)
by semi-columns (;)
- Fixed a bug in the export of some types of reports, where open ports
with no data associated would not be saved
- Integrated THC's Hydra as a Nessus plugin
- Added new NT security checks (related to user management)
- Plugins of type ACT_SETTINGS can not be disabled
- Fixed a bug which would make nessusd hang when a scanner was reporting
too many open ports (as when a UDP scan reports all UDP ports as
being open)
. changes by Dion Stempfley (dion at riptech.com)
- The client can now filter on category
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- Fixed some plugins causing error messages in some circumstances
(dns_xfer.nasl, snmp_processes.nasl...)
- Stylish changes to prevent gcc -Wall from whining in some files
- XML NG output is now XML compliant
- Bug fixes
. changes by Jenni Scott (jenni.scott@guardent.com) and
Michael Slifcak (michael.slifcak@guardent.com) :
- Improved the reporting of the plugins (better consistency, better
wording)
1.1.13 :
. changes by Michel Arboi (arboi at algoriel.fr)
- New family ACT_SETTINGS dedicated to plugins which just let the user
enter some preferences
- Optional NIDS evasion techniques (url encoding, tcp slicing)
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug in the command line client which would make it ignore
some preferences
- SMB checks can now log into a Windows domain
- NIDS evasion techniques (data injection, short ttl)
- Fixed a bug which would randomly stall the scan
1.1.12 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workarounds on FreeBSD to prevent a kernel panic
(thanks to Michael Scheidell and Stefan Esser)
- nessus can export reports as other file formats again
1.1.11 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug regarding the saving of reports from the GUI
- Improved the backend in many ways (speed-wise, content-wise)
- Changes in the protocol
- More messages are sent between the server and the client (timestamps,
plugins version, ...)
- New .nbe file format, which looks like .nsr but has more information
in it
- Plugins now have versions numbers.
- The user can upload his plugins to the nessusd server from the client
- It is now possible to upload files to the server (ie: nmap's results) in
command-line mode
- Fixed false positives in SNMP plugins when launched against a non-configured
Solaris snmpd
. changes by Guillaume Valadon (guillaume at valadon.net)
- New XML output (the XML layout was defined by Lionel Cons [lionel.cons at cern.ch])
1.1.10 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug introduced in 1.1.9 which would sometimes prevent a user from
aborting an on-going test
- Fixed a bug in the client which would prevent the user from setting a port
range longer than 255 chars
- Fixed bugs in pcap_next() (thanks to Richard van den Berg). Also, pcap_next() is now more flexible.
- Fixed a bug in the command line client which would make it close the
communication too early when the client - server communication is not
ciphered
- Added an "auto-load dependencies at runtime" option
1.1.9 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fix in the GUI, when closing a saved report
- Fixed a bug in ftp_log_in() which would prevent nasl script from
logging into some FTP servers
- Solaris build problems fixed
- Darwin 1.4.1 build problems fixed
- MkLinux DR3 build problems fixed (is anyone using it anymore ?)
- GTK 1.0.x build problems fixed (the use of GTK 1.2 is recommended though)
- Fixed the "wrong call to getopt" problem which would make Nessus
segfault when built with cygwin, and which would prevent options
from working under Solaris & FreeBSD (thanks to Udo Schweigert)
- SMB checks speedup (thanks to Georges Dagousset's suggestion)
- Fixed a bug in the client - server communication that would make the
server close the communication when the client is idle
- Better support for AF_UNIX socket for client-server communication
(compile nessus-core with ./configure --enable-unix-socket)
- Plugins are disabled by default in batch mode
. changes by Michel Arboi (arboi at algoriel.fr)
- Client now properly checks the certificate of the server
. changes by Benoit Brodard (bbrodard at arkoon.net)
- fixed bugs in nasl/tcp.c (checksum, handling of unsigned int)
1.1.8 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workaround for systems with a low number of bpfs (OpenBSD, Darwin)
- Added some length checks for SMB checks
- No more zombies
- Fixed accounts.nes
- Fixed the reporting of the client (reports would be mixed)
- Client removes tempfiles when exiting
- Repaired ptyexecvp() which would not work on Solaris
- Slight bugfix in the NASL interpretor
. changes by Georges Dagousset (georges at alert4web.com)
- More optimizations
- Properly reloads KBs with the same value defined more than once
- Fixes in some plugins dependencies
. changes by Michael Slifcak <Michael.Slifcak at guardent.com>
- More nmap options
- Quiet mode in nessus-adduser
1.1.7 :
. changes by Renaud Deraison (deraison at nessus.org)
- Compiles on platforms without OpenSSL
- Better Solaris support
- Ported under Darwin (many thanks to Dieter Fiebelkorn
(dieter at fiebelkorn.net) who actually started the port and helped
me test this)
- Unscanned ports can now be considered as closed or open (instead of
just open), at user choice
- Upgraded to libtool 1.4.2
- fixed a bug in the client which would make it display the wrong report
when doing multiple scans
- enhanced the plugins filter (that appear when pressing 'l' in the GUI)
- fixed a serious problem in the SMB plugins which would prevent them to work
against Samba and which would make them slow against Windows (pointed out
by Georges Dagousset)
. changes by Iouri Pletnev (Iouri.Pletnec at xacta.com)
- Ported under Cygwin
. changes by Michel Arboi (arboi at algoriel.fr)
- Added nessus-mkrand for hosts with no /dev/random AND no EGD
running
1.1.6 :
. changes by Renaud Deraison (deraison at nessus.org)
- EGD support for OpenSSL (do ./configure --enable-egd=/path/to/egd/socket
in nessus-libraries)
- KB items are now stored with individual dates instead of a global
date for the whole KB file. Yes, this means you have to delete your
old KB files
- When an host could not be pinged, his KB is not altered (nor created)
- fixed memory leaks in nessusd
- nessus-mkcert checks that the certificates were really created
before congratulating the user
- fixed a security problem where anybody with a shell on the nessusd
host could log in
1.1.5 :
. changes by Georges Dagousset (georges.dagousset at alert4web.com) :
- new KB entries for further "optimizations"
- improved find_services.nes
. changes by Renaud Deraison (deraison at nessus.org) :
- cleaned up the KB
- added doc/kb_entries.txt
- bugfix in find_services regarding the pem password
- new reporting GUI
- fixed a problem which would leave some plugin run against a host
considered as dead
- the KB are now stored with properly escaped \n and \r chars
- greatly improved tcp_ping.nasl (and tcp_ping() in libnasl)
. changes by Michel Arboi (arboi at algoriel.fr) :
- replaced PEKS by OpenSSL in the client/server communication
. changes by H D Moore (hdm@secureaustin.com)
- fixed no404.nasl
1.1.4 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed find_services.nes
- plugins that are slow to finish are _really_ killed by the server
- the client better handles the scan of big networks
- nmap_wrapper now updates its progress bar
- nessus-update-plugins support proxies (with or without authentication)
- monitor_backend.c and data_mining.c allow any developer to plug
a database behind the client (by default flatfiles are used)
- bug fixed in nmap_wrapper which would make it kill its parent
process randomly
- minor fix in the tcp_ping() function of NASL (ack would be set
to non-zero for a syn packet)
- fixed Alexis's ftp_write_dirs.nes & ftp_bounce_scan.nes
. changes by Michel Arboi (arboi at noos.fr) :
- find_services accepts password-protected .pem files
- patches in the way files were transmitted between the client
and the server (which could end up in a deadlock)
. changes by Alexis de Bernis <alexisb at tpfh.org) :
- fixed ftp_write_dirs.nes
1.1.3 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'torturecgis.nasl' which supplies bogus args to
the remote CGIs, in order to find the most blantantly broken
ones
- webmirror.nasl now retrieves the list of arguments of each
CGI.
- added filter support in the client. Use the key 'l' to filter
out plugins you don't want to see.
- added the 'safe checks' option which allow the user to not disturb
the network (but which weakens the Nessus tests)
- disabled backward support for port 3001 - the official port
is 1241 now.
1.1.2 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'webmirror.nasl', which extracts the list of
CGIs used by a remote web server (and will do much more).
- fixed a problem in NASL due to the SSL patch that would cause
a fd leak with some plugins.
- added a new plugin category (ACT_DESTRUCTIVE_ATTACK) for plugins
that may harm the remote host.
- SSL certificates & key can be imported
- corrected a bug introduced in 1.1.0 that would make the client not display
the name of the plugin currently being run.
- sending signal SIGUSR1 to nessusd makes the grandfather process (the one
who listens on tcp ports) die without killing its children, thus
allowing a smooth upgrade of nessusd
- updated config.guess and config.sub
1.1.1 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed mem leaks in NASL
- fixed a bug introduced in 1.1.0 regarding recv_line()
- fixed a bug introduced in 1.1.0 in the process management of the plugins
(all the KB would not be filled, resulting in incomplete tests)
- smb_sid2user.nasl is twice as fast ;)
1.1.0 :
. changes by Devin Kowatch (devink at SDSC.EDU) :
- fixed communication problem between client and server
- user-defined timing policy in nmap
- nessus-update-plugins uses wget (or any user-supplied command at
compilation time) if available.
. changes by Michel Arboi (arboi at bigfoot.com) :
- support for the -T option of nmap
- SSL support
. changes by Zorgon (zorgon at antionline.org) :
- support for the --os_guess option of nmap
. changes by Renaud Deraison (deraison at nessus.org) :
- the user can upload files to plugins through the client (ie: it is possible
to upload nmap's results directly to the nmap plugin)
- tests can be run in parallel now
- each user is now granted a home by nessus-adduser
- added nessus-rmuser
- per users plugins
Of course several new plugins were added as well.
2002-05-10 15:18:44 +02:00
|
|
|
lib/nessus/plugins/jserv_execute.nasl
|
2001-12-30 19:38:53 +01:00
|
|
|
lib/nessus/plugins/kazaa_morpheus_detect.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/ken_segfault.nasl
|
|
|
|
lib/nessus/plugins/kerberos_overflow.nasl
|
2001-06-17 15:25:54 +02:00
|
|
|
lib/nessus/plugins/krb_pingpong.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/kuang2_the_virus.nasl
|
2000-11-12 05:32:02 +01:00
|
|
|
lib/nessus/plugins/kw_whois.nasl
|
2001-12-30 19:38:53 +01:00
|
|
|
lib/nessus/plugins/labrea.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/land.nasl
|
|
|
|
lib/nessus/plugins/lcdproc_buffer_overflow.nasl
|
|
|
|
lib/nessus/plugins/lcdproc_detect.nasl
|
2001-12-30 19:38:53 +01:00
|
|
|
lib/nessus/plugins/ldap_null_base.nasl
|
|
|
|
lib/nessus/plugins/ldap_null_bind.nasl
|
|
|
|
lib/nessus/plugins/libgtop_daemon.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/linux_tftp.nes
|
|
|
|
lib/nessus/plugins/linux_zero_len_fragment.nasl
|
|
|
|
lib/nessus/plugins/linuxconf_detect.nasl
|
2001-06-17 15:25:54 +02:00
|
|
|
lib/nessus/plugins/lion.nasl
|
2001-12-30 19:38:53 +01:00
|
|
|
lib/nessus/plugins/listrec.nasl
|
Update libnasl, nessus{-core,-libraries,-plugins} to 1.2.0.
1.1.15/1.2.0 :
. changes by Nicolas Dubee (ndubee@secway.com) :
- Better support for AF_UNIX sockets
. changes by Brian (bmc@snort.org) :
- CVE references
- several bugfixes in the plugins
. changes by Peter Gründl (pgrundl@kpmg.dk) and
Carsten Joergensen (carstenjoergensen@kpmg.dk) :
- Extensive review of the plugins and therefore numerous fixes
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- FD leak in save_kb.c fixed
. changes by Renaud Deraison (deraison at nessus.org)
- It is now possible to upload files to the server when using
the command line client
- lrand48() portability problems worked around
- fixed a bug in the report window that would make it crash
randomly
1.1.14 :
. changes by Renaud Deraison (deraison at nessus.org)
- SMB fixes (thanks to Michael Scheidell)
- When the safe checks option is enabled, dangerous tests with no
alternate code (ie: plugins of type ACT_DESTRUCTIVE_ATTACK and
ACT_DENIAL) are disabled
- Hosts can be designated by their MAC address of instead of their
IP address (mostly useful for DHCP networks)
- Fixed a bug in the report generation which would replace newlines (\n)
by semi-columns (;)
- Fixed a bug in the export of some types of reports, where open ports
with no data associated would not be saved
- Integrated THC's Hydra as a Nessus plugin
- Added new NT security checks (related to user management)
- Plugins of type ACT_SETTINGS can not be disabled
- Fixed a bug which would make nessusd hang when a scanner was reporting
too many open ports (as when a UDP scan reports all UDP ports as
being open)
. changes by Dion Stempfley (dion at riptech.com)
- The client can now filter on category
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- Fixed some plugins causing error messages in some circumstances
(dns_xfer.nasl, snmp_processes.nasl...)
- Stylish changes to prevent gcc -Wall from whining in some files
- XML NG output is now XML compliant
- Bug fixes
. changes by Jenni Scott (jenni.scott@guardent.com) and
Michael Slifcak (michael.slifcak@guardent.com) :
- Improved the reporting of the plugins (better consistency, better
wording)
1.1.13 :
. changes by Michel Arboi (arboi at algoriel.fr)
- New family ACT_SETTINGS dedicated to plugins which just let the user
enter some preferences
- Optional NIDS evasion techniques (url encoding, tcp slicing)
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug in the command line client which would make it ignore
some preferences
- SMB checks can now log into a Windows domain
- NIDS evasion techniques (data injection, short ttl)
- Fixed a bug which would randomly stall the scan
1.1.12 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workarounds on FreeBSD to prevent a kernel panic
(thanks to Michael Scheidell and Stefan Esser)
- nessus can export reports as other file formats again
1.1.11 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug regarding the saving of reports from the GUI
- Improved the backend in many ways (speed-wise, content-wise)
- Changes in the protocol
- More messages are sent between the server and the client (timestamps,
plugins version, ...)
- New .nbe file format, which looks like .nsr but has more information
in it
- Plugins now have versions numbers.
- The user can upload his plugins to the nessusd server from the client
- It is now possible to upload files to the server (ie: nmap's results) in
command-line mode
- Fixed false positives in SNMP plugins when launched against a non-configured
Solaris snmpd
. changes by Guillaume Valadon (guillaume at valadon.net)
- New XML output (the XML layout was defined by Lionel Cons [lionel.cons at cern.ch])
1.1.10 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug introduced in 1.1.9 which would sometimes prevent a user from
aborting an on-going test
- Fixed a bug in the client which would prevent the user from setting a port
range longer than 255 chars
- Fixed bugs in pcap_next() (thanks to Richard van den Berg). Also, pcap_next() is now more flexible.
- Fixed a bug in the command line client which would make it close the
communication too early when the client - server communication is not
ciphered
- Added an "auto-load dependencies at runtime" option
1.1.9 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fix in the GUI, when closing a saved report
- Fixed a bug in ftp_log_in() which would prevent nasl script from
logging into some FTP servers
- Solaris build problems fixed
- Darwin 1.4.1 build problems fixed
- MkLinux DR3 build problems fixed (is anyone using it anymore ?)
- GTK 1.0.x build problems fixed (the use of GTK 1.2 is recommended though)
- Fixed the "wrong call to getopt" problem which would make Nessus
segfault when built with cygwin, and which would prevent options
from working under Solaris & FreeBSD (thanks to Udo Schweigert)
- SMB checks speedup (thanks to Georges Dagousset's suggestion)
- Fixed a bug in the client - server communication that would make the
server close the communication when the client is idle
- Better support for AF_UNIX socket for client-server communication
(compile nessus-core with ./configure --enable-unix-socket)
- Plugins are disabled by default in batch mode
. changes by Michel Arboi (arboi at algoriel.fr)
- Client now properly checks the certificate of the server
. changes by Benoit Brodard (bbrodard at arkoon.net)
- fixed bugs in nasl/tcp.c (checksum, handling of unsigned int)
1.1.8 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workaround for systems with a low number of bpfs (OpenBSD, Darwin)
- Added some length checks for SMB checks
- No more zombies
- Fixed accounts.nes
- Fixed the reporting of the client (reports would be mixed)
- Client removes tempfiles when exiting
- Repaired ptyexecvp() which would not work on Solaris
- Slight bugfix in the NASL interpretor
. changes by Georges Dagousset (georges at alert4web.com)
- More optimizations
- Properly reloads KBs with the same value defined more than once
- Fixes in some plugins dependencies
. changes by Michael Slifcak <Michael.Slifcak at guardent.com>
- More nmap options
- Quiet mode in nessus-adduser
1.1.7 :
. changes by Renaud Deraison (deraison at nessus.org)
- Compiles on platforms without OpenSSL
- Better Solaris support
- Ported under Darwin (many thanks to Dieter Fiebelkorn
(dieter at fiebelkorn.net) who actually started the port and helped
me test this)
- Unscanned ports can now be considered as closed or open (instead of
just open), at user choice
- Upgraded to libtool 1.4.2
- fixed a bug in the client which would make it display the wrong report
when doing multiple scans
- enhanced the plugins filter (that appear when pressing 'l' in the GUI)
- fixed a serious problem in the SMB plugins which would prevent them to work
against Samba and which would make them slow against Windows (pointed out
by Georges Dagousset)
. changes by Iouri Pletnev (Iouri.Pletnec at xacta.com)
- Ported under Cygwin
. changes by Michel Arboi (arboi at algoriel.fr)
- Added nessus-mkrand for hosts with no /dev/random AND no EGD
running
1.1.6 :
. changes by Renaud Deraison (deraison at nessus.org)
- EGD support for OpenSSL (do ./configure --enable-egd=/path/to/egd/socket
in nessus-libraries)
- KB items are now stored with individual dates instead of a global
date for the whole KB file. Yes, this means you have to delete your
old KB files
- When an host could not be pinged, his KB is not altered (nor created)
- fixed memory leaks in nessusd
- nessus-mkcert checks that the certificates were really created
before congratulating the user
- fixed a security problem where anybody with a shell on the nessusd
host could log in
1.1.5 :
. changes by Georges Dagousset (georges.dagousset at alert4web.com) :
- new KB entries for further "optimizations"
- improved find_services.nes
. changes by Renaud Deraison (deraison at nessus.org) :
- cleaned up the KB
- added doc/kb_entries.txt
- bugfix in find_services regarding the pem password
- new reporting GUI
- fixed a problem which would leave some plugin run against a host
considered as dead
- the KB are now stored with properly escaped \n and \r chars
- greatly improved tcp_ping.nasl (and tcp_ping() in libnasl)
. changes by Michel Arboi (arboi at algoriel.fr) :
- replaced PEKS by OpenSSL in the client/server communication
. changes by H D Moore (hdm@secureaustin.com)
- fixed no404.nasl
1.1.4 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed find_services.nes
- plugins that are slow to finish are _really_ killed by the server
- the client better handles the scan of big networks
- nmap_wrapper now updates its progress bar
- nessus-update-plugins support proxies (with or without authentication)
- monitor_backend.c and data_mining.c allow any developer to plug
a database behind the client (by default flatfiles are used)
- bug fixed in nmap_wrapper which would make it kill its parent
process randomly
- minor fix in the tcp_ping() function of NASL (ack would be set
to non-zero for a syn packet)
- fixed Alexis's ftp_write_dirs.nes & ftp_bounce_scan.nes
. changes by Michel Arboi (arboi at noos.fr) :
- find_services accepts password-protected .pem files
- patches in the way files were transmitted between the client
and the server (which could end up in a deadlock)
. changes by Alexis de Bernis <alexisb at tpfh.org) :
- fixed ftp_write_dirs.nes
1.1.3 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'torturecgis.nasl' which supplies bogus args to
the remote CGIs, in order to find the most blantantly broken
ones
- webmirror.nasl now retrieves the list of arguments of each
CGI.
- added filter support in the client. Use the key 'l' to filter
out plugins you don't want to see.
- added the 'safe checks' option which allow the user to not disturb
the network (but which weakens the Nessus tests)
- disabled backward support for port 3001 - the official port
is 1241 now.
1.1.2 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'webmirror.nasl', which extracts the list of
CGIs used by a remote web server (and will do much more).
- fixed a problem in NASL due to the SSL patch that would cause
a fd leak with some plugins.
- added a new plugin category (ACT_DESTRUCTIVE_ATTACK) for plugins
that may harm the remote host.
- SSL certificates & key can be imported
- corrected a bug introduced in 1.1.0 that would make the client not display
the name of the plugin currently being run.
- sending signal SIGUSR1 to nessusd makes the grandfather process (the one
who listens on tcp ports) die without killing its children, thus
allowing a smooth upgrade of nessusd
- updated config.guess and config.sub
1.1.1 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed mem leaks in NASL
- fixed a bug introduced in 1.1.0 regarding recv_line()
- fixed a bug introduced in 1.1.0 in the process management of the plugins
(all the KB would not be filled, resulting in incomplete tests)
- smb_sid2user.nasl is twice as fast ;)
1.1.0 :
. changes by Devin Kowatch (devink at SDSC.EDU) :
- fixed communication problem between client and server
- user-defined timing policy in nmap
- nessus-update-plugins uses wget (or any user-supplied command at
compilation time) if available.
. changes by Michel Arboi (arboi at bigfoot.com) :
- support for the -T option of nmap
- SSL support
. changes by Zorgon (zorgon at antionline.org) :
- support for the --os_guess option of nmap
. changes by Renaud Deraison (deraison at nessus.org) :
- the user can upload files to plugins through the client (ie: it is possible
to upload nmap's results directly to the nmap plugin)
- tests can be run in parallel now
- each user is now granted a home by nessus-adduser
- added nessus-rmuser
- per users plugins
Of course several new plugins were added as well.
2002-05-10 15:18:44 +02:00
|
|
|
lib/nessus/plugins/logins.nasl
|
2001-01-28 19:52:32 +01:00
|
|
|
lib/nessus/plugins/lotus_envid.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/lotus_esmtp_overflow.nasl
|
2001-12-30 19:38:53 +01:00
|
|
|
lib/nessus/plugins/lotus_notes_openserver_disclosure.nasl
|
|
|
|
lib/nessus/plugins/lpd_overflow.nasl
|
2001-01-28 19:52:32 +01:00
|
|
|
lib/nessus/plugins/mailman_webmail.nasl
|
2001-06-17 15:25:54 +02:00
|
|
|
lib/nessus/plugins/mailnews.nasl
|
|
|
|
lib/nessus/plugins/marconi_dos.nasl
|
2001-01-28 19:52:32 +01:00
|
|
|
lib/nessus/plugins/master_index_search.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/mdaemon.nasl
|
|
|
|
lib/nessus/plugins/mdaemon_dos.nasl
|
|
|
|
lib/nessus/plugins/mdaemon_webconfig.nasl
|
|
|
|
lib/nessus/plugins/mdaemon_worldclient.nasl
|
Update libnasl, nessus{-core,-libraries,-plugins} to 1.2.0.
1.1.15/1.2.0 :
. changes by Nicolas Dubee (ndubee@secway.com) :
- Better support for AF_UNIX sockets
. changes by Brian (bmc@snort.org) :
- CVE references
- several bugfixes in the plugins
. changes by Peter Gründl (pgrundl@kpmg.dk) and
Carsten Joergensen (carstenjoergensen@kpmg.dk) :
- Extensive review of the plugins and therefore numerous fixes
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- FD leak in save_kb.c fixed
. changes by Renaud Deraison (deraison at nessus.org)
- It is now possible to upload files to the server when using
the command line client
- lrand48() portability problems worked around
- fixed a bug in the report window that would make it crash
randomly
1.1.14 :
. changes by Renaud Deraison (deraison at nessus.org)
- SMB fixes (thanks to Michael Scheidell)
- When the safe checks option is enabled, dangerous tests with no
alternate code (ie: plugins of type ACT_DESTRUCTIVE_ATTACK and
ACT_DENIAL) are disabled
- Hosts can be designated by their MAC address of instead of their
IP address (mostly useful for DHCP networks)
- Fixed a bug in the report generation which would replace newlines (\n)
by semi-columns (;)
- Fixed a bug in the export of some types of reports, where open ports
with no data associated would not be saved
- Integrated THC's Hydra as a Nessus plugin
- Added new NT security checks (related to user management)
- Plugins of type ACT_SETTINGS can not be disabled
- Fixed a bug which would make nessusd hang when a scanner was reporting
too many open ports (as when a UDP scan reports all UDP ports as
being open)
. changes by Dion Stempfley (dion at riptech.com)
- The client can now filter on category
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- Fixed some plugins causing error messages in some circumstances
(dns_xfer.nasl, snmp_processes.nasl...)
- Stylish changes to prevent gcc -Wall from whining in some files
- XML NG output is now XML compliant
- Bug fixes
. changes by Jenni Scott (jenni.scott@guardent.com) and
Michael Slifcak (michael.slifcak@guardent.com) :
- Improved the reporting of the plugins (better consistency, better
wording)
1.1.13 :
. changes by Michel Arboi (arboi at algoriel.fr)
- New family ACT_SETTINGS dedicated to plugins which just let the user
enter some preferences
- Optional NIDS evasion techniques (url encoding, tcp slicing)
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug in the command line client which would make it ignore
some preferences
- SMB checks can now log into a Windows domain
- NIDS evasion techniques (data injection, short ttl)
- Fixed a bug which would randomly stall the scan
1.1.12 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workarounds on FreeBSD to prevent a kernel panic
(thanks to Michael Scheidell and Stefan Esser)
- nessus can export reports as other file formats again
1.1.11 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug regarding the saving of reports from the GUI
- Improved the backend in many ways (speed-wise, content-wise)
- Changes in the protocol
- More messages are sent between the server and the client (timestamps,
plugins version, ...)
- New .nbe file format, which looks like .nsr but has more information
in it
- Plugins now have versions numbers.
- The user can upload his plugins to the nessusd server from the client
- It is now possible to upload files to the server (ie: nmap's results) in
command-line mode
- Fixed false positives in SNMP plugins when launched against a non-configured
Solaris snmpd
. changes by Guillaume Valadon (guillaume at valadon.net)
- New XML output (the XML layout was defined by Lionel Cons [lionel.cons at cern.ch])
1.1.10 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug introduced in 1.1.9 which would sometimes prevent a user from
aborting an on-going test
- Fixed a bug in the client which would prevent the user from setting a port
range longer than 255 chars
- Fixed bugs in pcap_next() (thanks to Richard van den Berg). Also, pcap_next() is now more flexible.
- Fixed a bug in the command line client which would make it close the
communication too early when the client - server communication is not
ciphered
- Added an "auto-load dependencies at runtime" option
1.1.9 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fix in the GUI, when closing a saved report
- Fixed a bug in ftp_log_in() which would prevent nasl script from
logging into some FTP servers
- Solaris build problems fixed
- Darwin 1.4.1 build problems fixed
- MkLinux DR3 build problems fixed (is anyone using it anymore ?)
- GTK 1.0.x build problems fixed (the use of GTK 1.2 is recommended though)
- Fixed the "wrong call to getopt" problem which would make Nessus
segfault when built with cygwin, and which would prevent options
from working under Solaris & FreeBSD (thanks to Udo Schweigert)
- SMB checks speedup (thanks to Georges Dagousset's suggestion)
- Fixed a bug in the client - server communication that would make the
server close the communication when the client is idle
- Better support for AF_UNIX socket for client-server communication
(compile nessus-core with ./configure --enable-unix-socket)
- Plugins are disabled by default in batch mode
. changes by Michel Arboi (arboi at algoriel.fr)
- Client now properly checks the certificate of the server
. changes by Benoit Brodard (bbrodard at arkoon.net)
- fixed bugs in nasl/tcp.c (checksum, handling of unsigned int)
1.1.8 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workaround for systems with a low number of bpfs (OpenBSD, Darwin)
- Added some length checks for SMB checks
- No more zombies
- Fixed accounts.nes
- Fixed the reporting of the client (reports would be mixed)
- Client removes tempfiles when exiting
- Repaired ptyexecvp() which would not work on Solaris
- Slight bugfix in the NASL interpretor
. changes by Georges Dagousset (georges at alert4web.com)
- More optimizations
- Properly reloads KBs with the same value defined more than once
- Fixes in some plugins dependencies
. changes by Michael Slifcak <Michael.Slifcak at guardent.com>
- More nmap options
- Quiet mode in nessus-adduser
1.1.7 :
. changes by Renaud Deraison (deraison at nessus.org)
- Compiles on platforms without OpenSSL
- Better Solaris support
- Ported under Darwin (many thanks to Dieter Fiebelkorn
(dieter at fiebelkorn.net) who actually started the port and helped
me test this)
- Unscanned ports can now be considered as closed or open (instead of
just open), at user choice
- Upgraded to libtool 1.4.2
- fixed a bug in the client which would make it display the wrong report
when doing multiple scans
- enhanced the plugins filter (that appear when pressing 'l' in the GUI)
- fixed a serious problem in the SMB plugins which would prevent them to work
against Samba and which would make them slow against Windows (pointed out
by Georges Dagousset)
. changes by Iouri Pletnev (Iouri.Pletnec at xacta.com)
- Ported under Cygwin
. changes by Michel Arboi (arboi at algoriel.fr)
- Added nessus-mkrand for hosts with no /dev/random AND no EGD
running
1.1.6 :
. changes by Renaud Deraison (deraison at nessus.org)
- EGD support for OpenSSL (do ./configure --enable-egd=/path/to/egd/socket
in nessus-libraries)
- KB items are now stored with individual dates instead of a global
date for the whole KB file. Yes, this means you have to delete your
old KB files
- When an host could not be pinged, his KB is not altered (nor created)
- fixed memory leaks in nessusd
- nessus-mkcert checks that the certificates were really created
before congratulating the user
- fixed a security problem where anybody with a shell on the nessusd
host could log in
1.1.5 :
. changes by Georges Dagousset (georges.dagousset at alert4web.com) :
- new KB entries for further "optimizations"
- improved find_services.nes
. changes by Renaud Deraison (deraison at nessus.org) :
- cleaned up the KB
- added doc/kb_entries.txt
- bugfix in find_services regarding the pem password
- new reporting GUI
- fixed a problem which would leave some plugin run against a host
considered as dead
- the KB are now stored with properly escaped \n and \r chars
- greatly improved tcp_ping.nasl (and tcp_ping() in libnasl)
. changes by Michel Arboi (arboi at algoriel.fr) :
- replaced PEKS by OpenSSL in the client/server communication
. changes by H D Moore (hdm@secureaustin.com)
- fixed no404.nasl
1.1.4 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed find_services.nes
- plugins that are slow to finish are _really_ killed by the server
- the client better handles the scan of big networks
- nmap_wrapper now updates its progress bar
- nessus-update-plugins support proxies (with or without authentication)
- monitor_backend.c and data_mining.c allow any developer to plug
a database behind the client (by default flatfiles are used)
- bug fixed in nmap_wrapper which would make it kill its parent
process randomly
- minor fix in the tcp_ping() function of NASL (ack would be set
to non-zero for a syn packet)
- fixed Alexis's ftp_write_dirs.nes & ftp_bounce_scan.nes
. changes by Michel Arboi (arboi at noos.fr) :
- find_services accepts password-protected .pem files
- patches in the way files were transmitted between the client
and the server (which could end up in a deadlock)
. changes by Alexis de Bernis <alexisb at tpfh.org) :
- fixed ftp_write_dirs.nes
1.1.3 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'torturecgis.nasl' which supplies bogus args to
the remote CGIs, in order to find the most blantantly broken
ones
- webmirror.nasl now retrieves the list of arguments of each
CGI.
- added filter support in the client. Use the key 'l' to filter
out plugins you don't want to see.
- added the 'safe checks' option which allow the user to not disturb
the network (but which weakens the Nessus tests)
- disabled backward support for port 3001 - the official port
is 1241 now.
1.1.2 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'webmirror.nasl', which extracts the list of
CGIs used by a remote web server (and will do much more).
- fixed a problem in NASL due to the SSL patch that would cause
a fd leak with some plugins.
- added a new plugin category (ACT_DESTRUCTIVE_ATTACK) for plugins
that may harm the remote host.
- SSL certificates & key can be imported
- corrected a bug introduced in 1.1.0 that would make the client not display
the name of the plugin currently being run.
- sending signal SIGUSR1 to nessusd makes the grandfather process (the one
who listens on tcp ports) die without killing its children, thus
allowing a smooth upgrade of nessusd
- updated config.guess and config.sub
1.1.1 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed mem leaks in NASL
- fixed a bug introduced in 1.1.0 regarding recv_line()
- fixed a bug introduced in 1.1.0 in the process management of the plugins
(all the KB would not be filled, resulting in incomplete tests)
- smb_sid2user.nasl is twice as fast ;)
1.1.0 :
. changes by Devin Kowatch (devink at SDSC.EDU) :
- fixed communication problem between client and server
- user-defined timing policy in nmap
- nessus-update-plugins uses wget (or any user-supplied command at
compilation time) if available.
. changes by Michel Arboi (arboi at bigfoot.com) :
- support for the -T option of nmap
- SSL support
. changes by Zorgon (zorgon at antionline.org) :
- support for the --os_guess option of nmap
. changes by Renaud Deraison (deraison at nessus.org) :
- the user can upload files to plugins through the client (ie: it is possible
to upload nmap's results directly to the nmap plugin)
- tests can be run in parallel now
- each user is now granted a home by nessus-adduser
- added nessus-rmuser
- per users plugins
Of course several new plugins were added as well.
2002-05-10 15:18:44 +02:00
|
|
|
lib/nessus/plugins/mdbms_overflow.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/mediahouse_statistics_server.nasl
|
2001-12-30 19:38:53 +01:00
|
|
|
lib/nessus/plugins/mediahouse_statistics_web_server.nasl
|
2001-06-17 15:25:54 +02:00
|
|
|
lib/nessus/plugins/mercure_expn_overflow.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/mercure_imap_read_any_file.nasl
|
|
|
|
lib/nessus/plugins/mercure_webview.nasl
|
|
|
|
lib/nessus/plugins/metainfo_mail.nasl
|
2000-08-04 01:09:21 +02:00
|
|
|
lib/nessus/plugins/minivend_view_page.nasl
|
2001-12-30 19:38:53 +01:00
|
|
|
lib/nessus/plugins/miscflood.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/mkilog.nasl
|
Update libnasl, nessus{-core,-libraries,-plugins} to 1.2.0.
1.1.15/1.2.0 :
. changes by Nicolas Dubee (ndubee@secway.com) :
- Better support for AF_UNIX sockets
. changes by Brian (bmc@snort.org) :
- CVE references
- several bugfixes in the plugins
. changes by Peter Gründl (pgrundl@kpmg.dk) and
Carsten Joergensen (carstenjoergensen@kpmg.dk) :
- Extensive review of the plugins and therefore numerous fixes
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- FD leak in save_kb.c fixed
. changes by Renaud Deraison (deraison at nessus.org)
- It is now possible to upload files to the server when using
the command line client
- lrand48() portability problems worked around
- fixed a bug in the report window that would make it crash
randomly
1.1.14 :
. changes by Renaud Deraison (deraison at nessus.org)
- SMB fixes (thanks to Michael Scheidell)
- When the safe checks option is enabled, dangerous tests with no
alternate code (ie: plugins of type ACT_DESTRUCTIVE_ATTACK and
ACT_DENIAL) are disabled
- Hosts can be designated by their MAC address of instead of their
IP address (mostly useful for DHCP networks)
- Fixed a bug in the report generation which would replace newlines (\n)
by semi-columns (;)
- Fixed a bug in the export of some types of reports, where open ports
with no data associated would not be saved
- Integrated THC's Hydra as a Nessus plugin
- Added new NT security checks (related to user management)
- Plugins of type ACT_SETTINGS can not be disabled
- Fixed a bug which would make nessusd hang when a scanner was reporting
too many open ports (as when a UDP scan reports all UDP ports as
being open)
. changes by Dion Stempfley (dion at riptech.com)
- The client can now filter on category
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- Fixed some plugins causing error messages in some circumstances
(dns_xfer.nasl, snmp_processes.nasl...)
- Stylish changes to prevent gcc -Wall from whining in some files
- XML NG output is now XML compliant
- Bug fixes
. changes by Jenni Scott (jenni.scott@guardent.com) and
Michael Slifcak (michael.slifcak@guardent.com) :
- Improved the reporting of the plugins (better consistency, better
wording)
1.1.13 :
. changes by Michel Arboi (arboi at algoriel.fr)
- New family ACT_SETTINGS dedicated to plugins which just let the user
enter some preferences
- Optional NIDS evasion techniques (url encoding, tcp slicing)
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug in the command line client which would make it ignore
some preferences
- SMB checks can now log into a Windows domain
- NIDS evasion techniques (data injection, short ttl)
- Fixed a bug which would randomly stall the scan
1.1.12 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workarounds on FreeBSD to prevent a kernel panic
(thanks to Michael Scheidell and Stefan Esser)
- nessus can export reports as other file formats again
1.1.11 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug regarding the saving of reports from the GUI
- Improved the backend in many ways (speed-wise, content-wise)
- Changes in the protocol
- More messages are sent between the server and the client (timestamps,
plugins version, ...)
- New .nbe file format, which looks like .nsr but has more information
in it
- Plugins now have versions numbers.
- The user can upload his plugins to the nessusd server from the client
- It is now possible to upload files to the server (ie: nmap's results) in
command-line mode
- Fixed false positives in SNMP plugins when launched against a non-configured
Solaris snmpd
. changes by Guillaume Valadon (guillaume at valadon.net)
- New XML output (the XML layout was defined by Lionel Cons [lionel.cons at cern.ch])
1.1.10 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug introduced in 1.1.9 which would sometimes prevent a user from
aborting an on-going test
- Fixed a bug in the client which would prevent the user from setting a port
range longer than 255 chars
- Fixed bugs in pcap_next() (thanks to Richard van den Berg). Also, pcap_next() is now more flexible.
- Fixed a bug in the command line client which would make it close the
communication too early when the client - server communication is not
ciphered
- Added an "auto-load dependencies at runtime" option
1.1.9 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fix in the GUI, when closing a saved report
- Fixed a bug in ftp_log_in() which would prevent nasl script from
logging into some FTP servers
- Solaris build problems fixed
- Darwin 1.4.1 build problems fixed
- MkLinux DR3 build problems fixed (is anyone using it anymore ?)
- GTK 1.0.x build problems fixed (the use of GTK 1.2 is recommended though)
- Fixed the "wrong call to getopt" problem which would make Nessus
segfault when built with cygwin, and which would prevent options
from working under Solaris & FreeBSD (thanks to Udo Schweigert)
- SMB checks speedup (thanks to Georges Dagousset's suggestion)
- Fixed a bug in the client - server communication that would make the
server close the communication when the client is idle
- Better support for AF_UNIX socket for client-server communication
(compile nessus-core with ./configure --enable-unix-socket)
- Plugins are disabled by default in batch mode
. changes by Michel Arboi (arboi at algoriel.fr)
- Client now properly checks the certificate of the server
. changes by Benoit Brodard (bbrodard at arkoon.net)
- fixed bugs in nasl/tcp.c (checksum, handling of unsigned int)
1.1.8 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workaround for systems with a low number of bpfs (OpenBSD, Darwin)
- Added some length checks for SMB checks
- No more zombies
- Fixed accounts.nes
- Fixed the reporting of the client (reports would be mixed)
- Client removes tempfiles when exiting
- Repaired ptyexecvp() which would not work on Solaris
- Slight bugfix in the NASL interpretor
. changes by Georges Dagousset (georges at alert4web.com)
- More optimizations
- Properly reloads KBs with the same value defined more than once
- Fixes in some plugins dependencies
. changes by Michael Slifcak <Michael.Slifcak at guardent.com>
- More nmap options
- Quiet mode in nessus-adduser
1.1.7 :
. changes by Renaud Deraison (deraison at nessus.org)
- Compiles on platforms without OpenSSL
- Better Solaris support
- Ported under Darwin (many thanks to Dieter Fiebelkorn
(dieter at fiebelkorn.net) who actually started the port and helped
me test this)
- Unscanned ports can now be considered as closed or open (instead of
just open), at user choice
- Upgraded to libtool 1.4.2
- fixed a bug in the client which would make it display the wrong report
when doing multiple scans
- enhanced the plugins filter (that appear when pressing 'l' in the GUI)
- fixed a serious problem in the SMB plugins which would prevent them to work
against Samba and which would make them slow against Windows (pointed out
by Georges Dagousset)
. changes by Iouri Pletnev (Iouri.Pletnec at xacta.com)
- Ported under Cygwin
. changes by Michel Arboi (arboi at algoriel.fr)
- Added nessus-mkrand for hosts with no /dev/random AND no EGD
running
1.1.6 :
. changes by Renaud Deraison (deraison at nessus.org)
- EGD support for OpenSSL (do ./configure --enable-egd=/path/to/egd/socket
in nessus-libraries)
- KB items are now stored with individual dates instead of a global
date for the whole KB file. Yes, this means you have to delete your
old KB files
- When an host could not be pinged, his KB is not altered (nor created)
- fixed memory leaks in nessusd
- nessus-mkcert checks that the certificates were really created
before congratulating the user
- fixed a security problem where anybody with a shell on the nessusd
host could log in
1.1.5 :
. changes by Georges Dagousset (georges.dagousset at alert4web.com) :
- new KB entries for further "optimizations"
- improved find_services.nes
. changes by Renaud Deraison (deraison at nessus.org) :
- cleaned up the KB
- added doc/kb_entries.txt
- bugfix in find_services regarding the pem password
- new reporting GUI
- fixed a problem which would leave some plugin run against a host
considered as dead
- the KB are now stored with properly escaped \n and \r chars
- greatly improved tcp_ping.nasl (and tcp_ping() in libnasl)
. changes by Michel Arboi (arboi at algoriel.fr) :
- replaced PEKS by OpenSSL in the client/server communication
. changes by H D Moore (hdm@secureaustin.com)
- fixed no404.nasl
1.1.4 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed find_services.nes
- plugins that are slow to finish are _really_ killed by the server
- the client better handles the scan of big networks
- nmap_wrapper now updates its progress bar
- nessus-update-plugins support proxies (with or without authentication)
- monitor_backend.c and data_mining.c allow any developer to plug
a database behind the client (by default flatfiles are used)
- bug fixed in nmap_wrapper which would make it kill its parent
process randomly
- minor fix in the tcp_ping() function of NASL (ack would be set
to non-zero for a syn packet)
- fixed Alexis's ftp_write_dirs.nes & ftp_bounce_scan.nes
. changes by Michel Arboi (arboi at noos.fr) :
- find_services accepts password-protected .pem files
- patches in the way files were transmitted between the client
and the server (which could end up in a deadlock)
. changes by Alexis de Bernis <alexisb at tpfh.org) :
- fixed ftp_write_dirs.nes
1.1.3 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'torturecgis.nasl' which supplies bogus args to
the remote CGIs, in order to find the most blantantly broken
ones
- webmirror.nasl now retrieves the list of arguments of each
CGI.
- added filter support in the client. Use the key 'l' to filter
out plugins you don't want to see.
- added the 'safe checks' option which allow the user to not disturb
the network (but which weakens the Nessus tests)
- disabled backward support for port 3001 - the official port
is 1241 now.
1.1.2 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'webmirror.nasl', which extracts the list of
CGIs used by a remote web server (and will do much more).
- fixed a problem in NASL due to the SSL patch that would cause
a fd leak with some plugins.
- added a new plugin category (ACT_DESTRUCTIVE_ATTACK) for plugins
that may harm the remote host.
- SSL certificates & key can be imported
- corrected a bug introduced in 1.1.0 that would make the client not display
the name of the plugin currently being run.
- sending signal SIGUSR1 to nessusd makes the grandfather process (the one
who listens on tcp ports) die without killing its children, thus
allowing a smooth upgrade of nessusd
- updated config.guess and config.sub
1.1.1 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed mem leaks in NASL
- fixed a bug introduced in 1.1.0 regarding recv_line()
- fixed a bug introduced in 1.1.0 in the process management of the plugins
(all the KB would not be filled, resulting in incomplete tests)
- smb_sid2user.nasl is twice as fast ;)
1.1.0 :
. changes by Devin Kowatch (devink at SDSC.EDU) :
- fixed communication problem between client and server
- user-defined timing policy in nmap
- nessus-update-plugins uses wget (or any user-supplied command at
compilation time) if available.
. changes by Michel Arboi (arboi at bigfoot.com) :
- support for the -T option of nmap
- SSL support
. changes by Zorgon (zorgon at antionline.org) :
- support for the --os_guess option of nmap
. changes by Renaud Deraison (deraison at nessus.org) :
- the user can upload files to plugins through the client (ie: it is possible
to upload nmap's results directly to the nmap plugin)
- tests can be run in parallel now
- each user is now granted a home by nessus-adduser
- added nessus-rmuser
- per users plugins
Of course several new plugins were added as well.
2002-05-10 15:18:44 +02:00
|
|
|
lib/nessus/plugins/mod_ssl_overflow.nasl
|
|
|
|
lib/nessus/plugins/mrtg_traversal.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/ms_index_server.nasl
|
|
|
|
lib/nessus/plugins/msadcs_dll.nasl
|
Update libnasl, nessus{-core,-libraries,-plugins} to 1.2.0.
1.1.15/1.2.0 :
. changes by Nicolas Dubee (ndubee@secway.com) :
- Better support for AF_UNIX sockets
. changes by Brian (bmc@snort.org) :
- CVE references
- several bugfixes in the plugins
. changes by Peter Gründl (pgrundl@kpmg.dk) and
Carsten Joergensen (carstenjoergensen@kpmg.dk) :
- Extensive review of the plugins and therefore numerous fixes
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- FD leak in save_kb.c fixed
. changes by Renaud Deraison (deraison at nessus.org)
- It is now possible to upload files to the server when using
the command line client
- lrand48() portability problems worked around
- fixed a bug in the report window that would make it crash
randomly
1.1.14 :
. changes by Renaud Deraison (deraison at nessus.org)
- SMB fixes (thanks to Michael Scheidell)
- When the safe checks option is enabled, dangerous tests with no
alternate code (ie: plugins of type ACT_DESTRUCTIVE_ATTACK and
ACT_DENIAL) are disabled
- Hosts can be designated by their MAC address of instead of their
IP address (mostly useful for DHCP networks)
- Fixed a bug in the report generation which would replace newlines (\n)
by semi-columns (;)
- Fixed a bug in the export of some types of reports, where open ports
with no data associated would not be saved
- Integrated THC's Hydra as a Nessus plugin
- Added new NT security checks (related to user management)
- Plugins of type ACT_SETTINGS can not be disabled
- Fixed a bug which would make nessusd hang when a scanner was reporting
too many open ports (as when a UDP scan reports all UDP ports as
being open)
. changes by Dion Stempfley (dion at riptech.com)
- The client can now filter on category
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- Fixed some plugins causing error messages in some circumstances
(dns_xfer.nasl, snmp_processes.nasl...)
- Stylish changes to prevent gcc -Wall from whining in some files
- XML NG output is now XML compliant
- Bug fixes
. changes by Jenni Scott (jenni.scott@guardent.com) and
Michael Slifcak (michael.slifcak@guardent.com) :
- Improved the reporting of the plugins (better consistency, better
wording)
1.1.13 :
. changes by Michel Arboi (arboi at algoriel.fr)
- New family ACT_SETTINGS dedicated to plugins which just let the user
enter some preferences
- Optional NIDS evasion techniques (url encoding, tcp slicing)
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug in the command line client which would make it ignore
some preferences
- SMB checks can now log into a Windows domain
- NIDS evasion techniques (data injection, short ttl)
- Fixed a bug which would randomly stall the scan
1.1.12 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workarounds on FreeBSD to prevent a kernel panic
(thanks to Michael Scheidell and Stefan Esser)
- nessus can export reports as other file formats again
1.1.11 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug regarding the saving of reports from the GUI
- Improved the backend in many ways (speed-wise, content-wise)
- Changes in the protocol
- More messages are sent between the server and the client (timestamps,
plugins version, ...)
- New .nbe file format, which looks like .nsr but has more information
in it
- Plugins now have versions numbers.
- The user can upload his plugins to the nessusd server from the client
- It is now possible to upload files to the server (ie: nmap's results) in
command-line mode
- Fixed false positives in SNMP plugins when launched against a non-configured
Solaris snmpd
. changes by Guillaume Valadon (guillaume at valadon.net)
- New XML output (the XML layout was defined by Lionel Cons [lionel.cons at cern.ch])
1.1.10 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug introduced in 1.1.9 which would sometimes prevent a user from
aborting an on-going test
- Fixed a bug in the client which would prevent the user from setting a port
range longer than 255 chars
- Fixed bugs in pcap_next() (thanks to Richard van den Berg). Also, pcap_next() is now more flexible.
- Fixed a bug in the command line client which would make it close the
communication too early when the client - server communication is not
ciphered
- Added an "auto-load dependencies at runtime" option
1.1.9 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fix in the GUI, when closing a saved report
- Fixed a bug in ftp_log_in() which would prevent nasl script from
logging into some FTP servers
- Solaris build problems fixed
- Darwin 1.4.1 build problems fixed
- MkLinux DR3 build problems fixed (is anyone using it anymore ?)
- GTK 1.0.x build problems fixed (the use of GTK 1.2 is recommended though)
- Fixed the "wrong call to getopt" problem which would make Nessus
segfault when built with cygwin, and which would prevent options
from working under Solaris & FreeBSD (thanks to Udo Schweigert)
- SMB checks speedup (thanks to Georges Dagousset's suggestion)
- Fixed a bug in the client - server communication that would make the
server close the communication when the client is idle
- Better support for AF_UNIX socket for client-server communication
(compile nessus-core with ./configure --enable-unix-socket)
- Plugins are disabled by default in batch mode
. changes by Michel Arboi (arboi at algoriel.fr)
- Client now properly checks the certificate of the server
. changes by Benoit Brodard (bbrodard at arkoon.net)
- fixed bugs in nasl/tcp.c (checksum, handling of unsigned int)
1.1.8 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workaround for systems with a low number of bpfs (OpenBSD, Darwin)
- Added some length checks for SMB checks
- No more zombies
- Fixed accounts.nes
- Fixed the reporting of the client (reports would be mixed)
- Client removes tempfiles when exiting
- Repaired ptyexecvp() which would not work on Solaris
- Slight bugfix in the NASL interpretor
. changes by Georges Dagousset (georges at alert4web.com)
- More optimizations
- Properly reloads KBs with the same value defined more than once
- Fixes in some plugins dependencies
. changes by Michael Slifcak <Michael.Slifcak at guardent.com>
- More nmap options
- Quiet mode in nessus-adduser
1.1.7 :
. changes by Renaud Deraison (deraison at nessus.org)
- Compiles on platforms without OpenSSL
- Better Solaris support
- Ported under Darwin (many thanks to Dieter Fiebelkorn
(dieter at fiebelkorn.net) who actually started the port and helped
me test this)
- Unscanned ports can now be considered as closed or open (instead of
just open), at user choice
- Upgraded to libtool 1.4.2
- fixed a bug in the client which would make it display the wrong report
when doing multiple scans
- enhanced the plugins filter (that appear when pressing 'l' in the GUI)
- fixed a serious problem in the SMB plugins which would prevent them to work
against Samba and which would make them slow against Windows (pointed out
by Georges Dagousset)
. changes by Iouri Pletnev (Iouri.Pletnec at xacta.com)
- Ported under Cygwin
. changes by Michel Arboi (arboi at algoriel.fr)
- Added nessus-mkrand for hosts with no /dev/random AND no EGD
running
1.1.6 :
. changes by Renaud Deraison (deraison at nessus.org)
- EGD support for OpenSSL (do ./configure --enable-egd=/path/to/egd/socket
in nessus-libraries)
- KB items are now stored with individual dates instead of a global
date for the whole KB file. Yes, this means you have to delete your
old KB files
- When an host could not be pinged, his KB is not altered (nor created)
- fixed memory leaks in nessusd
- nessus-mkcert checks that the certificates were really created
before congratulating the user
- fixed a security problem where anybody with a shell on the nessusd
host could log in
1.1.5 :
. changes by Georges Dagousset (georges.dagousset at alert4web.com) :
- new KB entries for further "optimizations"
- improved find_services.nes
. changes by Renaud Deraison (deraison at nessus.org) :
- cleaned up the KB
- added doc/kb_entries.txt
- bugfix in find_services regarding the pem password
- new reporting GUI
- fixed a problem which would leave some plugin run against a host
considered as dead
- the KB are now stored with properly escaped \n and \r chars
- greatly improved tcp_ping.nasl (and tcp_ping() in libnasl)
. changes by Michel Arboi (arboi at algoriel.fr) :
- replaced PEKS by OpenSSL in the client/server communication
. changes by H D Moore (hdm@secureaustin.com)
- fixed no404.nasl
1.1.4 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed find_services.nes
- plugins that are slow to finish are _really_ killed by the server
- the client better handles the scan of big networks
- nmap_wrapper now updates its progress bar
- nessus-update-plugins support proxies (with or without authentication)
- monitor_backend.c and data_mining.c allow any developer to plug
a database behind the client (by default flatfiles are used)
- bug fixed in nmap_wrapper which would make it kill its parent
process randomly
- minor fix in the tcp_ping() function of NASL (ack would be set
to non-zero for a syn packet)
- fixed Alexis's ftp_write_dirs.nes & ftp_bounce_scan.nes
. changes by Michel Arboi (arboi at noos.fr) :
- find_services accepts password-protected .pem files
- patches in the way files were transmitted between the client
and the server (which could end up in a deadlock)
. changes by Alexis de Bernis <alexisb at tpfh.org) :
- fixed ftp_write_dirs.nes
1.1.3 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'torturecgis.nasl' which supplies bogus args to
the remote CGIs, in order to find the most blantantly broken
ones
- webmirror.nasl now retrieves the list of arguments of each
CGI.
- added filter support in the client. Use the key 'l' to filter
out plugins you don't want to see.
- added the 'safe checks' option which allow the user to not disturb
the network (but which weakens the Nessus tests)
- disabled backward support for port 3001 - the official port
is 1241 now.
1.1.2 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'webmirror.nasl', which extracts the list of
CGIs used by a remote web server (and will do much more).
- fixed a problem in NASL due to the SSL patch that would cause
a fd leak with some plugins.
- added a new plugin category (ACT_DESTRUCTIVE_ATTACK) for plugins
that may harm the remote host.
- SSL certificates & key can be imported
- corrected a bug introduced in 1.1.0 that would make the client not display
the name of the plugin currently being run.
- sending signal SIGUSR1 to nessusd makes the grandfather process (the one
who listens on tcp ports) die without killing its children, thus
allowing a smooth upgrade of nessusd
- updated config.guess and config.sub
1.1.1 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed mem leaks in NASL
- fixed a bug introduced in 1.1.0 regarding recv_line()
- fixed a bug introduced in 1.1.0 in the process management of the plugins
(all the KB would not be filled, resulting in incomplete tests)
- smb_sid2user.nasl is twice as fast ;)
1.1.0 :
. changes by Devin Kowatch (devink at SDSC.EDU) :
- fixed communication problem between client and server
- user-defined timing policy in nmap
- nessus-update-plugins uses wget (or any user-supplied command at
compilation time) if available.
. changes by Michel Arboi (arboi at bigfoot.com) :
- support for the -T option of nmap
- SSL support
. changes by Zorgon (zorgon at antionline.org) :
- support for the --os_guess option of nmap
. changes by Renaud Deraison (deraison at nessus.org) :
- the user can upload files to plugins through the client (ie: it is possible
to upload nmap's results directly to the nmap plugin)
- tests can be run in parallel now
- each user is now granted a home by nessus-adduser
- added nessus-rmuser
- per users plugins
Of course several new plugins were added as well.
2002-05-10 15:18:44 +02:00
|
|
|
lib/nessus/plugins/msftp_dos.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/mspws_dotdotdot.nasl
|
|
|
|
lib/nessus/plugins/msql_overflow.nasl
|
Update libnasl, nessus{-core,-libraries,-plugins} to 1.2.0.
1.1.15/1.2.0 :
. changes by Nicolas Dubee (ndubee@secway.com) :
- Better support for AF_UNIX sockets
. changes by Brian (bmc@snort.org) :
- CVE references
- several bugfixes in the plugins
. changes by Peter Gründl (pgrundl@kpmg.dk) and
Carsten Joergensen (carstenjoergensen@kpmg.dk) :
- Extensive review of the plugins and therefore numerous fixes
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- FD leak in save_kb.c fixed
. changes by Renaud Deraison (deraison at nessus.org)
- It is now possible to upload files to the server when using
the command line client
- lrand48() portability problems worked around
- fixed a bug in the report window that would make it crash
randomly
1.1.14 :
. changes by Renaud Deraison (deraison at nessus.org)
- SMB fixes (thanks to Michael Scheidell)
- When the safe checks option is enabled, dangerous tests with no
alternate code (ie: plugins of type ACT_DESTRUCTIVE_ATTACK and
ACT_DENIAL) are disabled
- Hosts can be designated by their MAC address of instead of their
IP address (mostly useful for DHCP networks)
- Fixed a bug in the report generation which would replace newlines (\n)
by semi-columns (;)
- Fixed a bug in the export of some types of reports, where open ports
with no data associated would not be saved
- Integrated THC's Hydra as a Nessus plugin
- Added new NT security checks (related to user management)
- Plugins of type ACT_SETTINGS can not be disabled
- Fixed a bug which would make nessusd hang when a scanner was reporting
too many open ports (as when a UDP scan reports all UDP ports as
being open)
. changes by Dion Stempfley (dion at riptech.com)
- The client can now filter on category
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- Fixed some plugins causing error messages in some circumstances
(dns_xfer.nasl, snmp_processes.nasl...)
- Stylish changes to prevent gcc -Wall from whining in some files
- XML NG output is now XML compliant
- Bug fixes
. changes by Jenni Scott (jenni.scott@guardent.com) and
Michael Slifcak (michael.slifcak@guardent.com) :
- Improved the reporting of the plugins (better consistency, better
wording)
1.1.13 :
. changes by Michel Arboi (arboi at algoriel.fr)
- New family ACT_SETTINGS dedicated to plugins which just let the user
enter some preferences
- Optional NIDS evasion techniques (url encoding, tcp slicing)
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug in the command line client which would make it ignore
some preferences
- SMB checks can now log into a Windows domain
- NIDS evasion techniques (data injection, short ttl)
- Fixed a bug which would randomly stall the scan
1.1.12 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workarounds on FreeBSD to prevent a kernel panic
(thanks to Michael Scheidell and Stefan Esser)
- nessus can export reports as other file formats again
1.1.11 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug regarding the saving of reports from the GUI
- Improved the backend in many ways (speed-wise, content-wise)
- Changes in the protocol
- More messages are sent between the server and the client (timestamps,
plugins version, ...)
- New .nbe file format, which looks like .nsr but has more information
in it
- Plugins now have versions numbers.
- The user can upload his plugins to the nessusd server from the client
- It is now possible to upload files to the server (ie: nmap's results) in
command-line mode
- Fixed false positives in SNMP plugins when launched against a non-configured
Solaris snmpd
. changes by Guillaume Valadon (guillaume at valadon.net)
- New XML output (the XML layout was defined by Lionel Cons [lionel.cons at cern.ch])
1.1.10 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug introduced in 1.1.9 which would sometimes prevent a user from
aborting an on-going test
- Fixed a bug in the client which would prevent the user from setting a port
range longer than 255 chars
- Fixed bugs in pcap_next() (thanks to Richard van den Berg). Also, pcap_next() is now more flexible.
- Fixed a bug in the command line client which would make it close the
communication too early when the client - server communication is not
ciphered
- Added an "auto-load dependencies at runtime" option
1.1.9 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fix in the GUI, when closing a saved report
- Fixed a bug in ftp_log_in() which would prevent nasl script from
logging into some FTP servers
- Solaris build problems fixed
- Darwin 1.4.1 build problems fixed
- MkLinux DR3 build problems fixed (is anyone using it anymore ?)
- GTK 1.0.x build problems fixed (the use of GTK 1.2 is recommended though)
- Fixed the "wrong call to getopt" problem which would make Nessus
segfault when built with cygwin, and which would prevent options
from working under Solaris & FreeBSD (thanks to Udo Schweigert)
- SMB checks speedup (thanks to Georges Dagousset's suggestion)
- Fixed a bug in the client - server communication that would make the
server close the communication when the client is idle
- Better support for AF_UNIX socket for client-server communication
(compile nessus-core with ./configure --enable-unix-socket)
- Plugins are disabled by default in batch mode
. changes by Michel Arboi (arboi at algoriel.fr)
- Client now properly checks the certificate of the server
. changes by Benoit Brodard (bbrodard at arkoon.net)
- fixed bugs in nasl/tcp.c (checksum, handling of unsigned int)
1.1.8 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workaround for systems with a low number of bpfs (OpenBSD, Darwin)
- Added some length checks for SMB checks
- No more zombies
- Fixed accounts.nes
- Fixed the reporting of the client (reports would be mixed)
- Client removes tempfiles when exiting
- Repaired ptyexecvp() which would not work on Solaris
- Slight bugfix in the NASL interpretor
. changes by Georges Dagousset (georges at alert4web.com)
- More optimizations
- Properly reloads KBs with the same value defined more than once
- Fixes in some plugins dependencies
. changes by Michael Slifcak <Michael.Slifcak at guardent.com>
- More nmap options
- Quiet mode in nessus-adduser
1.1.7 :
. changes by Renaud Deraison (deraison at nessus.org)
- Compiles on platforms without OpenSSL
- Better Solaris support
- Ported under Darwin (many thanks to Dieter Fiebelkorn
(dieter at fiebelkorn.net) who actually started the port and helped
me test this)
- Unscanned ports can now be considered as closed or open (instead of
just open), at user choice
- Upgraded to libtool 1.4.2
- fixed a bug in the client which would make it display the wrong report
when doing multiple scans
- enhanced the plugins filter (that appear when pressing 'l' in the GUI)
- fixed a serious problem in the SMB plugins which would prevent them to work
against Samba and which would make them slow against Windows (pointed out
by Georges Dagousset)
. changes by Iouri Pletnev (Iouri.Pletnec at xacta.com)
- Ported under Cygwin
. changes by Michel Arboi (arboi at algoriel.fr)
- Added nessus-mkrand for hosts with no /dev/random AND no EGD
running
1.1.6 :
. changes by Renaud Deraison (deraison at nessus.org)
- EGD support for OpenSSL (do ./configure --enable-egd=/path/to/egd/socket
in nessus-libraries)
- KB items are now stored with individual dates instead of a global
date for the whole KB file. Yes, this means you have to delete your
old KB files
- When an host could not be pinged, his KB is not altered (nor created)
- fixed memory leaks in nessusd
- nessus-mkcert checks that the certificates were really created
before congratulating the user
- fixed a security problem where anybody with a shell on the nessusd
host could log in
1.1.5 :
. changes by Georges Dagousset (georges.dagousset at alert4web.com) :
- new KB entries for further "optimizations"
- improved find_services.nes
. changes by Renaud Deraison (deraison at nessus.org) :
- cleaned up the KB
- added doc/kb_entries.txt
- bugfix in find_services regarding the pem password
- new reporting GUI
- fixed a problem which would leave some plugin run against a host
considered as dead
- the KB are now stored with properly escaped \n and \r chars
- greatly improved tcp_ping.nasl (and tcp_ping() in libnasl)
. changes by Michel Arboi (arboi at algoriel.fr) :
- replaced PEKS by OpenSSL in the client/server communication
. changes by H D Moore (hdm@secureaustin.com)
- fixed no404.nasl
1.1.4 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed find_services.nes
- plugins that are slow to finish are _really_ killed by the server
- the client better handles the scan of big networks
- nmap_wrapper now updates its progress bar
- nessus-update-plugins support proxies (with or without authentication)
- monitor_backend.c and data_mining.c allow any developer to plug
a database behind the client (by default flatfiles are used)
- bug fixed in nmap_wrapper which would make it kill its parent
process randomly
- minor fix in the tcp_ping() function of NASL (ack would be set
to non-zero for a syn packet)
- fixed Alexis's ftp_write_dirs.nes & ftp_bounce_scan.nes
. changes by Michel Arboi (arboi at noos.fr) :
- find_services accepts password-protected .pem files
- patches in the way files were transmitted between the client
and the server (which could end up in a deadlock)
. changes by Alexis de Bernis <alexisb at tpfh.org) :
- fixed ftp_write_dirs.nes
1.1.3 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'torturecgis.nasl' which supplies bogus args to
the remote CGIs, in order to find the most blantantly broken
ones
- webmirror.nasl now retrieves the list of arguments of each
CGI.
- added filter support in the client. Use the key 'l' to filter
out plugins you don't want to see.
- added the 'safe checks' option which allow the user to not disturb
the network (but which weakens the Nessus tests)
- disabled backward support for port 3001 - the official port
is 1241 now.
1.1.2 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'webmirror.nasl', which extracts the list of
CGIs used by a remote web server (and will do much more).
- fixed a problem in NASL due to the SSL patch that would cause
a fd leak with some plugins.
- added a new plugin category (ACT_DESTRUCTIVE_ATTACK) for plugins
that may harm the remote host.
- SSL certificates & key can be imported
- corrected a bug introduced in 1.1.0 that would make the client not display
the name of the plugin currently being run.
- sending signal SIGUSR1 to nessusd makes the grandfather process (the one
who listens on tcp ports) die without killing its children, thus
allowing a smooth upgrade of nessusd
- updated config.guess and config.sub
1.1.1 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed mem leaks in NASL
- fixed a bug introduced in 1.1.0 regarding recv_line()
- fixed a bug introduced in 1.1.0 in the process management of the plugins
(all the KB would not be filled, resulting in incomplete tests)
- smb_sid2user.nasl is twice as fast ;)
1.1.0 :
. changes by Devin Kowatch (devink at SDSC.EDU) :
- fixed communication problem between client and server
- user-defined timing policy in nmap
- nessus-update-plugins uses wget (or any user-supplied command at
compilation time) if available.
. changes by Michel Arboi (arboi at bigfoot.com) :
- support for the -T option of nmap
- SSL support
. changes by Zorgon (zorgon at antionline.org) :
- support for the --os_guess option of nmap
. changes by Renaud Deraison (deraison at nessus.org) :
- the user can upload files to plugins through the client (ie: it is possible
to upload nmap's results directly to the nmap plugin)
- tests can be run in parallel now
- each user is now granted a home by nessus-adduser
- added nessus-rmuser
- per users plugins
Of course several new plugins were added as well.
2002-05-10 15:18:44 +02:00
|
|
|
lib/nessus/plugins/mssmtp_dos.nasl
|
2001-08-16 19:27:53 +02:00
|
|
|
lib/nessus/plugins/mssql_blank_password.nasl
|
Update libnasl, nessus{-core,-libraries,-plugins} to 1.2.0.
1.1.15/1.2.0 :
. changes by Nicolas Dubee (ndubee@secway.com) :
- Better support for AF_UNIX sockets
. changes by Brian (bmc@snort.org) :
- CVE references
- several bugfixes in the plugins
. changes by Peter Gründl (pgrundl@kpmg.dk) and
Carsten Joergensen (carstenjoergensen@kpmg.dk) :
- Extensive review of the plugins and therefore numerous fixes
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- FD leak in save_kb.c fixed
. changes by Renaud Deraison (deraison at nessus.org)
- It is now possible to upload files to the server when using
the command line client
- lrand48() portability problems worked around
- fixed a bug in the report window that would make it crash
randomly
1.1.14 :
. changes by Renaud Deraison (deraison at nessus.org)
- SMB fixes (thanks to Michael Scheidell)
- When the safe checks option is enabled, dangerous tests with no
alternate code (ie: plugins of type ACT_DESTRUCTIVE_ATTACK and
ACT_DENIAL) are disabled
- Hosts can be designated by their MAC address of instead of their
IP address (mostly useful for DHCP networks)
- Fixed a bug in the report generation which would replace newlines (\n)
by semi-columns (;)
- Fixed a bug in the export of some types of reports, where open ports
with no data associated would not be saved
- Integrated THC's Hydra as a Nessus plugin
- Added new NT security checks (related to user management)
- Plugins of type ACT_SETTINGS can not be disabled
- Fixed a bug which would make nessusd hang when a scanner was reporting
too many open ports (as when a UDP scan reports all UDP ports as
being open)
. changes by Dion Stempfley (dion at riptech.com)
- The client can now filter on category
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- Fixed some plugins causing error messages in some circumstances
(dns_xfer.nasl, snmp_processes.nasl...)
- Stylish changes to prevent gcc -Wall from whining in some files
- XML NG output is now XML compliant
- Bug fixes
. changes by Jenni Scott (jenni.scott@guardent.com) and
Michael Slifcak (michael.slifcak@guardent.com) :
- Improved the reporting of the plugins (better consistency, better
wording)
1.1.13 :
. changes by Michel Arboi (arboi at algoriel.fr)
- New family ACT_SETTINGS dedicated to plugins which just let the user
enter some preferences
- Optional NIDS evasion techniques (url encoding, tcp slicing)
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug in the command line client which would make it ignore
some preferences
- SMB checks can now log into a Windows domain
- NIDS evasion techniques (data injection, short ttl)
- Fixed a bug which would randomly stall the scan
1.1.12 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workarounds on FreeBSD to prevent a kernel panic
(thanks to Michael Scheidell and Stefan Esser)
- nessus can export reports as other file formats again
1.1.11 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug regarding the saving of reports from the GUI
- Improved the backend in many ways (speed-wise, content-wise)
- Changes in the protocol
- More messages are sent between the server and the client (timestamps,
plugins version, ...)
- New .nbe file format, which looks like .nsr but has more information
in it
- Plugins now have versions numbers.
- The user can upload his plugins to the nessusd server from the client
- It is now possible to upload files to the server (ie: nmap's results) in
command-line mode
- Fixed false positives in SNMP plugins when launched against a non-configured
Solaris snmpd
. changes by Guillaume Valadon (guillaume at valadon.net)
- New XML output (the XML layout was defined by Lionel Cons [lionel.cons at cern.ch])
1.1.10 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug introduced in 1.1.9 which would sometimes prevent a user from
aborting an on-going test
- Fixed a bug in the client which would prevent the user from setting a port
range longer than 255 chars
- Fixed bugs in pcap_next() (thanks to Richard van den Berg). Also, pcap_next() is now more flexible.
- Fixed a bug in the command line client which would make it close the
communication too early when the client - server communication is not
ciphered
- Added an "auto-load dependencies at runtime" option
1.1.9 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fix in the GUI, when closing a saved report
- Fixed a bug in ftp_log_in() which would prevent nasl script from
logging into some FTP servers
- Solaris build problems fixed
- Darwin 1.4.1 build problems fixed
- MkLinux DR3 build problems fixed (is anyone using it anymore ?)
- GTK 1.0.x build problems fixed (the use of GTK 1.2 is recommended though)
- Fixed the "wrong call to getopt" problem which would make Nessus
segfault when built with cygwin, and which would prevent options
from working under Solaris & FreeBSD (thanks to Udo Schweigert)
- SMB checks speedup (thanks to Georges Dagousset's suggestion)
- Fixed a bug in the client - server communication that would make the
server close the communication when the client is idle
- Better support for AF_UNIX socket for client-server communication
(compile nessus-core with ./configure --enable-unix-socket)
- Plugins are disabled by default in batch mode
. changes by Michel Arboi (arboi at algoriel.fr)
- Client now properly checks the certificate of the server
. changes by Benoit Brodard (bbrodard at arkoon.net)
- fixed bugs in nasl/tcp.c (checksum, handling of unsigned int)
1.1.8 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workaround for systems with a low number of bpfs (OpenBSD, Darwin)
- Added some length checks for SMB checks
- No more zombies
- Fixed accounts.nes
- Fixed the reporting of the client (reports would be mixed)
- Client removes tempfiles when exiting
- Repaired ptyexecvp() which would not work on Solaris
- Slight bugfix in the NASL interpretor
. changes by Georges Dagousset (georges at alert4web.com)
- More optimizations
- Properly reloads KBs with the same value defined more than once
- Fixes in some plugins dependencies
. changes by Michael Slifcak <Michael.Slifcak at guardent.com>
- More nmap options
- Quiet mode in nessus-adduser
1.1.7 :
. changes by Renaud Deraison (deraison at nessus.org)
- Compiles on platforms without OpenSSL
- Better Solaris support
- Ported under Darwin (many thanks to Dieter Fiebelkorn
(dieter at fiebelkorn.net) who actually started the port and helped
me test this)
- Unscanned ports can now be considered as closed or open (instead of
just open), at user choice
- Upgraded to libtool 1.4.2
- fixed a bug in the client which would make it display the wrong report
when doing multiple scans
- enhanced the plugins filter (that appear when pressing 'l' in the GUI)
- fixed a serious problem in the SMB plugins which would prevent them to work
against Samba and which would make them slow against Windows (pointed out
by Georges Dagousset)
. changes by Iouri Pletnev (Iouri.Pletnec at xacta.com)
- Ported under Cygwin
. changes by Michel Arboi (arboi at algoriel.fr)
- Added nessus-mkrand for hosts with no /dev/random AND no EGD
running
1.1.6 :
. changes by Renaud Deraison (deraison at nessus.org)
- EGD support for OpenSSL (do ./configure --enable-egd=/path/to/egd/socket
in nessus-libraries)
- KB items are now stored with individual dates instead of a global
date for the whole KB file. Yes, this means you have to delete your
old KB files
- When an host could not be pinged, his KB is not altered (nor created)
- fixed memory leaks in nessusd
- nessus-mkcert checks that the certificates were really created
before congratulating the user
- fixed a security problem where anybody with a shell on the nessusd
host could log in
1.1.5 :
. changes by Georges Dagousset (georges.dagousset at alert4web.com) :
- new KB entries for further "optimizations"
- improved find_services.nes
. changes by Renaud Deraison (deraison at nessus.org) :
- cleaned up the KB
- added doc/kb_entries.txt
- bugfix in find_services regarding the pem password
- new reporting GUI
- fixed a problem which would leave some plugin run against a host
considered as dead
- the KB are now stored with properly escaped \n and \r chars
- greatly improved tcp_ping.nasl (and tcp_ping() in libnasl)
. changes by Michel Arboi (arboi at algoriel.fr) :
- replaced PEKS by OpenSSL in the client/server communication
. changes by H D Moore (hdm@secureaustin.com)
- fixed no404.nasl
1.1.4 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed find_services.nes
- plugins that are slow to finish are _really_ killed by the server
- the client better handles the scan of big networks
- nmap_wrapper now updates its progress bar
- nessus-update-plugins support proxies (with or without authentication)
- monitor_backend.c and data_mining.c allow any developer to plug
a database behind the client (by default flatfiles are used)
- bug fixed in nmap_wrapper which would make it kill its parent
process randomly
- minor fix in the tcp_ping() function of NASL (ack would be set
to non-zero for a syn packet)
- fixed Alexis's ftp_write_dirs.nes & ftp_bounce_scan.nes
. changes by Michel Arboi (arboi at noos.fr) :
- find_services accepts password-protected .pem files
- patches in the way files were transmitted between the client
and the server (which could end up in a deadlock)
. changes by Alexis de Bernis <alexisb at tpfh.org) :
- fixed ftp_write_dirs.nes
1.1.3 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'torturecgis.nasl' which supplies bogus args to
the remote CGIs, in order to find the most blantantly broken
ones
- webmirror.nasl now retrieves the list of arguments of each
CGI.
- added filter support in the client. Use the key 'l' to filter
out plugins you don't want to see.
- added the 'safe checks' option which allow the user to not disturb
the network (but which weakens the Nessus tests)
- disabled backward support for port 3001 - the official port
is 1241 now.
1.1.2 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'webmirror.nasl', which extracts the list of
CGIs used by a remote web server (and will do much more).
- fixed a problem in NASL due to the SSL patch that would cause
a fd leak with some plugins.
- added a new plugin category (ACT_DESTRUCTIVE_ATTACK) for plugins
that may harm the remote host.
- SSL certificates & key can be imported
- corrected a bug introduced in 1.1.0 that would make the client not display
the name of the plugin currently being run.
- sending signal SIGUSR1 to nessusd makes the grandfather process (the one
who listens on tcp ports) die without killing its children, thus
allowing a smooth upgrade of nessusd
- updated config.guess and config.sub
1.1.1 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed mem leaks in NASL
- fixed a bug introduced in 1.1.0 regarding recv_line()
- fixed a bug introduced in 1.1.0 in the process management of the plugins
(all the KB would not be filled, resulting in incomplete tests)
- smb_sid2user.nasl is twice as fast ;)
1.1.0 :
. changes by Devin Kowatch (devink at SDSC.EDU) :
- fixed communication problem between client and server
- user-defined timing policy in nmap
- nessus-update-plugins uses wget (or any user-supplied command at
compilation time) if available.
. changes by Michel Arboi (arboi at bigfoot.com) :
- support for the -T option of nmap
- SSL support
. changes by Zorgon (zorgon at antionline.org) :
- support for the --os_guess option of nmap
. changes by Renaud Deraison (deraison at nessus.org) :
- the user can upload files to plugins through the client (ie: it is possible
to upload nmap's results directly to the nmap plugin)
- tests can be run in parallel now
- each user is now granted a home by nessus-adduser
- added nessus-rmuser
- per users plugins
Of course several new plugins were added as well.
2002-05-10 15:18:44 +02:00
|
|
|
lib/nessus/plugins/mssql_brute_force.nasl
|
2001-08-16 19:27:53 +02:00
|
|
|
lib/nessus/plugins/mssql_ping.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/mssqlserver_detect.nasl
|
|
|
|
lib/nessus/plugins/mssqlserver_dos.nasl
|
|
|
|
lib/nessus/plugins/mstream_agent.nasl
|
|
|
|
lib/nessus/plugins/mstream_handler.nasl
|
|
|
|
lib/nessus/plugins/multicsp_detect.nasl
|
2000-10-15 19:19:49 +02:00
|
|
|
lib/nessus/plugins/multihtml.nasl
|
2001-12-30 19:38:53 +01:00
|
|
|
lib/nessus/plugins/multiple_ftpd_dos.nasl
|
2001-08-16 19:27:53 +02:00
|
|
|
lib/nessus/plugins/mycio_detect.nasl
|
|
|
|
lib/nessus/plugins/mycio_directory_traversal.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/mysql_bad_password.nasl
|
2001-06-17 15:25:54 +02:00
|
|
|
lib/nessus/plugins/mysql_flaws.nasl
|
2000-08-04 01:09:21 +02:00
|
|
|
lib/nessus/plugins/mysql_unpassworded.nasl
|
2001-12-30 19:38:53 +01:00
|
|
|
lib/nessus/plugins/mysql_version.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/nai_webshield_info.nasl
|
|
|
|
lib/nessus/plugins/nai_webshield_overflow.nasl
|
|
|
|
lib/nessus/plugins/napster_detect.nasl
|
2001-12-30 19:38:53 +01:00
|
|
|
lib/nessus/plugins/ncacn_http.nasl
|
|
|
|
lib/nessus/plugins/ncbook_cgi.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/ncl_items.nasl
|
2001-06-17 15:25:54 +02:00
|
|
|
lib/nessus/plugins/ncl_items_2.nasl
|
2001-12-30 19:38:53 +01:00
|
|
|
lib/nessus/plugins/nds_web_based_browsing.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/nessus_detect.nasl
|
|
|
|
lib/nessus/plugins/nestea.nasl
|
2000-10-15 19:19:49 +02:00
|
|
|
lib/nessus/plugins/netauth.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/netbeans.nasl
|
|
|
|
lib/nessus/plugins/netbios_name_get.nasl
|
|
|
|
lib/nessus/plugins/netbus.nasl
|
|
|
|
lib/nessus/plugins/netbus2.nasl
|
|
|
|
lib/nessus/plugins/netscape_PageServices.nasl
|
|
|
|
lib/nessus/plugins/netscape_accept_overflow.nasl
|
2000-08-04 01:09:21 +02:00
|
|
|
lib/nessus/plugins/netscape_adminpw.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/netscape_crash.nasl
|
2001-08-16 19:27:53 +02:00
|
|
|
lib/nessus/plugins/netscape_entreprise_dot_overflow.nasl
|
|
|
|
lib/nessus/plugins/netscape_entreprise_index.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/netscape_fasttrack.nasl
|
2001-01-28 19:52:32 +01:00
|
|
|
lib/nessus/plugins/netscape_imap_overflow.nasl
|
2001-08-16 19:27:53 +02:00
|
|
|
lib/nessus/plugins/netscape_pop_auth.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/netscape_publishing_expert_psuser.nasl
|
|
|
|
lib/nessus/plugins/netscape_wp_tag.nasl
|
|
|
|
lib/nessus/plugins/netstat.nasl
|
|
|
|
lib/nessus/plugins/newdsn.nasl
|
2001-01-28 19:52:32 +01:00
|
|
|
lib/nessus/plugins/newsdesk.nasl
|
Update libnasl, nessus{-core,-libraries,-plugins} to 1.2.0.
1.1.15/1.2.0 :
. changes by Nicolas Dubee (ndubee@secway.com) :
- Better support for AF_UNIX sockets
. changes by Brian (bmc@snort.org) :
- CVE references
- several bugfixes in the plugins
. changes by Peter Gründl (pgrundl@kpmg.dk) and
Carsten Joergensen (carstenjoergensen@kpmg.dk) :
- Extensive review of the plugins and therefore numerous fixes
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- FD leak in save_kb.c fixed
. changes by Renaud Deraison (deraison at nessus.org)
- It is now possible to upload files to the server when using
the command line client
- lrand48() portability problems worked around
- fixed a bug in the report window that would make it crash
randomly
1.1.14 :
. changes by Renaud Deraison (deraison at nessus.org)
- SMB fixes (thanks to Michael Scheidell)
- When the safe checks option is enabled, dangerous tests with no
alternate code (ie: plugins of type ACT_DESTRUCTIVE_ATTACK and
ACT_DENIAL) are disabled
- Hosts can be designated by their MAC address of instead of their
IP address (mostly useful for DHCP networks)
- Fixed a bug in the report generation which would replace newlines (\n)
by semi-columns (;)
- Fixed a bug in the export of some types of reports, where open ports
with no data associated would not be saved
- Integrated THC's Hydra as a Nessus plugin
- Added new NT security checks (related to user management)
- Plugins of type ACT_SETTINGS can not be disabled
- Fixed a bug which would make nessusd hang when a scanner was reporting
too many open ports (as when a UDP scan reports all UDP ports as
being open)
. changes by Dion Stempfley (dion at riptech.com)
- The client can now filter on category
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- Fixed some plugins causing error messages in some circumstances
(dns_xfer.nasl, snmp_processes.nasl...)
- Stylish changes to prevent gcc -Wall from whining in some files
- XML NG output is now XML compliant
- Bug fixes
. changes by Jenni Scott (jenni.scott@guardent.com) and
Michael Slifcak (michael.slifcak@guardent.com) :
- Improved the reporting of the plugins (better consistency, better
wording)
1.1.13 :
. changes by Michel Arboi (arboi at algoriel.fr)
- New family ACT_SETTINGS dedicated to plugins which just let the user
enter some preferences
- Optional NIDS evasion techniques (url encoding, tcp slicing)
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug in the command line client which would make it ignore
some preferences
- SMB checks can now log into a Windows domain
- NIDS evasion techniques (data injection, short ttl)
- Fixed a bug which would randomly stall the scan
1.1.12 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workarounds on FreeBSD to prevent a kernel panic
(thanks to Michael Scheidell and Stefan Esser)
- nessus can export reports as other file formats again
1.1.11 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug regarding the saving of reports from the GUI
- Improved the backend in many ways (speed-wise, content-wise)
- Changes in the protocol
- More messages are sent between the server and the client (timestamps,
plugins version, ...)
- New .nbe file format, which looks like .nsr but has more information
in it
- Plugins now have versions numbers.
- The user can upload his plugins to the nessusd server from the client
- It is now possible to upload files to the server (ie: nmap's results) in
command-line mode
- Fixed false positives in SNMP plugins when launched against a non-configured
Solaris snmpd
. changes by Guillaume Valadon (guillaume at valadon.net)
- New XML output (the XML layout was defined by Lionel Cons [lionel.cons at cern.ch])
1.1.10 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug introduced in 1.1.9 which would sometimes prevent a user from
aborting an on-going test
- Fixed a bug in the client which would prevent the user from setting a port
range longer than 255 chars
- Fixed bugs in pcap_next() (thanks to Richard van den Berg). Also, pcap_next() is now more flexible.
- Fixed a bug in the command line client which would make it close the
communication too early when the client - server communication is not
ciphered
- Added an "auto-load dependencies at runtime" option
1.1.9 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fix in the GUI, when closing a saved report
- Fixed a bug in ftp_log_in() which would prevent nasl script from
logging into some FTP servers
- Solaris build problems fixed
- Darwin 1.4.1 build problems fixed
- MkLinux DR3 build problems fixed (is anyone using it anymore ?)
- GTK 1.0.x build problems fixed (the use of GTK 1.2 is recommended though)
- Fixed the "wrong call to getopt" problem which would make Nessus
segfault when built with cygwin, and which would prevent options
from working under Solaris & FreeBSD (thanks to Udo Schweigert)
- SMB checks speedup (thanks to Georges Dagousset's suggestion)
- Fixed a bug in the client - server communication that would make the
server close the communication when the client is idle
- Better support for AF_UNIX socket for client-server communication
(compile nessus-core with ./configure --enable-unix-socket)
- Plugins are disabled by default in batch mode
. changes by Michel Arboi (arboi at algoriel.fr)
- Client now properly checks the certificate of the server
. changes by Benoit Brodard (bbrodard at arkoon.net)
- fixed bugs in nasl/tcp.c (checksum, handling of unsigned int)
1.1.8 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workaround for systems with a low number of bpfs (OpenBSD, Darwin)
- Added some length checks for SMB checks
- No more zombies
- Fixed accounts.nes
- Fixed the reporting of the client (reports would be mixed)
- Client removes tempfiles when exiting
- Repaired ptyexecvp() which would not work on Solaris
- Slight bugfix in the NASL interpretor
. changes by Georges Dagousset (georges at alert4web.com)
- More optimizations
- Properly reloads KBs with the same value defined more than once
- Fixes in some plugins dependencies
. changes by Michael Slifcak <Michael.Slifcak at guardent.com>
- More nmap options
- Quiet mode in nessus-adduser
1.1.7 :
. changes by Renaud Deraison (deraison at nessus.org)
- Compiles on platforms without OpenSSL
- Better Solaris support
- Ported under Darwin (many thanks to Dieter Fiebelkorn
(dieter at fiebelkorn.net) who actually started the port and helped
me test this)
- Unscanned ports can now be considered as closed or open (instead of
just open), at user choice
- Upgraded to libtool 1.4.2
- fixed a bug in the client which would make it display the wrong report
when doing multiple scans
- enhanced the plugins filter (that appear when pressing 'l' in the GUI)
- fixed a serious problem in the SMB plugins which would prevent them to work
against Samba and which would make them slow against Windows (pointed out
by Georges Dagousset)
. changes by Iouri Pletnev (Iouri.Pletnec at xacta.com)
- Ported under Cygwin
. changes by Michel Arboi (arboi at algoriel.fr)
- Added nessus-mkrand for hosts with no /dev/random AND no EGD
running
1.1.6 :
. changes by Renaud Deraison (deraison at nessus.org)
- EGD support for OpenSSL (do ./configure --enable-egd=/path/to/egd/socket
in nessus-libraries)
- KB items are now stored with individual dates instead of a global
date for the whole KB file. Yes, this means you have to delete your
old KB files
- When an host could not be pinged, his KB is not altered (nor created)
- fixed memory leaks in nessusd
- nessus-mkcert checks that the certificates were really created
before congratulating the user
- fixed a security problem where anybody with a shell on the nessusd
host could log in
1.1.5 :
. changes by Georges Dagousset (georges.dagousset at alert4web.com) :
- new KB entries for further "optimizations"
- improved find_services.nes
. changes by Renaud Deraison (deraison at nessus.org) :
- cleaned up the KB
- added doc/kb_entries.txt
- bugfix in find_services regarding the pem password
- new reporting GUI
- fixed a problem which would leave some plugin run against a host
considered as dead
- the KB are now stored with properly escaped \n and \r chars
- greatly improved tcp_ping.nasl (and tcp_ping() in libnasl)
. changes by Michel Arboi (arboi at algoriel.fr) :
- replaced PEKS by OpenSSL in the client/server communication
. changes by H D Moore (hdm@secureaustin.com)
- fixed no404.nasl
1.1.4 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed find_services.nes
- plugins that are slow to finish are _really_ killed by the server
- the client better handles the scan of big networks
- nmap_wrapper now updates its progress bar
- nessus-update-plugins support proxies (with or without authentication)
- monitor_backend.c and data_mining.c allow any developer to plug
a database behind the client (by default flatfiles are used)
- bug fixed in nmap_wrapper which would make it kill its parent
process randomly
- minor fix in the tcp_ping() function of NASL (ack would be set
to non-zero for a syn packet)
- fixed Alexis's ftp_write_dirs.nes & ftp_bounce_scan.nes
. changes by Michel Arboi (arboi at noos.fr) :
- find_services accepts password-protected .pem files
- patches in the way files were transmitted between the client
and the server (which could end up in a deadlock)
. changes by Alexis de Bernis <alexisb at tpfh.org) :
- fixed ftp_write_dirs.nes
1.1.3 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'torturecgis.nasl' which supplies bogus args to
the remote CGIs, in order to find the most blantantly broken
ones
- webmirror.nasl now retrieves the list of arguments of each
CGI.
- added filter support in the client. Use the key 'l' to filter
out plugins you don't want to see.
- added the 'safe checks' option which allow the user to not disturb
the network (but which weakens the Nessus tests)
- disabled backward support for port 3001 - the official port
is 1241 now.
1.1.2 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'webmirror.nasl', which extracts the list of
CGIs used by a remote web server (and will do much more).
- fixed a problem in NASL due to the SSL patch that would cause
a fd leak with some plugins.
- added a new plugin category (ACT_DESTRUCTIVE_ATTACK) for plugins
that may harm the remote host.
- SSL certificates & key can be imported
- corrected a bug introduced in 1.1.0 that would make the client not display
the name of the plugin currently being run.
- sending signal SIGUSR1 to nessusd makes the grandfather process (the one
who listens on tcp ports) die without killing its children, thus
allowing a smooth upgrade of nessusd
- updated config.guess and config.sub
1.1.1 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed mem leaks in NASL
- fixed a bug introduced in 1.1.0 regarding recv_line()
- fixed a bug introduced in 1.1.0 in the process management of the plugins
(all the KB would not be filled, resulting in incomplete tests)
- smb_sid2user.nasl is twice as fast ;)
1.1.0 :
. changes by Devin Kowatch (devink at SDSC.EDU) :
- fixed communication problem between client and server
- user-defined timing policy in nmap
- nessus-update-plugins uses wget (or any user-supplied command at
compilation time) if available.
. changes by Michel Arboi (arboi at bigfoot.com) :
- support for the -T option of nmap
- SSL support
. changes by Zorgon (zorgon at antionline.org) :
- support for the --os_guess option of nmap
. changes by Renaud Deraison (deraison at nessus.org) :
- the user can upload files to plugins through the client (ie: it is possible
to upload nmap's results directly to the nmap plugin)
- tests can be run in parallel now
- each user is now granted a home by nessus-adduser
- added nessus-rmuser
- per users plugins
Of course several new plugins were added as well.
2002-05-10 15:18:44 +02:00
|
|
|
lib/nessus/plugins/nikto_wrapper.nes
|
2001-12-30 19:38:53 +01:00
|
|
|
lib/nessus/plugins/nimda.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/nis_server.nasl
|
|
|
|
lib/nessus/plugins/nmap_tcp_connect.nes
|
|
|
|
lib/nessus/plugins/nmap_wrapper.nes
|
|
|
|
lib/nessus/plugins/nntpserver_detect.nasl
|
|
|
|
lib/nessus/plugins/no404.nasl
|
|
|
|
lib/nessus/plugins/nortel_cgiproc_dos.nasl
|
2000-11-12 05:32:02 +01:00
|
|
|
lib/nessus/plugins/nortel_pwdless1.nasl
|
|
|
|
lib/nessus/plugins/nortel_pwdless2.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/notes_mta_dos.nasl
|
|
|
|
lib/nessus/plugins/novell_border_manager.nasl
|
2001-12-30 19:38:53 +01:00
|
|
|
lib/nessus/plugins/novell_groupwise_webacc_information_disclosure.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/nph-publish.nasl
|
|
|
|
lib/nessus/plugins/nph-test-cgi.nasl
|
2000-11-12 05:32:02 +01:00
|
|
|
lib/nessus/plugins/nsm_format_strings.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/nt_ftp_guest.nasl
|
|
|
|
lib/nessus/plugins/nt_spam.nasl
|
|
|
|
lib/nessus/plugins/ntalk_detect.nasl
|
Update libnasl, nessus{-core,-libraries,-plugins} to 1.2.0.
1.1.15/1.2.0 :
. changes by Nicolas Dubee (ndubee@secway.com) :
- Better support for AF_UNIX sockets
. changes by Brian (bmc@snort.org) :
- CVE references
- several bugfixes in the plugins
. changes by Peter Gründl (pgrundl@kpmg.dk) and
Carsten Joergensen (carstenjoergensen@kpmg.dk) :
- Extensive review of the plugins and therefore numerous fixes
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- FD leak in save_kb.c fixed
. changes by Renaud Deraison (deraison at nessus.org)
- It is now possible to upload files to the server when using
the command line client
- lrand48() portability problems worked around
- fixed a bug in the report window that would make it crash
randomly
1.1.14 :
. changes by Renaud Deraison (deraison at nessus.org)
- SMB fixes (thanks to Michael Scheidell)
- When the safe checks option is enabled, dangerous tests with no
alternate code (ie: plugins of type ACT_DESTRUCTIVE_ATTACK and
ACT_DENIAL) are disabled
- Hosts can be designated by their MAC address of instead of their
IP address (mostly useful for DHCP networks)
- Fixed a bug in the report generation which would replace newlines (\n)
by semi-columns (;)
- Fixed a bug in the export of some types of reports, where open ports
with no data associated would not be saved
- Integrated THC's Hydra as a Nessus plugin
- Added new NT security checks (related to user management)
- Plugins of type ACT_SETTINGS can not be disabled
- Fixed a bug which would make nessusd hang when a scanner was reporting
too many open ports (as when a UDP scan reports all UDP ports as
being open)
. changes by Dion Stempfley (dion at riptech.com)
- The client can now filter on category
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- Fixed some plugins causing error messages in some circumstances
(dns_xfer.nasl, snmp_processes.nasl...)
- Stylish changes to prevent gcc -Wall from whining in some files
- XML NG output is now XML compliant
- Bug fixes
. changes by Jenni Scott (jenni.scott@guardent.com) and
Michael Slifcak (michael.slifcak@guardent.com) :
- Improved the reporting of the plugins (better consistency, better
wording)
1.1.13 :
. changes by Michel Arboi (arboi at algoriel.fr)
- New family ACT_SETTINGS dedicated to plugins which just let the user
enter some preferences
- Optional NIDS evasion techniques (url encoding, tcp slicing)
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug in the command line client which would make it ignore
some preferences
- SMB checks can now log into a Windows domain
- NIDS evasion techniques (data injection, short ttl)
- Fixed a bug which would randomly stall the scan
1.1.12 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workarounds on FreeBSD to prevent a kernel panic
(thanks to Michael Scheidell and Stefan Esser)
- nessus can export reports as other file formats again
1.1.11 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug regarding the saving of reports from the GUI
- Improved the backend in many ways (speed-wise, content-wise)
- Changes in the protocol
- More messages are sent between the server and the client (timestamps,
plugins version, ...)
- New .nbe file format, which looks like .nsr but has more information
in it
- Plugins now have versions numbers.
- The user can upload his plugins to the nessusd server from the client
- It is now possible to upload files to the server (ie: nmap's results) in
command-line mode
- Fixed false positives in SNMP plugins when launched against a non-configured
Solaris snmpd
. changes by Guillaume Valadon (guillaume at valadon.net)
- New XML output (the XML layout was defined by Lionel Cons [lionel.cons at cern.ch])
1.1.10 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug introduced in 1.1.9 which would sometimes prevent a user from
aborting an on-going test
- Fixed a bug in the client which would prevent the user from setting a port
range longer than 255 chars
- Fixed bugs in pcap_next() (thanks to Richard van den Berg). Also, pcap_next() is now more flexible.
- Fixed a bug in the command line client which would make it close the
communication too early when the client - server communication is not
ciphered
- Added an "auto-load dependencies at runtime" option
1.1.9 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fix in the GUI, when closing a saved report
- Fixed a bug in ftp_log_in() which would prevent nasl script from
logging into some FTP servers
- Solaris build problems fixed
- Darwin 1.4.1 build problems fixed
- MkLinux DR3 build problems fixed (is anyone using it anymore ?)
- GTK 1.0.x build problems fixed (the use of GTK 1.2 is recommended though)
- Fixed the "wrong call to getopt" problem which would make Nessus
segfault when built with cygwin, and which would prevent options
from working under Solaris & FreeBSD (thanks to Udo Schweigert)
- SMB checks speedup (thanks to Georges Dagousset's suggestion)
- Fixed a bug in the client - server communication that would make the
server close the communication when the client is idle
- Better support for AF_UNIX socket for client-server communication
(compile nessus-core with ./configure --enable-unix-socket)
- Plugins are disabled by default in batch mode
. changes by Michel Arboi (arboi at algoriel.fr)
- Client now properly checks the certificate of the server
. changes by Benoit Brodard (bbrodard at arkoon.net)
- fixed bugs in nasl/tcp.c (checksum, handling of unsigned int)
1.1.8 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workaround for systems with a low number of bpfs (OpenBSD, Darwin)
- Added some length checks for SMB checks
- No more zombies
- Fixed accounts.nes
- Fixed the reporting of the client (reports would be mixed)
- Client removes tempfiles when exiting
- Repaired ptyexecvp() which would not work on Solaris
- Slight bugfix in the NASL interpretor
. changes by Georges Dagousset (georges at alert4web.com)
- More optimizations
- Properly reloads KBs with the same value defined more than once
- Fixes in some plugins dependencies
. changes by Michael Slifcak <Michael.Slifcak at guardent.com>
- More nmap options
- Quiet mode in nessus-adduser
1.1.7 :
. changes by Renaud Deraison (deraison at nessus.org)
- Compiles on platforms without OpenSSL
- Better Solaris support
- Ported under Darwin (many thanks to Dieter Fiebelkorn
(dieter at fiebelkorn.net) who actually started the port and helped
me test this)
- Unscanned ports can now be considered as closed or open (instead of
just open), at user choice
- Upgraded to libtool 1.4.2
- fixed a bug in the client which would make it display the wrong report
when doing multiple scans
- enhanced the plugins filter (that appear when pressing 'l' in the GUI)
- fixed a serious problem in the SMB plugins which would prevent them to work
against Samba and which would make them slow against Windows (pointed out
by Georges Dagousset)
. changes by Iouri Pletnev (Iouri.Pletnec at xacta.com)
- Ported under Cygwin
. changes by Michel Arboi (arboi at algoriel.fr)
- Added nessus-mkrand for hosts with no /dev/random AND no EGD
running
1.1.6 :
. changes by Renaud Deraison (deraison at nessus.org)
- EGD support for OpenSSL (do ./configure --enable-egd=/path/to/egd/socket
in nessus-libraries)
- KB items are now stored with individual dates instead of a global
date for the whole KB file. Yes, this means you have to delete your
old KB files
- When an host could not be pinged, his KB is not altered (nor created)
- fixed memory leaks in nessusd
- nessus-mkcert checks that the certificates were really created
before congratulating the user
- fixed a security problem where anybody with a shell on the nessusd
host could log in
1.1.5 :
. changes by Georges Dagousset (georges.dagousset at alert4web.com) :
- new KB entries for further "optimizations"
- improved find_services.nes
. changes by Renaud Deraison (deraison at nessus.org) :
- cleaned up the KB
- added doc/kb_entries.txt
- bugfix in find_services regarding the pem password
- new reporting GUI
- fixed a problem which would leave some plugin run against a host
considered as dead
- the KB are now stored with properly escaped \n and \r chars
- greatly improved tcp_ping.nasl (and tcp_ping() in libnasl)
. changes by Michel Arboi (arboi at algoriel.fr) :
- replaced PEKS by OpenSSL in the client/server communication
. changes by H D Moore (hdm@secureaustin.com)
- fixed no404.nasl
1.1.4 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed find_services.nes
- plugins that are slow to finish are _really_ killed by the server
- the client better handles the scan of big networks
- nmap_wrapper now updates its progress bar
- nessus-update-plugins support proxies (with or without authentication)
- monitor_backend.c and data_mining.c allow any developer to plug
a database behind the client (by default flatfiles are used)
- bug fixed in nmap_wrapper which would make it kill its parent
process randomly
- minor fix in the tcp_ping() function of NASL (ack would be set
to non-zero for a syn packet)
- fixed Alexis's ftp_write_dirs.nes & ftp_bounce_scan.nes
. changes by Michel Arboi (arboi at noos.fr) :
- find_services accepts password-protected .pem files
- patches in the way files were transmitted between the client
and the server (which could end up in a deadlock)
. changes by Alexis de Bernis <alexisb at tpfh.org) :
- fixed ftp_write_dirs.nes
1.1.3 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'torturecgis.nasl' which supplies bogus args to
the remote CGIs, in order to find the most blantantly broken
ones
- webmirror.nasl now retrieves the list of arguments of each
CGI.
- added filter support in the client. Use the key 'l' to filter
out plugins you don't want to see.
- added the 'safe checks' option which allow the user to not disturb
the network (but which weakens the Nessus tests)
- disabled backward support for port 3001 - the official port
is 1241 now.
1.1.2 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'webmirror.nasl', which extracts the list of
CGIs used by a remote web server (and will do much more).
- fixed a problem in NASL due to the SSL patch that would cause
a fd leak with some plugins.
- added a new plugin category (ACT_DESTRUCTIVE_ATTACK) for plugins
that may harm the remote host.
- SSL certificates & key can be imported
- corrected a bug introduced in 1.1.0 that would make the client not display
the name of the plugin currently being run.
- sending signal SIGUSR1 to nessusd makes the grandfather process (the one
who listens on tcp ports) die without killing its children, thus
allowing a smooth upgrade of nessusd
- updated config.guess and config.sub
1.1.1 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed mem leaks in NASL
- fixed a bug introduced in 1.1.0 regarding recv_line()
- fixed a bug introduced in 1.1.0 in the process management of the plugins
(all the KB would not be filled, resulting in incomplete tests)
- smb_sid2user.nasl is twice as fast ;)
1.1.0 :
. changes by Devin Kowatch (devink at SDSC.EDU) :
- fixed communication problem between client and server
- user-defined timing policy in nmap
- nessus-update-plugins uses wget (or any user-supplied command at
compilation time) if available.
. changes by Michel Arboi (arboi at bigfoot.com) :
- support for the -T option of nmap
- SSL support
. changes by Zorgon (zorgon at antionline.org) :
- support for the --os_guess option of nmap
. changes by Renaud Deraison (deraison at nessus.org) :
- the user can upload files to plugins through the client (ie: it is possible
to upload nmap's results directly to the nmap plugin)
- tests can be run in parallel now
- each user is now granted a home by nessus-adduser
- added nessus-rmuser
- per users plugins
Of course several new plugins were added as well.
2002-05-10 15:18:44 +02:00
|
|
|
lib/nessus/plugins/ntp_open.nasl
|
2001-06-17 15:25:54 +02:00
|
|
|
lib/nessus/plugins/ntp_overflow.nasl
|
|
|
|
lib/nessus/plugins/oas_overflow.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/objectserver.nes
|
2001-01-28 19:52:32 +01:00
|
|
|
lib/nessus/plugins/oops_overflow.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/openlink_overflow.nasl
|
2001-06-17 15:25:54 +02:00
|
|
|
lib/nessus/plugins/openssh_231.nasl
|
2001-12-30 19:38:53 +01:00
|
|
|
lib/nessus/plugins/openssh_301.nasl
|
|
|
|
lib/nessus/plugins/openssh_adv_option.nasl
|
Update libnasl, nessus{-core,-libraries,-plugins} to 1.2.0.
1.1.15/1.2.0 :
. changes by Nicolas Dubee (ndubee@secway.com) :
- Better support for AF_UNIX sockets
. changes by Brian (bmc@snort.org) :
- CVE references
- several bugfixes in the plugins
. changes by Peter Gründl (pgrundl@kpmg.dk) and
Carsten Joergensen (carstenjoergensen@kpmg.dk) :
- Extensive review of the plugins and therefore numerous fixes
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- FD leak in save_kb.c fixed
. changes by Renaud Deraison (deraison at nessus.org)
- It is now possible to upload files to the server when using
the command line client
- lrand48() portability problems worked around
- fixed a bug in the report window that would make it crash
randomly
1.1.14 :
. changes by Renaud Deraison (deraison at nessus.org)
- SMB fixes (thanks to Michael Scheidell)
- When the safe checks option is enabled, dangerous tests with no
alternate code (ie: plugins of type ACT_DESTRUCTIVE_ATTACK and
ACT_DENIAL) are disabled
- Hosts can be designated by their MAC address of instead of their
IP address (mostly useful for DHCP networks)
- Fixed a bug in the report generation which would replace newlines (\n)
by semi-columns (;)
- Fixed a bug in the export of some types of reports, where open ports
with no data associated would not be saved
- Integrated THC's Hydra as a Nessus plugin
- Added new NT security checks (related to user management)
- Plugins of type ACT_SETTINGS can not be disabled
- Fixed a bug which would make nessusd hang when a scanner was reporting
too many open ports (as when a UDP scan reports all UDP ports as
being open)
. changes by Dion Stempfley (dion at riptech.com)
- The client can now filter on category
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- Fixed some plugins causing error messages in some circumstances
(dns_xfer.nasl, snmp_processes.nasl...)
- Stylish changes to prevent gcc -Wall from whining in some files
- XML NG output is now XML compliant
- Bug fixes
. changes by Jenni Scott (jenni.scott@guardent.com) and
Michael Slifcak (michael.slifcak@guardent.com) :
- Improved the reporting of the plugins (better consistency, better
wording)
1.1.13 :
. changes by Michel Arboi (arboi at algoriel.fr)
- New family ACT_SETTINGS dedicated to plugins which just let the user
enter some preferences
- Optional NIDS evasion techniques (url encoding, tcp slicing)
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug in the command line client which would make it ignore
some preferences
- SMB checks can now log into a Windows domain
- NIDS evasion techniques (data injection, short ttl)
- Fixed a bug which would randomly stall the scan
1.1.12 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workarounds on FreeBSD to prevent a kernel panic
(thanks to Michael Scheidell and Stefan Esser)
- nessus can export reports as other file formats again
1.1.11 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug regarding the saving of reports from the GUI
- Improved the backend in many ways (speed-wise, content-wise)
- Changes in the protocol
- More messages are sent between the server and the client (timestamps,
plugins version, ...)
- New .nbe file format, which looks like .nsr but has more information
in it
- Plugins now have versions numbers.
- The user can upload his plugins to the nessusd server from the client
- It is now possible to upload files to the server (ie: nmap's results) in
command-line mode
- Fixed false positives in SNMP plugins when launched against a non-configured
Solaris snmpd
. changes by Guillaume Valadon (guillaume at valadon.net)
- New XML output (the XML layout was defined by Lionel Cons [lionel.cons at cern.ch])
1.1.10 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug introduced in 1.1.9 which would sometimes prevent a user from
aborting an on-going test
- Fixed a bug in the client which would prevent the user from setting a port
range longer than 255 chars
- Fixed bugs in pcap_next() (thanks to Richard van den Berg). Also, pcap_next() is now more flexible.
- Fixed a bug in the command line client which would make it close the
communication too early when the client - server communication is not
ciphered
- Added an "auto-load dependencies at runtime" option
1.1.9 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fix in the GUI, when closing a saved report
- Fixed a bug in ftp_log_in() which would prevent nasl script from
logging into some FTP servers
- Solaris build problems fixed
- Darwin 1.4.1 build problems fixed
- MkLinux DR3 build problems fixed (is anyone using it anymore ?)
- GTK 1.0.x build problems fixed (the use of GTK 1.2 is recommended though)
- Fixed the "wrong call to getopt" problem which would make Nessus
segfault when built with cygwin, and which would prevent options
from working under Solaris & FreeBSD (thanks to Udo Schweigert)
- SMB checks speedup (thanks to Georges Dagousset's suggestion)
- Fixed a bug in the client - server communication that would make the
server close the communication when the client is idle
- Better support for AF_UNIX socket for client-server communication
(compile nessus-core with ./configure --enable-unix-socket)
- Plugins are disabled by default in batch mode
. changes by Michel Arboi (arboi at algoriel.fr)
- Client now properly checks the certificate of the server
. changes by Benoit Brodard (bbrodard at arkoon.net)
- fixed bugs in nasl/tcp.c (checksum, handling of unsigned int)
1.1.8 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workaround for systems with a low number of bpfs (OpenBSD, Darwin)
- Added some length checks for SMB checks
- No more zombies
- Fixed accounts.nes
- Fixed the reporting of the client (reports would be mixed)
- Client removes tempfiles when exiting
- Repaired ptyexecvp() which would not work on Solaris
- Slight bugfix in the NASL interpretor
. changes by Georges Dagousset (georges at alert4web.com)
- More optimizations
- Properly reloads KBs with the same value defined more than once
- Fixes in some plugins dependencies
. changes by Michael Slifcak <Michael.Slifcak at guardent.com>
- More nmap options
- Quiet mode in nessus-adduser
1.1.7 :
. changes by Renaud Deraison (deraison at nessus.org)
- Compiles on platforms without OpenSSL
- Better Solaris support
- Ported under Darwin (many thanks to Dieter Fiebelkorn
(dieter at fiebelkorn.net) who actually started the port and helped
me test this)
- Unscanned ports can now be considered as closed or open (instead of
just open), at user choice
- Upgraded to libtool 1.4.2
- fixed a bug in the client which would make it display the wrong report
when doing multiple scans
- enhanced the plugins filter (that appear when pressing 'l' in the GUI)
- fixed a serious problem in the SMB plugins which would prevent them to work
against Samba and which would make them slow against Windows (pointed out
by Georges Dagousset)
. changes by Iouri Pletnev (Iouri.Pletnec at xacta.com)
- Ported under Cygwin
. changes by Michel Arboi (arboi at algoriel.fr)
- Added nessus-mkrand for hosts with no /dev/random AND no EGD
running
1.1.6 :
. changes by Renaud Deraison (deraison at nessus.org)
- EGD support for OpenSSL (do ./configure --enable-egd=/path/to/egd/socket
in nessus-libraries)
- KB items are now stored with individual dates instead of a global
date for the whole KB file. Yes, this means you have to delete your
old KB files
- When an host could not be pinged, his KB is not altered (nor created)
- fixed memory leaks in nessusd
- nessus-mkcert checks that the certificates were really created
before congratulating the user
- fixed a security problem where anybody with a shell on the nessusd
host could log in
1.1.5 :
. changes by Georges Dagousset (georges.dagousset at alert4web.com) :
- new KB entries for further "optimizations"
- improved find_services.nes
. changes by Renaud Deraison (deraison at nessus.org) :
- cleaned up the KB
- added doc/kb_entries.txt
- bugfix in find_services regarding the pem password
- new reporting GUI
- fixed a problem which would leave some plugin run against a host
considered as dead
- the KB are now stored with properly escaped \n and \r chars
- greatly improved tcp_ping.nasl (and tcp_ping() in libnasl)
. changes by Michel Arboi (arboi at algoriel.fr) :
- replaced PEKS by OpenSSL in the client/server communication
. changes by H D Moore (hdm@secureaustin.com)
- fixed no404.nasl
1.1.4 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed find_services.nes
- plugins that are slow to finish are _really_ killed by the server
- the client better handles the scan of big networks
- nmap_wrapper now updates its progress bar
- nessus-update-plugins support proxies (with or without authentication)
- monitor_backend.c and data_mining.c allow any developer to plug
a database behind the client (by default flatfiles are used)
- bug fixed in nmap_wrapper which would make it kill its parent
process randomly
- minor fix in the tcp_ping() function of NASL (ack would be set
to non-zero for a syn packet)
- fixed Alexis's ftp_write_dirs.nes & ftp_bounce_scan.nes
. changes by Michel Arboi (arboi at noos.fr) :
- find_services accepts password-protected .pem files
- patches in the way files were transmitted between the client
and the server (which could end up in a deadlock)
. changes by Alexis de Bernis <alexisb at tpfh.org) :
- fixed ftp_write_dirs.nes
1.1.3 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'torturecgis.nasl' which supplies bogus args to
the remote CGIs, in order to find the most blantantly broken
ones
- webmirror.nasl now retrieves the list of arguments of each
CGI.
- added filter support in the client. Use the key 'l' to filter
out plugins you don't want to see.
- added the 'safe checks' option which allow the user to not disturb
the network (but which weakens the Nessus tests)
- disabled backward support for port 3001 - the official port
is 1241 now.
1.1.2 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'webmirror.nasl', which extracts the list of
CGIs used by a remote web server (and will do much more).
- fixed a problem in NASL due to the SSL patch that would cause
a fd leak with some plugins.
- added a new plugin category (ACT_DESTRUCTIVE_ATTACK) for plugins
that may harm the remote host.
- SSL certificates & key can be imported
- corrected a bug introduced in 1.1.0 that would make the client not display
the name of the plugin currently being run.
- sending signal SIGUSR1 to nessusd makes the grandfather process (the one
who listens on tcp ports) die without killing its children, thus
allowing a smooth upgrade of nessusd
- updated config.guess and config.sub
1.1.1 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed mem leaks in NASL
- fixed a bug introduced in 1.1.0 regarding recv_line()
- fixed a bug introduced in 1.1.0 in the process management of the plugins
(all the KB would not be filled, resulting in incomplete tests)
- smb_sid2user.nasl is twice as fast ;)
1.1.0 :
. changes by Devin Kowatch (devink at SDSC.EDU) :
- fixed communication problem between client and server
- user-defined timing policy in nmap
- nessus-update-plugins uses wget (or any user-supplied command at
compilation time) if available.
. changes by Michel Arboi (arboi at bigfoot.com) :
- support for the -T option of nmap
- SSL support
. changes by Zorgon (zorgon at antionline.org) :
- support for the --os_guess option of nmap
. changes by Renaud Deraison (deraison at nessus.org) :
- the user can upload files to plugins through the client (ie: it is possible
to upload nmap's results directly to the nmap plugin)
- tests can be run in parallel now
- each user is now granted a home by nessus-adduser
- added nessus-rmuser
- per users plugins
Of course several new plugins were added as well.
2002-05-10 15:18:44 +02:00
|
|
|
lib/nessus/plugins/openssh_channel.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/openssh_uselogin.nasl
|
2001-12-30 19:38:53 +01:00
|
|
|
lib/nessus/plugins/openssh_uselogin_environment.nasl
|
Update libnasl, nessus{-core,-libraries,-plugins} to 1.2.0.
1.1.15/1.2.0 :
. changes by Nicolas Dubee (ndubee@secway.com) :
- Better support for AF_UNIX sockets
. changes by Brian (bmc@snort.org) :
- CVE references
- several bugfixes in the plugins
. changes by Peter Gründl (pgrundl@kpmg.dk) and
Carsten Joergensen (carstenjoergensen@kpmg.dk) :
- Extensive review of the plugins and therefore numerous fixes
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- FD leak in save_kb.c fixed
. changes by Renaud Deraison (deraison at nessus.org)
- It is now possible to upload files to the server when using
the command line client
- lrand48() portability problems worked around
- fixed a bug in the report window that would make it crash
randomly
1.1.14 :
. changes by Renaud Deraison (deraison at nessus.org)
- SMB fixes (thanks to Michael Scheidell)
- When the safe checks option is enabled, dangerous tests with no
alternate code (ie: plugins of type ACT_DESTRUCTIVE_ATTACK and
ACT_DENIAL) are disabled
- Hosts can be designated by their MAC address of instead of their
IP address (mostly useful for DHCP networks)
- Fixed a bug in the report generation which would replace newlines (\n)
by semi-columns (;)
- Fixed a bug in the export of some types of reports, where open ports
with no data associated would not be saved
- Integrated THC's Hydra as a Nessus plugin
- Added new NT security checks (related to user management)
- Plugins of type ACT_SETTINGS can not be disabled
- Fixed a bug which would make nessusd hang when a scanner was reporting
too many open ports (as when a UDP scan reports all UDP ports as
being open)
. changes by Dion Stempfley (dion at riptech.com)
- The client can now filter on category
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- Fixed some plugins causing error messages in some circumstances
(dns_xfer.nasl, snmp_processes.nasl...)
- Stylish changes to prevent gcc -Wall from whining in some files
- XML NG output is now XML compliant
- Bug fixes
. changes by Jenni Scott (jenni.scott@guardent.com) and
Michael Slifcak (michael.slifcak@guardent.com) :
- Improved the reporting of the plugins (better consistency, better
wording)
1.1.13 :
. changes by Michel Arboi (arboi at algoriel.fr)
- New family ACT_SETTINGS dedicated to plugins which just let the user
enter some preferences
- Optional NIDS evasion techniques (url encoding, tcp slicing)
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug in the command line client which would make it ignore
some preferences
- SMB checks can now log into a Windows domain
- NIDS evasion techniques (data injection, short ttl)
- Fixed a bug which would randomly stall the scan
1.1.12 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workarounds on FreeBSD to prevent a kernel panic
(thanks to Michael Scheidell and Stefan Esser)
- nessus can export reports as other file formats again
1.1.11 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug regarding the saving of reports from the GUI
- Improved the backend in many ways (speed-wise, content-wise)
- Changes in the protocol
- More messages are sent between the server and the client (timestamps,
plugins version, ...)
- New .nbe file format, which looks like .nsr but has more information
in it
- Plugins now have versions numbers.
- The user can upload his plugins to the nessusd server from the client
- It is now possible to upload files to the server (ie: nmap's results) in
command-line mode
- Fixed false positives in SNMP plugins when launched against a non-configured
Solaris snmpd
. changes by Guillaume Valadon (guillaume at valadon.net)
- New XML output (the XML layout was defined by Lionel Cons [lionel.cons at cern.ch])
1.1.10 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug introduced in 1.1.9 which would sometimes prevent a user from
aborting an on-going test
- Fixed a bug in the client which would prevent the user from setting a port
range longer than 255 chars
- Fixed bugs in pcap_next() (thanks to Richard van den Berg). Also, pcap_next() is now more flexible.
- Fixed a bug in the command line client which would make it close the
communication too early when the client - server communication is not
ciphered
- Added an "auto-load dependencies at runtime" option
1.1.9 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fix in the GUI, when closing a saved report
- Fixed a bug in ftp_log_in() which would prevent nasl script from
logging into some FTP servers
- Solaris build problems fixed
- Darwin 1.4.1 build problems fixed
- MkLinux DR3 build problems fixed (is anyone using it anymore ?)
- GTK 1.0.x build problems fixed (the use of GTK 1.2 is recommended though)
- Fixed the "wrong call to getopt" problem which would make Nessus
segfault when built with cygwin, and which would prevent options
from working under Solaris & FreeBSD (thanks to Udo Schweigert)
- SMB checks speedup (thanks to Georges Dagousset's suggestion)
- Fixed a bug in the client - server communication that would make the
server close the communication when the client is idle
- Better support for AF_UNIX socket for client-server communication
(compile nessus-core with ./configure --enable-unix-socket)
- Plugins are disabled by default in batch mode
. changes by Michel Arboi (arboi at algoriel.fr)
- Client now properly checks the certificate of the server
. changes by Benoit Brodard (bbrodard at arkoon.net)
- fixed bugs in nasl/tcp.c (checksum, handling of unsigned int)
1.1.8 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workaround for systems with a low number of bpfs (OpenBSD, Darwin)
- Added some length checks for SMB checks
- No more zombies
- Fixed accounts.nes
- Fixed the reporting of the client (reports would be mixed)
- Client removes tempfiles when exiting
- Repaired ptyexecvp() which would not work on Solaris
- Slight bugfix in the NASL interpretor
. changes by Georges Dagousset (georges at alert4web.com)
- More optimizations
- Properly reloads KBs with the same value defined more than once
- Fixes in some plugins dependencies
. changes by Michael Slifcak <Michael.Slifcak at guardent.com>
- More nmap options
- Quiet mode in nessus-adduser
1.1.7 :
. changes by Renaud Deraison (deraison at nessus.org)
- Compiles on platforms without OpenSSL
- Better Solaris support
- Ported under Darwin (many thanks to Dieter Fiebelkorn
(dieter at fiebelkorn.net) who actually started the port and helped
me test this)
- Unscanned ports can now be considered as closed or open (instead of
just open), at user choice
- Upgraded to libtool 1.4.2
- fixed a bug in the client which would make it display the wrong report
when doing multiple scans
- enhanced the plugins filter (that appear when pressing 'l' in the GUI)
- fixed a serious problem in the SMB plugins which would prevent them to work
against Samba and which would make them slow against Windows (pointed out
by Georges Dagousset)
. changes by Iouri Pletnev (Iouri.Pletnec at xacta.com)
- Ported under Cygwin
. changes by Michel Arboi (arboi at algoriel.fr)
- Added nessus-mkrand for hosts with no /dev/random AND no EGD
running
1.1.6 :
. changes by Renaud Deraison (deraison at nessus.org)
- EGD support for OpenSSL (do ./configure --enable-egd=/path/to/egd/socket
in nessus-libraries)
- KB items are now stored with individual dates instead of a global
date for the whole KB file. Yes, this means you have to delete your
old KB files
- When an host could not be pinged, his KB is not altered (nor created)
- fixed memory leaks in nessusd
- nessus-mkcert checks that the certificates were really created
before congratulating the user
- fixed a security problem where anybody with a shell on the nessusd
host could log in
1.1.5 :
. changes by Georges Dagousset (georges.dagousset at alert4web.com) :
- new KB entries for further "optimizations"
- improved find_services.nes
. changes by Renaud Deraison (deraison at nessus.org) :
- cleaned up the KB
- added doc/kb_entries.txt
- bugfix in find_services regarding the pem password
- new reporting GUI
- fixed a problem which would leave some plugin run against a host
considered as dead
- the KB are now stored with properly escaped \n and \r chars
- greatly improved tcp_ping.nasl (and tcp_ping() in libnasl)
. changes by Michel Arboi (arboi at algoriel.fr) :
- replaced PEKS by OpenSSL in the client/server communication
. changes by H D Moore (hdm@secureaustin.com)
- fixed no404.nasl
1.1.4 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed find_services.nes
- plugins that are slow to finish are _really_ killed by the server
- the client better handles the scan of big networks
- nmap_wrapper now updates its progress bar
- nessus-update-plugins support proxies (with or without authentication)
- monitor_backend.c and data_mining.c allow any developer to plug
a database behind the client (by default flatfiles are used)
- bug fixed in nmap_wrapper which would make it kill its parent
process randomly
- minor fix in the tcp_ping() function of NASL (ack would be set
to non-zero for a syn packet)
- fixed Alexis's ftp_write_dirs.nes & ftp_bounce_scan.nes
. changes by Michel Arboi (arboi at noos.fr) :
- find_services accepts password-protected .pem files
- patches in the way files were transmitted between the client
and the server (which could end up in a deadlock)
. changes by Alexis de Bernis <alexisb at tpfh.org) :
- fixed ftp_write_dirs.nes
1.1.3 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'torturecgis.nasl' which supplies bogus args to
the remote CGIs, in order to find the most blantantly broken
ones
- webmirror.nasl now retrieves the list of arguments of each
CGI.
- added filter support in the client. Use the key 'l' to filter
out plugins you don't want to see.
- added the 'safe checks' option which allow the user to not disturb
the network (but which weakens the Nessus tests)
- disabled backward support for port 3001 - the official port
is 1241 now.
1.1.2 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'webmirror.nasl', which extracts the list of
CGIs used by a remote web server (and will do much more).
- fixed a problem in NASL due to the SSL patch that would cause
a fd leak with some plugins.
- added a new plugin category (ACT_DESTRUCTIVE_ATTACK) for plugins
that may harm the remote host.
- SSL certificates & key can be imported
- corrected a bug introduced in 1.1.0 that would make the client not display
the name of the plugin currently being run.
- sending signal SIGUSR1 to nessusd makes the grandfather process (the one
who listens on tcp ports) die without killing its children, thus
allowing a smooth upgrade of nessusd
- updated config.guess and config.sub
1.1.1 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed mem leaks in NASL
- fixed a bug introduced in 1.1.0 regarding recv_line()
- fixed a bug introduced in 1.1.0 in the process management of the plugins
(all the KB would not be filled, resulting in incomplete tests)
- smb_sid2user.nasl is twice as fast ;)
1.1.0 :
. changes by Devin Kowatch (devink at SDSC.EDU) :
- fixed communication problem between client and server
- user-defined timing policy in nmap
- nessus-update-plugins uses wget (or any user-supplied command at
compilation time) if available.
. changes by Michel Arboi (arboi at bigfoot.com) :
- support for the -T option of nmap
- SSL support
. changes by Zorgon (zorgon at antionline.org) :
- support for the --os_guess option of nmap
. changes by Renaud Deraison (deraison at nessus.org) :
- the user can upload files to plugins through the client (ie: it is possible
to upload nmap's results directly to the nmap plugin)
- tests can be run in parallel now
- each user is now granted a home by nessus-adduser
- added nessus-rmuser
- per users plugins
Of course several new plugins were added as well.
2002-05-10 15:18:44 +02:00
|
|
|
lib/nessus/plugins/oracle9i_XSQLServlet_XSQLConfig.nasl
|
|
|
|
lib/nessus/plugins/oracle9i_apache_dms.nasl
|
|
|
|
lib/nessus/plugins/oracle9i_dad_admin.nasl
|
|
|
|
lib/nessus/plugins/oracle9i_globals_dot_jsa.nasl
|
|
|
|
lib/nessus/plugins/oracle9i_java_process_manager.nasl
|
|
|
|
lib/nessus/plugins/oracle9i_jsp_source.nasl
|
|
|
|
lib/nessus/plugins/oracle9i_mod_plsql_overflow.nasl
|
|
|
|
lib/nessus/plugins/oracle9i_mod_plsql_traversal.nasl
|
|
|
|
lib/nessus/plugins/oracle9i_modplsql_css.nasl
|
2001-12-30 19:38:53 +01:00
|
|
|
lib/nessus/plugins/oracle_dos.nasl
|
|
|
|
lib/nessus/plugins/oracle_one_hour_install.nasl
|
2001-06-17 15:25:54 +02:00
|
|
|
lib/nessus/plugins/oracle_tnslsnr_security.nasl
|
|
|
|
lib/nessus/plugins/oracle_tnslsnr_version.nasl
|
2001-12-30 19:38:53 +01:00
|
|
|
lib/nessus/plugins/oracle_web_admin_server.nasl
|
2001-03-10 19:53:39 +01:00
|
|
|
lib/nessus/plugins/oracle_xsql.nasl
|
2001-06-17 15:25:54 +02:00
|
|
|
lib/nessus/plugins/oracle_xsql_query.nasl
|
|
|
|
lib/nessus/plugins/orange_dos.nasl
|
2001-12-30 19:38:53 +01:00
|
|
|
lib/nessus/plugins/osX_apache_finder.nasl
|
|
|
|
lib/nessus/plugins/osX_apache_finder_content.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/oshare.nasl
|
2001-12-30 19:38:53 +01:00
|
|
|
lib/nessus/plugins/owa-anonymous.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/ows_bin_cgi.nasl
|
|
|
|
lib/nessus/plugins/ows_overflow.nasl
|
2001-01-28 19:52:32 +01:00
|
|
|
lib/nessus/plugins/pagelog_cgi.nasl
|
2001-06-17 15:25:54 +02:00
|
|
|
lib/nessus/plugins/pals_cgi.nasl
|
2000-10-15 19:19:49 +02:00
|
|
|
lib/nessus/plugins/pam_smb.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/passwordless_cayman_router.nasl
|
|
|
|
lib/nessus/plugins/passwordless_hp_printer.nasl
|
2001-12-30 19:38:53 +01:00
|
|
|
lib/nessus/plugins/pccsmysqladm.nasl
|
|
|
|
lib/nessus/plugins/perlIS_dll_bufferoverflow.nasl
|
2000-10-15 19:19:49 +02:00
|
|
|
lib/nessus/plugins/perl_browseable.nasl
|
2001-06-17 15:25:54 +02:00
|
|
|
lib/nessus/plugins/perl_cal.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/perl_cgi.nasl
|
|
|
|
lib/nessus/plugins/pfdipaly.nasl
|
2000-10-15 19:19:49 +02:00
|
|
|
lib/nessus/plugins/pftp.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/pgpnet_detect.nasl
|
|
|
|
lib/nessus/plugins/phf.nasl
|
2001-01-28 19:52:32 +01:00
|
|
|
lib/nessus/plugins/phonebook.nasl
|
|
|
|
lib/nessus/plugins/phorum.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/php.nasl
|
2001-06-17 15:25:54 +02:00
|
|
|
lib/nessus/plugins/php3_path_disclosure.nasl
|
2001-12-30 19:38:53 +01:00
|
|
|
lib/nessus/plugins/phpMyExplorer.nasl
|
Update libnasl, nessus{-core,-libraries,-plugins} to 1.2.0.
1.1.15/1.2.0 :
. changes by Nicolas Dubee (ndubee@secway.com) :
- Better support for AF_UNIX sockets
. changes by Brian (bmc@snort.org) :
- CVE references
- several bugfixes in the plugins
. changes by Peter Gründl (pgrundl@kpmg.dk) and
Carsten Joergensen (carstenjoergensen@kpmg.dk) :
- Extensive review of the plugins and therefore numerous fixes
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- FD leak in save_kb.c fixed
. changes by Renaud Deraison (deraison at nessus.org)
- It is now possible to upload files to the server when using
the command line client
- lrand48() portability problems worked around
- fixed a bug in the report window that would make it crash
randomly
1.1.14 :
. changes by Renaud Deraison (deraison at nessus.org)
- SMB fixes (thanks to Michael Scheidell)
- When the safe checks option is enabled, dangerous tests with no
alternate code (ie: plugins of type ACT_DESTRUCTIVE_ATTACK and
ACT_DENIAL) are disabled
- Hosts can be designated by their MAC address of instead of their
IP address (mostly useful for DHCP networks)
- Fixed a bug in the report generation which would replace newlines (\n)
by semi-columns (;)
- Fixed a bug in the export of some types of reports, where open ports
with no data associated would not be saved
- Integrated THC's Hydra as a Nessus plugin
- Added new NT security checks (related to user management)
- Plugins of type ACT_SETTINGS can not be disabled
- Fixed a bug which would make nessusd hang when a scanner was reporting
too many open ports (as when a UDP scan reports all UDP ports as
being open)
. changes by Dion Stempfley (dion at riptech.com)
- The client can now filter on category
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- Fixed some plugins causing error messages in some circumstances
(dns_xfer.nasl, snmp_processes.nasl...)
- Stylish changes to prevent gcc -Wall from whining in some files
- XML NG output is now XML compliant
- Bug fixes
. changes by Jenni Scott (jenni.scott@guardent.com) and
Michael Slifcak (michael.slifcak@guardent.com) :
- Improved the reporting of the plugins (better consistency, better
wording)
1.1.13 :
. changes by Michel Arboi (arboi at algoriel.fr)
- New family ACT_SETTINGS dedicated to plugins which just let the user
enter some preferences
- Optional NIDS evasion techniques (url encoding, tcp slicing)
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug in the command line client which would make it ignore
some preferences
- SMB checks can now log into a Windows domain
- NIDS evasion techniques (data injection, short ttl)
- Fixed a bug which would randomly stall the scan
1.1.12 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workarounds on FreeBSD to prevent a kernel panic
(thanks to Michael Scheidell and Stefan Esser)
- nessus can export reports as other file formats again
1.1.11 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug regarding the saving of reports from the GUI
- Improved the backend in many ways (speed-wise, content-wise)
- Changes in the protocol
- More messages are sent between the server and the client (timestamps,
plugins version, ...)
- New .nbe file format, which looks like .nsr but has more information
in it
- Plugins now have versions numbers.
- The user can upload his plugins to the nessusd server from the client
- It is now possible to upload files to the server (ie: nmap's results) in
command-line mode
- Fixed false positives in SNMP plugins when launched against a non-configured
Solaris snmpd
. changes by Guillaume Valadon (guillaume at valadon.net)
- New XML output (the XML layout was defined by Lionel Cons [lionel.cons at cern.ch])
1.1.10 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug introduced in 1.1.9 which would sometimes prevent a user from
aborting an on-going test
- Fixed a bug in the client which would prevent the user from setting a port
range longer than 255 chars
- Fixed bugs in pcap_next() (thanks to Richard van den Berg). Also, pcap_next() is now more flexible.
- Fixed a bug in the command line client which would make it close the
communication too early when the client - server communication is not
ciphered
- Added an "auto-load dependencies at runtime" option
1.1.9 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fix in the GUI, when closing a saved report
- Fixed a bug in ftp_log_in() which would prevent nasl script from
logging into some FTP servers
- Solaris build problems fixed
- Darwin 1.4.1 build problems fixed
- MkLinux DR3 build problems fixed (is anyone using it anymore ?)
- GTK 1.0.x build problems fixed (the use of GTK 1.2 is recommended though)
- Fixed the "wrong call to getopt" problem which would make Nessus
segfault when built with cygwin, and which would prevent options
from working under Solaris & FreeBSD (thanks to Udo Schweigert)
- SMB checks speedup (thanks to Georges Dagousset's suggestion)
- Fixed a bug in the client - server communication that would make the
server close the communication when the client is idle
- Better support for AF_UNIX socket for client-server communication
(compile nessus-core with ./configure --enable-unix-socket)
- Plugins are disabled by default in batch mode
. changes by Michel Arboi (arboi at algoriel.fr)
- Client now properly checks the certificate of the server
. changes by Benoit Brodard (bbrodard at arkoon.net)
- fixed bugs in nasl/tcp.c (checksum, handling of unsigned int)
1.1.8 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workaround for systems with a low number of bpfs (OpenBSD, Darwin)
- Added some length checks for SMB checks
- No more zombies
- Fixed accounts.nes
- Fixed the reporting of the client (reports would be mixed)
- Client removes tempfiles when exiting
- Repaired ptyexecvp() which would not work on Solaris
- Slight bugfix in the NASL interpretor
. changes by Georges Dagousset (georges at alert4web.com)
- More optimizations
- Properly reloads KBs with the same value defined more than once
- Fixes in some plugins dependencies
. changes by Michael Slifcak <Michael.Slifcak at guardent.com>
- More nmap options
- Quiet mode in nessus-adduser
1.1.7 :
. changes by Renaud Deraison (deraison at nessus.org)
- Compiles on platforms without OpenSSL
- Better Solaris support
- Ported under Darwin (many thanks to Dieter Fiebelkorn
(dieter at fiebelkorn.net) who actually started the port and helped
me test this)
- Unscanned ports can now be considered as closed or open (instead of
just open), at user choice
- Upgraded to libtool 1.4.2
- fixed a bug in the client which would make it display the wrong report
when doing multiple scans
- enhanced the plugins filter (that appear when pressing 'l' in the GUI)
- fixed a serious problem in the SMB plugins which would prevent them to work
against Samba and which would make them slow against Windows (pointed out
by Georges Dagousset)
. changes by Iouri Pletnev (Iouri.Pletnec at xacta.com)
- Ported under Cygwin
. changes by Michel Arboi (arboi at algoriel.fr)
- Added nessus-mkrand for hosts with no /dev/random AND no EGD
running
1.1.6 :
. changes by Renaud Deraison (deraison at nessus.org)
- EGD support for OpenSSL (do ./configure --enable-egd=/path/to/egd/socket
in nessus-libraries)
- KB items are now stored with individual dates instead of a global
date for the whole KB file. Yes, this means you have to delete your
old KB files
- When an host could not be pinged, his KB is not altered (nor created)
- fixed memory leaks in nessusd
- nessus-mkcert checks that the certificates were really created
before congratulating the user
- fixed a security problem where anybody with a shell on the nessusd
host could log in
1.1.5 :
. changes by Georges Dagousset (georges.dagousset at alert4web.com) :
- new KB entries for further "optimizations"
- improved find_services.nes
. changes by Renaud Deraison (deraison at nessus.org) :
- cleaned up the KB
- added doc/kb_entries.txt
- bugfix in find_services regarding the pem password
- new reporting GUI
- fixed a problem which would leave some plugin run against a host
considered as dead
- the KB are now stored with properly escaped \n and \r chars
- greatly improved tcp_ping.nasl (and tcp_ping() in libnasl)
. changes by Michel Arboi (arboi at algoriel.fr) :
- replaced PEKS by OpenSSL in the client/server communication
. changes by H D Moore (hdm@secureaustin.com)
- fixed no404.nasl
1.1.4 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed find_services.nes
- plugins that are slow to finish are _really_ killed by the server
- the client better handles the scan of big networks
- nmap_wrapper now updates its progress bar
- nessus-update-plugins support proxies (with or without authentication)
- monitor_backend.c and data_mining.c allow any developer to plug
a database behind the client (by default flatfiles are used)
- bug fixed in nmap_wrapper which would make it kill its parent
process randomly
- minor fix in the tcp_ping() function of NASL (ack would be set
to non-zero for a syn packet)
- fixed Alexis's ftp_write_dirs.nes & ftp_bounce_scan.nes
. changes by Michel Arboi (arboi at noos.fr) :
- find_services accepts password-protected .pem files
- patches in the way files were transmitted between the client
and the server (which could end up in a deadlock)
. changes by Alexis de Bernis <alexisb at tpfh.org) :
- fixed ftp_write_dirs.nes
1.1.3 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'torturecgis.nasl' which supplies bogus args to
the remote CGIs, in order to find the most blantantly broken
ones
- webmirror.nasl now retrieves the list of arguments of each
CGI.
- added filter support in the client. Use the key 'l' to filter
out plugins you don't want to see.
- added the 'safe checks' option which allow the user to not disturb
the network (but which weakens the Nessus tests)
- disabled backward support for port 3001 - the official port
is 1241 now.
1.1.2 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'webmirror.nasl', which extracts the list of
CGIs used by a remote web server (and will do much more).
- fixed a problem in NASL due to the SSL patch that would cause
a fd leak with some plugins.
- added a new plugin category (ACT_DESTRUCTIVE_ATTACK) for plugins
that may harm the remote host.
- SSL certificates & key can be imported
- corrected a bug introduced in 1.1.0 that would make the client not display
the name of the plugin currently being run.
- sending signal SIGUSR1 to nessusd makes the grandfather process (the one
who listens on tcp ports) die without killing its children, thus
allowing a smooth upgrade of nessusd
- updated config.guess and config.sub
1.1.1 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed mem leaks in NASL
- fixed a bug introduced in 1.1.0 regarding recv_line()
- fixed a bug introduced in 1.1.0 in the process management of the plugins
(all the KB would not be filled, resulting in incomplete tests)
- smb_sid2user.nasl is twice as fast ;)
1.1.0 :
. changes by Devin Kowatch (devink at SDSC.EDU) :
- fixed communication problem between client and server
- user-defined timing policy in nmap
- nessus-update-plugins uses wget (or any user-supplied command at
compilation time) if available.
. changes by Michel Arboi (arboi at bigfoot.com) :
- support for the -T option of nmap
- SSL support
. changes by Zorgon (zorgon at antionline.org) :
- support for the --os_guess option of nmap
. changes by Renaud Deraison (deraison at nessus.org) :
- the user can upload files to plugins through the client (ie: it is possible
to upload nmap's results directly to the nmap plugin)
- tests can be run in parallel now
- each user is now granted a home by nessus-adduser
- added nessus-rmuser
- per users plugins
Of course several new plugins were added as well.
2002-05-10 15:18:44 +02:00
|
|
|
lib/nessus/plugins/php_apache_win32_default.nasl
|
2000-10-15 19:19:49 +02:00
|
|
|
lib/nessus/plugins/php_file_upload.nasl
|
2001-06-17 15:25:54 +02:00
|
|
|
lib/nessus/plugins/php_imap_overflow.nasl
|
2000-11-12 05:32:02 +01:00
|
|
|
lib/nessus/plugins/php_log.nasl
|
2001-12-30 19:38:53 +01:00
|
|
|
lib/nessus/plugins/php_nuke_admin_cp.nasl
|
2001-06-17 15:25:54 +02:00
|
|
|
lib/nessus/plugins/php_nuke_bb_smilies_passwd.nasl
|
2001-12-30 19:38:53 +01:00
|
|
|
lib/nessus/plugins/php_nuke_galleryaddon.nasl
|
2001-06-17 15:25:54 +02:00
|
|
|
lib/nessus/plugins/php_nuke_opendir.nasl
|
Update libnasl, nessus{-core,-libraries,-plugins} to 1.2.0.
1.1.15/1.2.0 :
. changes by Nicolas Dubee (ndubee@secway.com) :
- Better support for AF_UNIX sockets
. changes by Brian (bmc@snort.org) :
- CVE references
- several bugfixes in the plugins
. changes by Peter Gründl (pgrundl@kpmg.dk) and
Carsten Joergensen (carstenjoergensen@kpmg.dk) :
- Extensive review of the plugins and therefore numerous fixes
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- FD leak in save_kb.c fixed
. changes by Renaud Deraison (deraison at nessus.org)
- It is now possible to upload files to the server when using
the command line client
- lrand48() portability problems worked around
- fixed a bug in the report window that would make it crash
randomly
1.1.14 :
. changes by Renaud Deraison (deraison at nessus.org)
- SMB fixes (thanks to Michael Scheidell)
- When the safe checks option is enabled, dangerous tests with no
alternate code (ie: plugins of type ACT_DESTRUCTIVE_ATTACK and
ACT_DENIAL) are disabled
- Hosts can be designated by their MAC address of instead of their
IP address (mostly useful for DHCP networks)
- Fixed a bug in the report generation which would replace newlines (\n)
by semi-columns (;)
- Fixed a bug in the export of some types of reports, where open ports
with no data associated would not be saved
- Integrated THC's Hydra as a Nessus plugin
- Added new NT security checks (related to user management)
- Plugins of type ACT_SETTINGS can not be disabled
- Fixed a bug which would make nessusd hang when a scanner was reporting
too many open ports (as when a UDP scan reports all UDP ports as
being open)
. changes by Dion Stempfley (dion at riptech.com)
- The client can now filter on category
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- Fixed some plugins causing error messages in some circumstances
(dns_xfer.nasl, snmp_processes.nasl...)
- Stylish changes to prevent gcc -Wall from whining in some files
- XML NG output is now XML compliant
- Bug fixes
. changes by Jenni Scott (jenni.scott@guardent.com) and
Michael Slifcak (michael.slifcak@guardent.com) :
- Improved the reporting of the plugins (better consistency, better
wording)
1.1.13 :
. changes by Michel Arboi (arboi at algoriel.fr)
- New family ACT_SETTINGS dedicated to plugins which just let the user
enter some preferences
- Optional NIDS evasion techniques (url encoding, tcp slicing)
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug in the command line client which would make it ignore
some preferences
- SMB checks can now log into a Windows domain
- NIDS evasion techniques (data injection, short ttl)
- Fixed a bug which would randomly stall the scan
1.1.12 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workarounds on FreeBSD to prevent a kernel panic
(thanks to Michael Scheidell and Stefan Esser)
- nessus can export reports as other file formats again
1.1.11 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug regarding the saving of reports from the GUI
- Improved the backend in many ways (speed-wise, content-wise)
- Changes in the protocol
- More messages are sent between the server and the client (timestamps,
plugins version, ...)
- New .nbe file format, which looks like .nsr but has more information
in it
- Plugins now have versions numbers.
- The user can upload his plugins to the nessusd server from the client
- It is now possible to upload files to the server (ie: nmap's results) in
command-line mode
- Fixed false positives in SNMP plugins when launched against a non-configured
Solaris snmpd
. changes by Guillaume Valadon (guillaume at valadon.net)
- New XML output (the XML layout was defined by Lionel Cons [lionel.cons at cern.ch])
1.1.10 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug introduced in 1.1.9 which would sometimes prevent a user from
aborting an on-going test
- Fixed a bug in the client which would prevent the user from setting a port
range longer than 255 chars
- Fixed bugs in pcap_next() (thanks to Richard van den Berg). Also, pcap_next() is now more flexible.
- Fixed a bug in the command line client which would make it close the
communication too early when the client - server communication is not
ciphered
- Added an "auto-load dependencies at runtime" option
1.1.9 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fix in the GUI, when closing a saved report
- Fixed a bug in ftp_log_in() which would prevent nasl script from
logging into some FTP servers
- Solaris build problems fixed
- Darwin 1.4.1 build problems fixed
- MkLinux DR3 build problems fixed (is anyone using it anymore ?)
- GTK 1.0.x build problems fixed (the use of GTK 1.2 is recommended though)
- Fixed the "wrong call to getopt" problem which would make Nessus
segfault when built with cygwin, and which would prevent options
from working under Solaris & FreeBSD (thanks to Udo Schweigert)
- SMB checks speedup (thanks to Georges Dagousset's suggestion)
- Fixed a bug in the client - server communication that would make the
server close the communication when the client is idle
- Better support for AF_UNIX socket for client-server communication
(compile nessus-core with ./configure --enable-unix-socket)
- Plugins are disabled by default in batch mode
. changes by Michel Arboi (arboi at algoriel.fr)
- Client now properly checks the certificate of the server
. changes by Benoit Brodard (bbrodard at arkoon.net)
- fixed bugs in nasl/tcp.c (checksum, handling of unsigned int)
1.1.8 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workaround for systems with a low number of bpfs (OpenBSD, Darwin)
- Added some length checks for SMB checks
- No more zombies
- Fixed accounts.nes
- Fixed the reporting of the client (reports would be mixed)
- Client removes tempfiles when exiting
- Repaired ptyexecvp() which would not work on Solaris
- Slight bugfix in the NASL interpretor
. changes by Georges Dagousset (georges at alert4web.com)
- More optimizations
- Properly reloads KBs with the same value defined more than once
- Fixes in some plugins dependencies
. changes by Michael Slifcak <Michael.Slifcak at guardent.com>
- More nmap options
- Quiet mode in nessus-adduser
1.1.7 :
. changes by Renaud Deraison (deraison at nessus.org)
- Compiles on platforms without OpenSSL
- Better Solaris support
- Ported under Darwin (many thanks to Dieter Fiebelkorn
(dieter at fiebelkorn.net) who actually started the port and helped
me test this)
- Unscanned ports can now be considered as closed or open (instead of
just open), at user choice
- Upgraded to libtool 1.4.2
- fixed a bug in the client which would make it display the wrong report
when doing multiple scans
- enhanced the plugins filter (that appear when pressing 'l' in the GUI)
- fixed a serious problem in the SMB plugins which would prevent them to work
against Samba and which would make them slow against Windows (pointed out
by Georges Dagousset)
. changes by Iouri Pletnev (Iouri.Pletnec at xacta.com)
- Ported under Cygwin
. changes by Michel Arboi (arboi at algoriel.fr)
- Added nessus-mkrand for hosts with no /dev/random AND no EGD
running
1.1.6 :
. changes by Renaud Deraison (deraison at nessus.org)
- EGD support for OpenSSL (do ./configure --enable-egd=/path/to/egd/socket
in nessus-libraries)
- KB items are now stored with individual dates instead of a global
date for the whole KB file. Yes, this means you have to delete your
old KB files
- When an host could not be pinged, his KB is not altered (nor created)
- fixed memory leaks in nessusd
- nessus-mkcert checks that the certificates were really created
before congratulating the user
- fixed a security problem where anybody with a shell on the nessusd
host could log in
1.1.5 :
. changes by Georges Dagousset (georges.dagousset at alert4web.com) :
- new KB entries for further "optimizations"
- improved find_services.nes
. changes by Renaud Deraison (deraison at nessus.org) :
- cleaned up the KB
- added doc/kb_entries.txt
- bugfix in find_services regarding the pem password
- new reporting GUI
- fixed a problem which would leave some plugin run against a host
considered as dead
- the KB are now stored with properly escaped \n and \r chars
- greatly improved tcp_ping.nasl (and tcp_ping() in libnasl)
. changes by Michel Arboi (arboi at algoriel.fr) :
- replaced PEKS by OpenSSL in the client/server communication
. changes by H D Moore (hdm@secureaustin.com)
- fixed no404.nasl
1.1.4 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed find_services.nes
- plugins that are slow to finish are _really_ killed by the server
- the client better handles the scan of big networks
- nmap_wrapper now updates its progress bar
- nessus-update-plugins support proxies (with or without authentication)
- monitor_backend.c and data_mining.c allow any developer to plug
a database behind the client (by default flatfiles are used)
- bug fixed in nmap_wrapper which would make it kill its parent
process randomly
- minor fix in the tcp_ping() function of NASL (ack would be set
to non-zero for a syn packet)
- fixed Alexis's ftp_write_dirs.nes & ftp_bounce_scan.nes
. changes by Michel Arboi (arboi at noos.fr) :
- find_services accepts password-protected .pem files
- patches in the way files were transmitted between the client
and the server (which could end up in a deadlock)
. changes by Alexis de Bernis <alexisb at tpfh.org) :
- fixed ftp_write_dirs.nes
1.1.3 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'torturecgis.nasl' which supplies bogus args to
the remote CGIs, in order to find the most blantantly broken
ones
- webmirror.nasl now retrieves the list of arguments of each
CGI.
- added filter support in the client. Use the key 'l' to filter
out plugins you don't want to see.
- added the 'safe checks' option which allow the user to not disturb
the network (but which weakens the Nessus tests)
- disabled backward support for port 3001 - the official port
is 1241 now.
1.1.2 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'webmirror.nasl', which extracts the list of
CGIs used by a remote web server (and will do much more).
- fixed a problem in NASL due to the SSL patch that would cause
a fd leak with some plugins.
- added a new plugin category (ACT_DESTRUCTIVE_ATTACK) for plugins
that may harm the remote host.
- SSL certificates & key can be imported
- corrected a bug introduced in 1.1.0 that would make the client not display
the name of the plugin currently being run.
- sending signal SIGUSR1 to nessusd makes the grandfather process (the one
who listens on tcp ports) die without killing its children, thus
allowing a smooth upgrade of nessusd
- updated config.guess and config.sub
1.1.1 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed mem leaks in NASL
- fixed a bug introduced in 1.1.0 regarding recv_line()
- fixed a bug introduced in 1.1.0 in the process management of the plugins
(all the KB would not be filled, resulting in incomplete tests)
- smb_sid2user.nasl is twice as fast ;)
1.1.0 :
. changes by Devin Kowatch (devink at SDSC.EDU) :
- fixed communication problem between client and server
- user-defined timing policy in nmap
- nessus-update-plugins uses wget (or any user-supplied command at
compilation time) if available.
. changes by Michel Arboi (arboi at bigfoot.com) :
- support for the -T option of nmap
- SSL support
. changes by Zorgon (zorgon at antionline.org) :
- support for the --os_guess option of nmap
. changes by Renaud Deraison (deraison at nessus.org) :
- the user can upload files to plugins through the client (ie: it is possible
to upload nmap's results directly to the nmap plugin)
- tests can be run in parallel now
- each user is now granted a home by nessus-adduser
- added nessus-rmuser
- per users plugins
Of course several new plugins were added as well.
2002-05-10 15:18:44 +02:00
|
|
|
lib/nessus/plugins/php_nuke_sql_debug.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/php_overflow.nasl
|
2001-08-16 19:27:53 +02:00
|
|
|
lib/nessus/plugins/php_safe_mode.nasl
|
Update libnasl, nessus{-core,-libraries,-plugins} to 1.2.0.
1.1.15/1.2.0 :
. changes by Nicolas Dubee (ndubee@secway.com) :
- Better support for AF_UNIX sockets
. changes by Brian (bmc@snort.org) :
- CVE references
- several bugfixes in the plugins
. changes by Peter Gründl (pgrundl@kpmg.dk) and
Carsten Joergensen (carstenjoergensen@kpmg.dk) :
- Extensive review of the plugins and therefore numerous fixes
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- FD leak in save_kb.c fixed
. changes by Renaud Deraison (deraison at nessus.org)
- It is now possible to upload files to the server when using
the command line client
- lrand48() portability problems worked around
- fixed a bug in the report window that would make it crash
randomly
1.1.14 :
. changes by Renaud Deraison (deraison at nessus.org)
- SMB fixes (thanks to Michael Scheidell)
- When the safe checks option is enabled, dangerous tests with no
alternate code (ie: plugins of type ACT_DESTRUCTIVE_ATTACK and
ACT_DENIAL) are disabled
- Hosts can be designated by their MAC address of instead of their
IP address (mostly useful for DHCP networks)
- Fixed a bug in the report generation which would replace newlines (\n)
by semi-columns (;)
- Fixed a bug in the export of some types of reports, where open ports
with no data associated would not be saved
- Integrated THC's Hydra as a Nessus plugin
- Added new NT security checks (related to user management)
- Plugins of type ACT_SETTINGS can not be disabled
- Fixed a bug which would make nessusd hang when a scanner was reporting
too many open ports (as when a UDP scan reports all UDP ports as
being open)
. changes by Dion Stempfley (dion at riptech.com)
- The client can now filter on category
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- Fixed some plugins causing error messages in some circumstances
(dns_xfer.nasl, snmp_processes.nasl...)
- Stylish changes to prevent gcc -Wall from whining in some files
- XML NG output is now XML compliant
- Bug fixes
. changes by Jenni Scott (jenni.scott@guardent.com) and
Michael Slifcak (michael.slifcak@guardent.com) :
- Improved the reporting of the plugins (better consistency, better
wording)
1.1.13 :
. changes by Michel Arboi (arboi at algoriel.fr)
- New family ACT_SETTINGS dedicated to plugins which just let the user
enter some preferences
- Optional NIDS evasion techniques (url encoding, tcp slicing)
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug in the command line client which would make it ignore
some preferences
- SMB checks can now log into a Windows domain
- NIDS evasion techniques (data injection, short ttl)
- Fixed a bug which would randomly stall the scan
1.1.12 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workarounds on FreeBSD to prevent a kernel panic
(thanks to Michael Scheidell and Stefan Esser)
- nessus can export reports as other file formats again
1.1.11 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug regarding the saving of reports from the GUI
- Improved the backend in many ways (speed-wise, content-wise)
- Changes in the protocol
- More messages are sent between the server and the client (timestamps,
plugins version, ...)
- New .nbe file format, which looks like .nsr but has more information
in it
- Plugins now have versions numbers.
- The user can upload his plugins to the nessusd server from the client
- It is now possible to upload files to the server (ie: nmap's results) in
command-line mode
- Fixed false positives in SNMP plugins when launched against a non-configured
Solaris snmpd
. changes by Guillaume Valadon (guillaume at valadon.net)
- New XML output (the XML layout was defined by Lionel Cons [lionel.cons at cern.ch])
1.1.10 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug introduced in 1.1.9 which would sometimes prevent a user from
aborting an on-going test
- Fixed a bug in the client which would prevent the user from setting a port
range longer than 255 chars
- Fixed bugs in pcap_next() (thanks to Richard van den Berg). Also, pcap_next() is now more flexible.
- Fixed a bug in the command line client which would make it close the
communication too early when the client - server communication is not
ciphered
- Added an "auto-load dependencies at runtime" option
1.1.9 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fix in the GUI, when closing a saved report
- Fixed a bug in ftp_log_in() which would prevent nasl script from
logging into some FTP servers
- Solaris build problems fixed
- Darwin 1.4.1 build problems fixed
- MkLinux DR3 build problems fixed (is anyone using it anymore ?)
- GTK 1.0.x build problems fixed (the use of GTK 1.2 is recommended though)
- Fixed the "wrong call to getopt" problem which would make Nessus
segfault when built with cygwin, and which would prevent options
from working under Solaris & FreeBSD (thanks to Udo Schweigert)
- SMB checks speedup (thanks to Georges Dagousset's suggestion)
- Fixed a bug in the client - server communication that would make the
server close the communication when the client is idle
- Better support for AF_UNIX socket for client-server communication
(compile nessus-core with ./configure --enable-unix-socket)
- Plugins are disabled by default in batch mode
. changes by Michel Arboi (arboi at algoriel.fr)
- Client now properly checks the certificate of the server
. changes by Benoit Brodard (bbrodard at arkoon.net)
- fixed bugs in nasl/tcp.c (checksum, handling of unsigned int)
1.1.8 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workaround for systems with a low number of bpfs (OpenBSD, Darwin)
- Added some length checks for SMB checks
- No more zombies
- Fixed accounts.nes
- Fixed the reporting of the client (reports would be mixed)
- Client removes tempfiles when exiting
- Repaired ptyexecvp() which would not work on Solaris
- Slight bugfix in the NASL interpretor
. changes by Georges Dagousset (georges at alert4web.com)
- More optimizations
- Properly reloads KBs with the same value defined more than once
- Fixes in some plugins dependencies
. changes by Michael Slifcak <Michael.Slifcak at guardent.com>
- More nmap options
- Quiet mode in nessus-adduser
1.1.7 :
. changes by Renaud Deraison (deraison at nessus.org)
- Compiles on platforms without OpenSSL
- Better Solaris support
- Ported under Darwin (many thanks to Dieter Fiebelkorn
(dieter at fiebelkorn.net) who actually started the port and helped
me test this)
- Unscanned ports can now be considered as closed or open (instead of
just open), at user choice
- Upgraded to libtool 1.4.2
- fixed a bug in the client which would make it display the wrong report
when doing multiple scans
- enhanced the plugins filter (that appear when pressing 'l' in the GUI)
- fixed a serious problem in the SMB plugins which would prevent them to work
against Samba and which would make them slow against Windows (pointed out
by Georges Dagousset)
. changes by Iouri Pletnev (Iouri.Pletnec at xacta.com)
- Ported under Cygwin
. changes by Michel Arboi (arboi at algoriel.fr)
- Added nessus-mkrand for hosts with no /dev/random AND no EGD
running
1.1.6 :
. changes by Renaud Deraison (deraison at nessus.org)
- EGD support for OpenSSL (do ./configure --enable-egd=/path/to/egd/socket
in nessus-libraries)
- KB items are now stored with individual dates instead of a global
date for the whole KB file. Yes, this means you have to delete your
old KB files
- When an host could not be pinged, his KB is not altered (nor created)
- fixed memory leaks in nessusd
- nessus-mkcert checks that the certificates were really created
before congratulating the user
- fixed a security problem where anybody with a shell on the nessusd
host could log in
1.1.5 :
. changes by Georges Dagousset (georges.dagousset at alert4web.com) :
- new KB entries for further "optimizations"
- improved find_services.nes
. changes by Renaud Deraison (deraison at nessus.org) :
- cleaned up the KB
- added doc/kb_entries.txt
- bugfix in find_services regarding the pem password
- new reporting GUI
- fixed a problem which would leave some plugin run against a host
considered as dead
- the KB are now stored with properly escaped \n and \r chars
- greatly improved tcp_ping.nasl (and tcp_ping() in libnasl)
. changes by Michel Arboi (arboi at algoriel.fr) :
- replaced PEKS by OpenSSL in the client/server communication
. changes by H D Moore (hdm@secureaustin.com)
- fixed no404.nasl
1.1.4 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed find_services.nes
- plugins that are slow to finish are _really_ killed by the server
- the client better handles the scan of big networks
- nmap_wrapper now updates its progress bar
- nessus-update-plugins support proxies (with or without authentication)
- monitor_backend.c and data_mining.c allow any developer to plug
a database behind the client (by default flatfiles are used)
- bug fixed in nmap_wrapper which would make it kill its parent
process randomly
- minor fix in the tcp_ping() function of NASL (ack would be set
to non-zero for a syn packet)
- fixed Alexis's ftp_write_dirs.nes & ftp_bounce_scan.nes
. changes by Michel Arboi (arboi at noos.fr) :
- find_services accepts password-protected .pem files
- patches in the way files were transmitted between the client
and the server (which could end up in a deadlock)
. changes by Alexis de Bernis <alexisb at tpfh.org) :
- fixed ftp_write_dirs.nes
1.1.3 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'torturecgis.nasl' which supplies bogus args to
the remote CGIs, in order to find the most blantantly broken
ones
- webmirror.nasl now retrieves the list of arguments of each
CGI.
- added filter support in the client. Use the key 'l' to filter
out plugins you don't want to see.
- added the 'safe checks' option which allow the user to not disturb
the network (but which weakens the Nessus tests)
- disabled backward support for port 3001 - the official port
is 1241 now.
1.1.2 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'webmirror.nasl', which extracts the list of
CGIs used by a remote web server (and will do much more).
- fixed a problem in NASL due to the SSL patch that would cause
a fd leak with some plugins.
- added a new plugin category (ACT_DESTRUCTIVE_ATTACK) for plugins
that may harm the remote host.
- SSL certificates & key can be imported
- corrected a bug introduced in 1.1.0 that would make the client not display
the name of the plugin currently being run.
- sending signal SIGUSR1 to nessusd makes the grandfather process (the one
who listens on tcp ports) die without killing its children, thus
allowing a smooth upgrade of nessusd
- updated config.guess and config.sub
1.1.1 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed mem leaks in NASL
- fixed a bug introduced in 1.1.0 regarding recv_line()
- fixed a bug introduced in 1.1.0 in the process management of the plugins
(all the KB would not be filled, resulting in incomplete tests)
- smb_sid2user.nasl is twice as fast ;)
1.1.0 :
. changes by Devin Kowatch (devink at SDSC.EDU) :
- fixed communication problem between client and server
- user-defined timing policy in nmap
- nessus-update-plugins uses wget (or any user-supplied command at
compilation time) if available.
. changes by Michel Arboi (arboi at bigfoot.com) :
- support for the -T option of nmap
- SSL support
. changes by Zorgon (zorgon at antionline.org) :
- support for the --os_guess option of nmap
. changes by Renaud Deraison (deraison at nessus.org) :
- the user can upload files to plugins through the client (ie: it is possible
to upload nmap's results directly to the nmap plugin)
- tests can be run in parallel now
- each user is now granted a home by nessus-adduser
- added nessus-rmuser
- per users plugins
Of course several new plugins were added as well.
2002-05-10 15:18:44 +02:00
|
|
|
lib/nessus/plugins/php_split_mime.nasl
|
2001-01-28 19:52:32 +01:00
|
|
|
lib/nessus/plugins/phpix.nasl
|
Update libnasl, nessus{-core,-libraries,-plugins} to 1.2.0.
1.1.15/1.2.0 :
. changes by Nicolas Dubee (ndubee@secway.com) :
- Better support for AF_UNIX sockets
. changes by Brian (bmc@snort.org) :
- CVE references
- several bugfixes in the plugins
. changes by Peter Gründl (pgrundl@kpmg.dk) and
Carsten Joergensen (carstenjoergensen@kpmg.dk) :
- Extensive review of the plugins and therefore numerous fixes
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- FD leak in save_kb.c fixed
. changes by Renaud Deraison (deraison at nessus.org)
- It is now possible to upload files to the server when using
the command line client
- lrand48() portability problems worked around
- fixed a bug in the report window that would make it crash
randomly
1.1.14 :
. changes by Renaud Deraison (deraison at nessus.org)
- SMB fixes (thanks to Michael Scheidell)
- When the safe checks option is enabled, dangerous tests with no
alternate code (ie: plugins of type ACT_DESTRUCTIVE_ATTACK and
ACT_DENIAL) are disabled
- Hosts can be designated by their MAC address of instead of their
IP address (mostly useful for DHCP networks)
- Fixed a bug in the report generation which would replace newlines (\n)
by semi-columns (;)
- Fixed a bug in the export of some types of reports, where open ports
with no data associated would not be saved
- Integrated THC's Hydra as a Nessus plugin
- Added new NT security checks (related to user management)
- Plugins of type ACT_SETTINGS can not be disabled
- Fixed a bug which would make nessusd hang when a scanner was reporting
too many open ports (as when a UDP scan reports all UDP ports as
being open)
. changes by Dion Stempfley (dion at riptech.com)
- The client can now filter on category
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- Fixed some plugins causing error messages in some circumstances
(dns_xfer.nasl, snmp_processes.nasl...)
- Stylish changes to prevent gcc -Wall from whining in some files
- XML NG output is now XML compliant
- Bug fixes
. changes by Jenni Scott (jenni.scott@guardent.com) and
Michael Slifcak (michael.slifcak@guardent.com) :
- Improved the reporting of the plugins (better consistency, better
wording)
1.1.13 :
. changes by Michel Arboi (arboi at algoriel.fr)
- New family ACT_SETTINGS dedicated to plugins which just let the user
enter some preferences
- Optional NIDS evasion techniques (url encoding, tcp slicing)
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug in the command line client which would make it ignore
some preferences
- SMB checks can now log into a Windows domain
- NIDS evasion techniques (data injection, short ttl)
- Fixed a bug which would randomly stall the scan
1.1.12 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workarounds on FreeBSD to prevent a kernel panic
(thanks to Michael Scheidell and Stefan Esser)
- nessus can export reports as other file formats again
1.1.11 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug regarding the saving of reports from the GUI
- Improved the backend in many ways (speed-wise, content-wise)
- Changes in the protocol
- More messages are sent between the server and the client (timestamps,
plugins version, ...)
- New .nbe file format, which looks like .nsr but has more information
in it
- Plugins now have versions numbers.
- The user can upload his plugins to the nessusd server from the client
- It is now possible to upload files to the server (ie: nmap's results) in
command-line mode
- Fixed false positives in SNMP plugins when launched against a non-configured
Solaris snmpd
. changes by Guillaume Valadon (guillaume at valadon.net)
- New XML output (the XML layout was defined by Lionel Cons [lionel.cons at cern.ch])
1.1.10 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug introduced in 1.1.9 which would sometimes prevent a user from
aborting an on-going test
- Fixed a bug in the client which would prevent the user from setting a port
range longer than 255 chars
- Fixed bugs in pcap_next() (thanks to Richard van den Berg). Also, pcap_next() is now more flexible.
- Fixed a bug in the command line client which would make it close the
communication too early when the client - server communication is not
ciphered
- Added an "auto-load dependencies at runtime" option
1.1.9 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fix in the GUI, when closing a saved report
- Fixed a bug in ftp_log_in() which would prevent nasl script from
logging into some FTP servers
- Solaris build problems fixed
- Darwin 1.4.1 build problems fixed
- MkLinux DR3 build problems fixed (is anyone using it anymore ?)
- GTK 1.0.x build problems fixed (the use of GTK 1.2 is recommended though)
- Fixed the "wrong call to getopt" problem which would make Nessus
segfault when built with cygwin, and which would prevent options
from working under Solaris & FreeBSD (thanks to Udo Schweigert)
- SMB checks speedup (thanks to Georges Dagousset's suggestion)
- Fixed a bug in the client - server communication that would make the
server close the communication when the client is idle
- Better support for AF_UNIX socket for client-server communication
(compile nessus-core with ./configure --enable-unix-socket)
- Plugins are disabled by default in batch mode
. changes by Michel Arboi (arboi at algoriel.fr)
- Client now properly checks the certificate of the server
. changes by Benoit Brodard (bbrodard at arkoon.net)
- fixed bugs in nasl/tcp.c (checksum, handling of unsigned int)
1.1.8 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workaround for systems with a low number of bpfs (OpenBSD, Darwin)
- Added some length checks for SMB checks
- No more zombies
- Fixed accounts.nes
- Fixed the reporting of the client (reports would be mixed)
- Client removes tempfiles when exiting
- Repaired ptyexecvp() which would not work on Solaris
- Slight bugfix in the NASL interpretor
. changes by Georges Dagousset (georges at alert4web.com)
- More optimizations
- Properly reloads KBs with the same value defined more than once
- Fixes in some plugins dependencies
. changes by Michael Slifcak <Michael.Slifcak at guardent.com>
- More nmap options
- Quiet mode in nessus-adduser
1.1.7 :
. changes by Renaud Deraison (deraison at nessus.org)
- Compiles on platforms without OpenSSL
- Better Solaris support
- Ported under Darwin (many thanks to Dieter Fiebelkorn
(dieter at fiebelkorn.net) who actually started the port and helped
me test this)
- Unscanned ports can now be considered as closed or open (instead of
just open), at user choice
- Upgraded to libtool 1.4.2
- fixed a bug in the client which would make it display the wrong report
when doing multiple scans
- enhanced the plugins filter (that appear when pressing 'l' in the GUI)
- fixed a serious problem in the SMB plugins which would prevent them to work
against Samba and which would make them slow against Windows (pointed out
by Georges Dagousset)
. changes by Iouri Pletnev (Iouri.Pletnec at xacta.com)
- Ported under Cygwin
. changes by Michel Arboi (arboi at algoriel.fr)
- Added nessus-mkrand for hosts with no /dev/random AND no EGD
running
1.1.6 :
. changes by Renaud Deraison (deraison at nessus.org)
- EGD support for OpenSSL (do ./configure --enable-egd=/path/to/egd/socket
in nessus-libraries)
- KB items are now stored with individual dates instead of a global
date for the whole KB file. Yes, this means you have to delete your
old KB files
- When an host could not be pinged, his KB is not altered (nor created)
- fixed memory leaks in nessusd
- nessus-mkcert checks that the certificates were really created
before congratulating the user
- fixed a security problem where anybody with a shell on the nessusd
host could log in
1.1.5 :
. changes by Georges Dagousset (georges.dagousset at alert4web.com) :
- new KB entries for further "optimizations"
- improved find_services.nes
. changes by Renaud Deraison (deraison at nessus.org) :
- cleaned up the KB
- added doc/kb_entries.txt
- bugfix in find_services regarding the pem password
- new reporting GUI
- fixed a problem which would leave some plugin run against a host
considered as dead
- the KB are now stored with properly escaped \n and \r chars
- greatly improved tcp_ping.nasl (and tcp_ping() in libnasl)
. changes by Michel Arboi (arboi at algoriel.fr) :
- replaced PEKS by OpenSSL in the client/server communication
. changes by H D Moore (hdm@secureaustin.com)
- fixed no404.nasl
1.1.4 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed find_services.nes
- plugins that are slow to finish are _really_ killed by the server
- the client better handles the scan of big networks
- nmap_wrapper now updates its progress bar
- nessus-update-plugins support proxies (with or without authentication)
- monitor_backend.c and data_mining.c allow any developer to plug
a database behind the client (by default flatfiles are used)
- bug fixed in nmap_wrapper which would make it kill its parent
process randomly
- minor fix in the tcp_ping() function of NASL (ack would be set
to non-zero for a syn packet)
- fixed Alexis's ftp_write_dirs.nes & ftp_bounce_scan.nes
. changes by Michel Arboi (arboi at noos.fr) :
- find_services accepts password-protected .pem files
- patches in the way files were transmitted between the client
and the server (which could end up in a deadlock)
. changes by Alexis de Bernis <alexisb at tpfh.org) :
- fixed ftp_write_dirs.nes
1.1.3 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'torturecgis.nasl' which supplies bogus args to
the remote CGIs, in order to find the most blantantly broken
ones
- webmirror.nasl now retrieves the list of arguments of each
CGI.
- added filter support in the client. Use the key 'l' to filter
out plugins you don't want to see.
- added the 'safe checks' option which allow the user to not disturb
the network (but which weakens the Nessus tests)
- disabled backward support for port 3001 - the official port
is 1241 now.
1.1.2 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'webmirror.nasl', which extracts the list of
CGIs used by a remote web server (and will do much more).
- fixed a problem in NASL due to the SSL patch that would cause
a fd leak with some plugins.
- added a new plugin category (ACT_DESTRUCTIVE_ATTACK) for plugins
that may harm the remote host.
- SSL certificates & key can be imported
- corrected a bug introduced in 1.1.0 that would make the client not display
the name of the plugin currently being run.
- sending signal SIGUSR1 to nessusd makes the grandfather process (the one
who listens on tcp ports) die without killing its children, thus
allowing a smooth upgrade of nessusd
- updated config.guess and config.sub
1.1.1 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed mem leaks in NASL
- fixed a bug introduced in 1.1.0 regarding recv_line()
- fixed a bug introduced in 1.1.0 in the process management of the plugins
(all the KB would not be filled, resulting in incomplete tests)
- smb_sid2user.nasl is twice as fast ;)
1.1.0 :
. changes by Devin Kowatch (devink at SDSC.EDU) :
- fixed communication problem between client and server
- user-defined timing policy in nmap
- nessus-update-plugins uses wget (or any user-supplied command at
compilation time) if available.
. changes by Michel Arboi (arboi at bigfoot.com) :
- support for the -T option of nmap
- SSL support
. changes by Zorgon (zorgon at antionline.org) :
- support for the --os_guess option of nmap
. changes by Renaud Deraison (deraison at nessus.org) :
- the user can upload files to plugins through the client (ie: it is possible
to upload nmap's results directly to the nmap plugin)
- tests can be run in parallel now
- each user is now granted a home by nessus-adduser
- added nessus-rmuser
- per users plugins
Of course several new plugins were added as well.
2002-05-10 15:18:44 +02:00
|
|
|
lib/nessus/plugins/phprocketaddin_traversal.nasl
|
2001-06-17 15:25:54 +02:00
|
|
|
lib/nessus/plugins/pi3web_isapi.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/pimp.nasl
|
|
|
|
lib/nessus/plugins/ping_host.nasl
|
|
|
|
lib/nessus/plugins/piranha.nasl
|
|
|
|
lib/nessus/plugins/plusmail.nasl
|
|
|
|
lib/nessus/plugins/pmcrash.nasl
|
|
|
|
lib/nessus/plugins/pnserver.nasl
|
|
|
|
lib/nessus/plugins/poc32.nasl
|
2000-08-04 01:09:21 +02:00
|
|
|
lib/nessus/plugins/pollit.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/pop3_overflow.nasl
|
|
|
|
lib/nessus/plugins/popserver_detect.nasl
|
Update libnasl, nessus{-core,-libraries,-plugins} to 1.2.0.
1.1.15/1.2.0 :
. changes by Nicolas Dubee (ndubee@secway.com) :
- Better support for AF_UNIX sockets
. changes by Brian (bmc@snort.org) :
- CVE references
- several bugfixes in the plugins
. changes by Peter Gründl (pgrundl@kpmg.dk) and
Carsten Joergensen (carstenjoergensen@kpmg.dk) :
- Extensive review of the plugins and therefore numerous fixes
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- FD leak in save_kb.c fixed
. changes by Renaud Deraison (deraison at nessus.org)
- It is now possible to upload files to the server when using
the command line client
- lrand48() portability problems worked around
- fixed a bug in the report window that would make it crash
randomly
1.1.14 :
. changes by Renaud Deraison (deraison at nessus.org)
- SMB fixes (thanks to Michael Scheidell)
- When the safe checks option is enabled, dangerous tests with no
alternate code (ie: plugins of type ACT_DESTRUCTIVE_ATTACK and
ACT_DENIAL) are disabled
- Hosts can be designated by their MAC address of instead of their
IP address (mostly useful for DHCP networks)
- Fixed a bug in the report generation which would replace newlines (\n)
by semi-columns (;)
- Fixed a bug in the export of some types of reports, where open ports
with no data associated would not be saved
- Integrated THC's Hydra as a Nessus plugin
- Added new NT security checks (related to user management)
- Plugins of type ACT_SETTINGS can not be disabled
- Fixed a bug which would make nessusd hang when a scanner was reporting
too many open ports (as when a UDP scan reports all UDP ports as
being open)
. changes by Dion Stempfley (dion at riptech.com)
- The client can now filter on category
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- Fixed some plugins causing error messages in some circumstances
(dns_xfer.nasl, snmp_processes.nasl...)
- Stylish changes to prevent gcc -Wall from whining in some files
- XML NG output is now XML compliant
- Bug fixes
. changes by Jenni Scott (jenni.scott@guardent.com) and
Michael Slifcak (michael.slifcak@guardent.com) :
- Improved the reporting of the plugins (better consistency, better
wording)
1.1.13 :
. changes by Michel Arboi (arboi at algoriel.fr)
- New family ACT_SETTINGS dedicated to plugins which just let the user
enter some preferences
- Optional NIDS evasion techniques (url encoding, tcp slicing)
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug in the command line client which would make it ignore
some preferences
- SMB checks can now log into a Windows domain
- NIDS evasion techniques (data injection, short ttl)
- Fixed a bug which would randomly stall the scan
1.1.12 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workarounds on FreeBSD to prevent a kernel panic
(thanks to Michael Scheidell and Stefan Esser)
- nessus can export reports as other file formats again
1.1.11 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug regarding the saving of reports from the GUI
- Improved the backend in many ways (speed-wise, content-wise)
- Changes in the protocol
- More messages are sent between the server and the client (timestamps,
plugins version, ...)
- New .nbe file format, which looks like .nsr but has more information
in it
- Plugins now have versions numbers.
- The user can upload his plugins to the nessusd server from the client
- It is now possible to upload files to the server (ie: nmap's results) in
command-line mode
- Fixed false positives in SNMP plugins when launched against a non-configured
Solaris snmpd
. changes by Guillaume Valadon (guillaume at valadon.net)
- New XML output (the XML layout was defined by Lionel Cons [lionel.cons at cern.ch])
1.1.10 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug introduced in 1.1.9 which would sometimes prevent a user from
aborting an on-going test
- Fixed a bug in the client which would prevent the user from setting a port
range longer than 255 chars
- Fixed bugs in pcap_next() (thanks to Richard van den Berg). Also, pcap_next() is now more flexible.
- Fixed a bug in the command line client which would make it close the
communication too early when the client - server communication is not
ciphered
- Added an "auto-load dependencies at runtime" option
1.1.9 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fix in the GUI, when closing a saved report
- Fixed a bug in ftp_log_in() which would prevent nasl script from
logging into some FTP servers
- Solaris build problems fixed
- Darwin 1.4.1 build problems fixed
- MkLinux DR3 build problems fixed (is anyone using it anymore ?)
- GTK 1.0.x build problems fixed (the use of GTK 1.2 is recommended though)
- Fixed the "wrong call to getopt" problem which would make Nessus
segfault when built with cygwin, and which would prevent options
from working under Solaris & FreeBSD (thanks to Udo Schweigert)
- SMB checks speedup (thanks to Georges Dagousset's suggestion)
- Fixed a bug in the client - server communication that would make the
server close the communication when the client is idle
- Better support for AF_UNIX socket for client-server communication
(compile nessus-core with ./configure --enable-unix-socket)
- Plugins are disabled by default in batch mode
. changes by Michel Arboi (arboi at algoriel.fr)
- Client now properly checks the certificate of the server
. changes by Benoit Brodard (bbrodard at arkoon.net)
- fixed bugs in nasl/tcp.c (checksum, handling of unsigned int)
1.1.8 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workaround for systems with a low number of bpfs (OpenBSD, Darwin)
- Added some length checks for SMB checks
- No more zombies
- Fixed accounts.nes
- Fixed the reporting of the client (reports would be mixed)
- Client removes tempfiles when exiting
- Repaired ptyexecvp() which would not work on Solaris
- Slight bugfix in the NASL interpretor
. changes by Georges Dagousset (georges at alert4web.com)
- More optimizations
- Properly reloads KBs with the same value defined more than once
- Fixes in some plugins dependencies
. changes by Michael Slifcak <Michael.Slifcak at guardent.com>
- More nmap options
- Quiet mode in nessus-adduser
1.1.7 :
. changes by Renaud Deraison (deraison at nessus.org)
- Compiles on platforms without OpenSSL
- Better Solaris support
- Ported under Darwin (many thanks to Dieter Fiebelkorn
(dieter at fiebelkorn.net) who actually started the port and helped
me test this)
- Unscanned ports can now be considered as closed or open (instead of
just open), at user choice
- Upgraded to libtool 1.4.2
- fixed a bug in the client which would make it display the wrong report
when doing multiple scans
- enhanced the plugins filter (that appear when pressing 'l' in the GUI)
- fixed a serious problem in the SMB plugins which would prevent them to work
against Samba and which would make them slow against Windows (pointed out
by Georges Dagousset)
. changes by Iouri Pletnev (Iouri.Pletnec at xacta.com)
- Ported under Cygwin
. changes by Michel Arboi (arboi at algoriel.fr)
- Added nessus-mkrand for hosts with no /dev/random AND no EGD
running
1.1.6 :
. changes by Renaud Deraison (deraison at nessus.org)
- EGD support for OpenSSL (do ./configure --enable-egd=/path/to/egd/socket
in nessus-libraries)
- KB items are now stored with individual dates instead of a global
date for the whole KB file. Yes, this means you have to delete your
old KB files
- When an host could not be pinged, his KB is not altered (nor created)
- fixed memory leaks in nessusd
- nessus-mkcert checks that the certificates were really created
before congratulating the user
- fixed a security problem where anybody with a shell on the nessusd
host could log in
1.1.5 :
. changes by Georges Dagousset (georges.dagousset at alert4web.com) :
- new KB entries for further "optimizations"
- improved find_services.nes
. changes by Renaud Deraison (deraison at nessus.org) :
- cleaned up the KB
- added doc/kb_entries.txt
- bugfix in find_services regarding the pem password
- new reporting GUI
- fixed a problem which would leave some plugin run against a host
considered as dead
- the KB are now stored with properly escaped \n and \r chars
- greatly improved tcp_ping.nasl (and tcp_ping() in libnasl)
. changes by Michel Arboi (arboi at algoriel.fr) :
- replaced PEKS by OpenSSL in the client/server communication
. changes by H D Moore (hdm@secureaustin.com)
- fixed no404.nasl
1.1.4 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed find_services.nes
- plugins that are slow to finish are _really_ killed by the server
- the client better handles the scan of big networks
- nmap_wrapper now updates its progress bar
- nessus-update-plugins support proxies (with or without authentication)
- monitor_backend.c and data_mining.c allow any developer to plug
a database behind the client (by default flatfiles are used)
- bug fixed in nmap_wrapper which would make it kill its parent
process randomly
- minor fix in the tcp_ping() function of NASL (ack would be set
to non-zero for a syn packet)
- fixed Alexis's ftp_write_dirs.nes & ftp_bounce_scan.nes
. changes by Michel Arboi (arboi at noos.fr) :
- find_services accepts password-protected .pem files
- patches in the way files were transmitted between the client
and the server (which could end up in a deadlock)
. changes by Alexis de Bernis <alexisb at tpfh.org) :
- fixed ftp_write_dirs.nes
1.1.3 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'torturecgis.nasl' which supplies bogus args to
the remote CGIs, in order to find the most blantantly broken
ones
- webmirror.nasl now retrieves the list of arguments of each
CGI.
- added filter support in the client. Use the key 'l' to filter
out plugins you don't want to see.
- added the 'safe checks' option which allow the user to not disturb
the network (but which weakens the Nessus tests)
- disabled backward support for port 3001 - the official port
is 1241 now.
1.1.2 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'webmirror.nasl', which extracts the list of
CGIs used by a remote web server (and will do much more).
- fixed a problem in NASL due to the SSL patch that would cause
a fd leak with some plugins.
- added a new plugin category (ACT_DESTRUCTIVE_ATTACK) for plugins
that may harm the remote host.
- SSL certificates & key can be imported
- corrected a bug introduced in 1.1.0 that would make the client not display
the name of the plugin currently being run.
- sending signal SIGUSR1 to nessusd makes the grandfather process (the one
who listens on tcp ports) die without killing its children, thus
allowing a smooth upgrade of nessusd
- updated config.guess and config.sub
1.1.1 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed mem leaks in NASL
- fixed a bug introduced in 1.1.0 regarding recv_line()
- fixed a bug introduced in 1.1.0 in the process management of the plugins
(all the KB would not be filled, resulting in incomplete tests)
- smb_sid2user.nasl is twice as fast ;)
1.1.0 :
. changes by Devin Kowatch (devink at SDSC.EDU) :
- fixed communication problem between client and server
- user-defined timing policy in nmap
- nessus-update-plugins uses wget (or any user-supplied command at
compilation time) if available.
. changes by Michel Arboi (arboi at bigfoot.com) :
- support for the -T option of nmap
- SSL support
. changes by Zorgon (zorgon at antionline.org) :
- support for the --os_guess option of nmap
. changes by Renaud Deraison (deraison at nessus.org) :
- the user can upload files to plugins through the client (ie: it is possible
to upload nmap's results directly to the nmap plugin)
- tests can be run in parallel now
- each user is now granted a home by nessus-adduser
- added nessus-rmuser
- per users plugins
Of course several new plugins were added as well.
2002-05-10 15:18:44 +02:00
|
|
|
lib/nessus/plugins/port_shell_execution.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/portal_of_doom.nasl
|
2000-08-04 01:09:21 +02:00
|
|
|
lib/nessus/plugins/postgresql_unpassworded.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/powerplay.nasl
|
2001-12-30 19:38:53 +01:00
|
|
|
lib/nessus/plugins/powerup_information_disclosure.nasl
|
2001-06-17 15:25:54 +02:00
|
|
|
lib/nessus/plugins/pptp_detect.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/printenv.nasl
|
2001-06-17 15:25:54 +02:00
|
|
|
lib/nessus/plugins/processit.nasl
|
|
|
|
lib/nessus/plugins/proftpd_exhaust.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/proftpd_mkdir_overflow.nasl
|
|
|
|
lib/nessus/plugins/proftpd_overflow.nasl
|
2000-08-04 01:09:21 +02:00
|
|
|
lib/nessus/plugins/proftpd_pre10.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/proftpd_pre6_exploit.nasl
|
|
|
|
lib/nessus/plugins/proxy_connect.nasl
|
|
|
|
lib/nessus/plugins/proxy_port.nasl
|
|
|
|
lib/nessus/plugins/proxy_post.nasl
|
|
|
|
lib/nessus/plugins/proxy_use.nasl
|
|
|
|
lib/nessus/plugins/qpopper.nasl
|
|
|
|
lib/nessus/plugins/qpopper_euidl.nasl
|
|
|
|
lib/nessus/plugins/qpopper_list.nasl
|
Update libnasl, nessus{-core,-libraries,-plugins} to 1.2.0.
1.1.15/1.2.0 :
. changes by Nicolas Dubee (ndubee@secway.com) :
- Better support for AF_UNIX sockets
. changes by Brian (bmc@snort.org) :
- CVE references
- several bugfixes in the plugins
. changes by Peter Gründl (pgrundl@kpmg.dk) and
Carsten Joergensen (carstenjoergensen@kpmg.dk) :
- Extensive review of the plugins and therefore numerous fixes
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- FD leak in save_kb.c fixed
. changes by Renaud Deraison (deraison at nessus.org)
- It is now possible to upload files to the server when using
the command line client
- lrand48() portability problems worked around
- fixed a bug in the report window that would make it crash
randomly
1.1.14 :
. changes by Renaud Deraison (deraison at nessus.org)
- SMB fixes (thanks to Michael Scheidell)
- When the safe checks option is enabled, dangerous tests with no
alternate code (ie: plugins of type ACT_DESTRUCTIVE_ATTACK and
ACT_DENIAL) are disabled
- Hosts can be designated by their MAC address of instead of their
IP address (mostly useful for DHCP networks)
- Fixed a bug in the report generation which would replace newlines (\n)
by semi-columns (;)
- Fixed a bug in the export of some types of reports, where open ports
with no data associated would not be saved
- Integrated THC's Hydra as a Nessus plugin
- Added new NT security checks (related to user management)
- Plugins of type ACT_SETTINGS can not be disabled
- Fixed a bug which would make nessusd hang when a scanner was reporting
too many open ports (as when a UDP scan reports all UDP ports as
being open)
. changes by Dion Stempfley (dion at riptech.com)
- The client can now filter on category
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- Fixed some plugins causing error messages in some circumstances
(dns_xfer.nasl, snmp_processes.nasl...)
- Stylish changes to prevent gcc -Wall from whining in some files
- XML NG output is now XML compliant
- Bug fixes
. changes by Jenni Scott (jenni.scott@guardent.com) and
Michael Slifcak (michael.slifcak@guardent.com) :
- Improved the reporting of the plugins (better consistency, better
wording)
1.1.13 :
. changes by Michel Arboi (arboi at algoriel.fr)
- New family ACT_SETTINGS dedicated to plugins which just let the user
enter some preferences
- Optional NIDS evasion techniques (url encoding, tcp slicing)
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug in the command line client which would make it ignore
some preferences
- SMB checks can now log into a Windows domain
- NIDS evasion techniques (data injection, short ttl)
- Fixed a bug which would randomly stall the scan
1.1.12 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workarounds on FreeBSD to prevent a kernel panic
(thanks to Michael Scheidell and Stefan Esser)
- nessus can export reports as other file formats again
1.1.11 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug regarding the saving of reports from the GUI
- Improved the backend in many ways (speed-wise, content-wise)
- Changes in the protocol
- More messages are sent between the server and the client (timestamps,
plugins version, ...)
- New .nbe file format, which looks like .nsr but has more information
in it
- Plugins now have versions numbers.
- The user can upload his plugins to the nessusd server from the client
- It is now possible to upload files to the server (ie: nmap's results) in
command-line mode
- Fixed false positives in SNMP plugins when launched against a non-configured
Solaris snmpd
. changes by Guillaume Valadon (guillaume at valadon.net)
- New XML output (the XML layout was defined by Lionel Cons [lionel.cons at cern.ch])
1.1.10 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug introduced in 1.1.9 which would sometimes prevent a user from
aborting an on-going test
- Fixed a bug in the client which would prevent the user from setting a port
range longer than 255 chars
- Fixed bugs in pcap_next() (thanks to Richard van den Berg). Also, pcap_next() is now more flexible.
- Fixed a bug in the command line client which would make it close the
communication too early when the client - server communication is not
ciphered
- Added an "auto-load dependencies at runtime" option
1.1.9 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fix in the GUI, when closing a saved report
- Fixed a bug in ftp_log_in() which would prevent nasl script from
logging into some FTP servers
- Solaris build problems fixed
- Darwin 1.4.1 build problems fixed
- MkLinux DR3 build problems fixed (is anyone using it anymore ?)
- GTK 1.0.x build problems fixed (the use of GTK 1.2 is recommended though)
- Fixed the "wrong call to getopt" problem which would make Nessus
segfault when built with cygwin, and which would prevent options
from working under Solaris & FreeBSD (thanks to Udo Schweigert)
- SMB checks speedup (thanks to Georges Dagousset's suggestion)
- Fixed a bug in the client - server communication that would make the
server close the communication when the client is idle
- Better support for AF_UNIX socket for client-server communication
(compile nessus-core with ./configure --enable-unix-socket)
- Plugins are disabled by default in batch mode
. changes by Michel Arboi (arboi at algoriel.fr)
- Client now properly checks the certificate of the server
. changes by Benoit Brodard (bbrodard at arkoon.net)
- fixed bugs in nasl/tcp.c (checksum, handling of unsigned int)
1.1.8 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workaround for systems with a low number of bpfs (OpenBSD, Darwin)
- Added some length checks for SMB checks
- No more zombies
- Fixed accounts.nes
- Fixed the reporting of the client (reports would be mixed)
- Client removes tempfiles when exiting
- Repaired ptyexecvp() which would not work on Solaris
- Slight bugfix in the NASL interpretor
. changes by Georges Dagousset (georges at alert4web.com)
- More optimizations
- Properly reloads KBs with the same value defined more than once
- Fixes in some plugins dependencies
. changes by Michael Slifcak <Michael.Slifcak at guardent.com>
- More nmap options
- Quiet mode in nessus-adduser
1.1.7 :
. changes by Renaud Deraison (deraison at nessus.org)
- Compiles on platforms without OpenSSL
- Better Solaris support
- Ported under Darwin (many thanks to Dieter Fiebelkorn
(dieter at fiebelkorn.net) who actually started the port and helped
me test this)
- Unscanned ports can now be considered as closed or open (instead of
just open), at user choice
- Upgraded to libtool 1.4.2
- fixed a bug in the client which would make it display the wrong report
when doing multiple scans
- enhanced the plugins filter (that appear when pressing 'l' in the GUI)
- fixed a serious problem in the SMB plugins which would prevent them to work
against Samba and which would make them slow against Windows (pointed out
by Georges Dagousset)
. changes by Iouri Pletnev (Iouri.Pletnec at xacta.com)
- Ported under Cygwin
. changes by Michel Arboi (arboi at algoriel.fr)
- Added nessus-mkrand for hosts with no /dev/random AND no EGD
running
1.1.6 :
. changes by Renaud Deraison (deraison at nessus.org)
- EGD support for OpenSSL (do ./configure --enable-egd=/path/to/egd/socket
in nessus-libraries)
- KB items are now stored with individual dates instead of a global
date for the whole KB file. Yes, this means you have to delete your
old KB files
- When an host could not be pinged, his KB is not altered (nor created)
- fixed memory leaks in nessusd
- nessus-mkcert checks that the certificates were really created
before congratulating the user
- fixed a security problem where anybody with a shell on the nessusd
host could log in
1.1.5 :
. changes by Georges Dagousset (georges.dagousset at alert4web.com) :
- new KB entries for further "optimizations"
- improved find_services.nes
. changes by Renaud Deraison (deraison at nessus.org) :
- cleaned up the KB
- added doc/kb_entries.txt
- bugfix in find_services regarding the pem password
- new reporting GUI
- fixed a problem which would leave some plugin run against a host
considered as dead
- the KB are now stored with properly escaped \n and \r chars
- greatly improved tcp_ping.nasl (and tcp_ping() in libnasl)
. changes by Michel Arboi (arboi at algoriel.fr) :
- replaced PEKS by OpenSSL in the client/server communication
. changes by H D Moore (hdm@secureaustin.com)
- fixed no404.nasl
1.1.4 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed find_services.nes
- plugins that are slow to finish are _really_ killed by the server
- the client better handles the scan of big networks
- nmap_wrapper now updates its progress bar
- nessus-update-plugins support proxies (with or without authentication)
- monitor_backend.c and data_mining.c allow any developer to plug
a database behind the client (by default flatfiles are used)
- bug fixed in nmap_wrapper which would make it kill its parent
process randomly
- minor fix in the tcp_ping() function of NASL (ack would be set
to non-zero for a syn packet)
- fixed Alexis's ftp_write_dirs.nes & ftp_bounce_scan.nes
. changes by Michel Arboi (arboi at noos.fr) :
- find_services accepts password-protected .pem files
- patches in the way files were transmitted between the client
and the server (which could end up in a deadlock)
. changes by Alexis de Bernis <alexisb at tpfh.org) :
- fixed ftp_write_dirs.nes
1.1.3 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'torturecgis.nasl' which supplies bogus args to
the remote CGIs, in order to find the most blantantly broken
ones
- webmirror.nasl now retrieves the list of arguments of each
CGI.
- added filter support in the client. Use the key 'l' to filter
out plugins you don't want to see.
- added the 'safe checks' option which allow the user to not disturb
the network (but which weakens the Nessus tests)
- disabled backward support for port 3001 - the official port
is 1241 now.
1.1.2 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'webmirror.nasl', which extracts the list of
CGIs used by a remote web server (and will do much more).
- fixed a problem in NASL due to the SSL patch that would cause
a fd leak with some plugins.
- added a new plugin category (ACT_DESTRUCTIVE_ATTACK) for plugins
that may harm the remote host.
- SSL certificates & key can be imported
- corrected a bug introduced in 1.1.0 that would make the client not display
the name of the plugin currently being run.
- sending signal SIGUSR1 to nessusd makes the grandfather process (the one
who listens on tcp ports) die without killing its children, thus
allowing a smooth upgrade of nessusd
- updated config.guess and config.sub
1.1.1 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed mem leaks in NASL
- fixed a bug introduced in 1.1.0 regarding recv_line()
- fixed a bug introduced in 1.1.0 in the process management of the plugins
(all the KB would not be filled, resulting in incomplete tests)
- smb_sid2user.nasl is twice as fast ;)
1.1.0 :
. changes by Devin Kowatch (devink at SDSC.EDU) :
- fixed communication problem between client and server
- user-defined timing policy in nmap
- nessus-update-plugins uses wget (or any user-supplied command at
compilation time) if available.
. changes by Michel Arboi (arboi at bigfoot.com) :
- support for the -T option of nmap
- SSL support
. changes by Zorgon (zorgon at antionline.org) :
- support for the --os_guess option of nmap
. changes by Renaud Deraison (deraison at nessus.org) :
- the user can upload files to plugins through the client (ie: it is possible
to upload nmap's results directly to the nmap plugin)
- tests can be run in parallel now
- each user is now granted a home by nessus-adduser
- added nessus-rmuser
- per users plugins
Of course several new plugins were added as well.
2002-05-10 15:18:44 +02:00
|
|
|
lib/nessus/plugins/quake3_dos.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/queso.nes
|
2001-12-30 19:38:53 +01:00
|
|
|
lib/nessus/plugins/quickstore.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/quote.nasl
|
|
|
|
lib/nessus/plugins/ramcrash.nasl
|
2001-12-30 19:38:53 +01:00
|
|
|
lib/nessus/plugins/raptor_detect.nasl
|
2000-11-12 05:32:02 +01:00
|
|
|
lib/nessus/plugins/rbs.nasl
|
2001-01-28 19:52:32 +01:00
|
|
|
lib/nessus/plugins/realserver_disclosure.nasl
|
2000-08-04 01:09:21 +02:00
|
|
|
lib/nessus/plugins/realserver_malformed_request_dos.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/realserver_ussr_dos.nasl
|
|
|
|
lib/nessus/plugins/realserverg2.nasl
|
|
|
|
lib/nessus/plugins/relative_field_vulnerability.nasl
|
|
|
|
lib/nessus/plugins/remwatch.nasl
|
2001-06-17 15:25:54 +02:00
|
|
|
lib/nessus/plugins/resin_traversal.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/rexecd.nasl
|
|
|
|
lib/nessus/plugins/rfparalyze.nasl
|
|
|
|
lib/nessus/plugins/rfpoison.nasl
|
Update libnasl, nessus{-core,-libraries,-plugins} to 1.2.0.
1.1.15/1.2.0 :
. changes by Nicolas Dubee (ndubee@secway.com) :
- Better support for AF_UNIX sockets
. changes by Brian (bmc@snort.org) :
- CVE references
- several bugfixes in the plugins
. changes by Peter Gründl (pgrundl@kpmg.dk) and
Carsten Joergensen (carstenjoergensen@kpmg.dk) :
- Extensive review of the plugins and therefore numerous fixes
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- FD leak in save_kb.c fixed
. changes by Renaud Deraison (deraison at nessus.org)
- It is now possible to upload files to the server when using
the command line client
- lrand48() portability problems worked around
- fixed a bug in the report window that would make it crash
randomly
1.1.14 :
. changes by Renaud Deraison (deraison at nessus.org)
- SMB fixes (thanks to Michael Scheidell)
- When the safe checks option is enabled, dangerous tests with no
alternate code (ie: plugins of type ACT_DESTRUCTIVE_ATTACK and
ACT_DENIAL) are disabled
- Hosts can be designated by their MAC address of instead of their
IP address (mostly useful for DHCP networks)
- Fixed a bug in the report generation which would replace newlines (\n)
by semi-columns (;)
- Fixed a bug in the export of some types of reports, where open ports
with no data associated would not be saved
- Integrated THC's Hydra as a Nessus plugin
- Added new NT security checks (related to user management)
- Plugins of type ACT_SETTINGS can not be disabled
- Fixed a bug which would make nessusd hang when a scanner was reporting
too many open ports (as when a UDP scan reports all UDP ports as
being open)
. changes by Dion Stempfley (dion at riptech.com)
- The client can now filter on category
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- Fixed some plugins causing error messages in some circumstances
(dns_xfer.nasl, snmp_processes.nasl...)
- Stylish changes to prevent gcc -Wall from whining in some files
- XML NG output is now XML compliant
- Bug fixes
. changes by Jenni Scott (jenni.scott@guardent.com) and
Michael Slifcak (michael.slifcak@guardent.com) :
- Improved the reporting of the plugins (better consistency, better
wording)
1.1.13 :
. changes by Michel Arboi (arboi at algoriel.fr)
- New family ACT_SETTINGS dedicated to plugins which just let the user
enter some preferences
- Optional NIDS evasion techniques (url encoding, tcp slicing)
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug in the command line client which would make it ignore
some preferences
- SMB checks can now log into a Windows domain
- NIDS evasion techniques (data injection, short ttl)
- Fixed a bug which would randomly stall the scan
1.1.12 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workarounds on FreeBSD to prevent a kernel panic
(thanks to Michael Scheidell and Stefan Esser)
- nessus can export reports as other file formats again
1.1.11 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug regarding the saving of reports from the GUI
- Improved the backend in many ways (speed-wise, content-wise)
- Changes in the protocol
- More messages are sent between the server and the client (timestamps,
plugins version, ...)
- New .nbe file format, which looks like .nsr but has more information
in it
- Plugins now have versions numbers.
- The user can upload his plugins to the nessusd server from the client
- It is now possible to upload files to the server (ie: nmap's results) in
command-line mode
- Fixed false positives in SNMP plugins when launched against a non-configured
Solaris snmpd
. changes by Guillaume Valadon (guillaume at valadon.net)
- New XML output (the XML layout was defined by Lionel Cons [lionel.cons at cern.ch])
1.1.10 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug introduced in 1.1.9 which would sometimes prevent a user from
aborting an on-going test
- Fixed a bug in the client which would prevent the user from setting a port
range longer than 255 chars
- Fixed bugs in pcap_next() (thanks to Richard van den Berg). Also, pcap_next() is now more flexible.
- Fixed a bug in the command line client which would make it close the
communication too early when the client - server communication is not
ciphered
- Added an "auto-load dependencies at runtime" option
1.1.9 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fix in the GUI, when closing a saved report
- Fixed a bug in ftp_log_in() which would prevent nasl script from
logging into some FTP servers
- Solaris build problems fixed
- Darwin 1.4.1 build problems fixed
- MkLinux DR3 build problems fixed (is anyone using it anymore ?)
- GTK 1.0.x build problems fixed (the use of GTK 1.2 is recommended though)
- Fixed the "wrong call to getopt" problem which would make Nessus
segfault when built with cygwin, and which would prevent options
from working under Solaris & FreeBSD (thanks to Udo Schweigert)
- SMB checks speedup (thanks to Georges Dagousset's suggestion)
- Fixed a bug in the client - server communication that would make the
server close the communication when the client is idle
- Better support for AF_UNIX socket for client-server communication
(compile nessus-core with ./configure --enable-unix-socket)
- Plugins are disabled by default in batch mode
. changes by Michel Arboi (arboi at algoriel.fr)
- Client now properly checks the certificate of the server
. changes by Benoit Brodard (bbrodard at arkoon.net)
- fixed bugs in nasl/tcp.c (checksum, handling of unsigned int)
1.1.8 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workaround for systems with a low number of bpfs (OpenBSD, Darwin)
- Added some length checks for SMB checks
- No more zombies
- Fixed accounts.nes
- Fixed the reporting of the client (reports would be mixed)
- Client removes tempfiles when exiting
- Repaired ptyexecvp() which would not work on Solaris
- Slight bugfix in the NASL interpretor
. changes by Georges Dagousset (georges at alert4web.com)
- More optimizations
- Properly reloads KBs with the same value defined more than once
- Fixes in some plugins dependencies
. changes by Michael Slifcak <Michael.Slifcak at guardent.com>
- More nmap options
- Quiet mode in nessus-adduser
1.1.7 :
. changes by Renaud Deraison (deraison at nessus.org)
- Compiles on platforms without OpenSSL
- Better Solaris support
- Ported under Darwin (many thanks to Dieter Fiebelkorn
(dieter at fiebelkorn.net) who actually started the port and helped
me test this)
- Unscanned ports can now be considered as closed or open (instead of
just open), at user choice
- Upgraded to libtool 1.4.2
- fixed a bug in the client which would make it display the wrong report
when doing multiple scans
- enhanced the plugins filter (that appear when pressing 'l' in the GUI)
- fixed a serious problem in the SMB plugins which would prevent them to work
against Samba and which would make them slow against Windows (pointed out
by Georges Dagousset)
. changes by Iouri Pletnev (Iouri.Pletnec at xacta.com)
- Ported under Cygwin
. changes by Michel Arboi (arboi at algoriel.fr)
- Added nessus-mkrand for hosts with no /dev/random AND no EGD
running
1.1.6 :
. changes by Renaud Deraison (deraison at nessus.org)
- EGD support for OpenSSL (do ./configure --enable-egd=/path/to/egd/socket
in nessus-libraries)
- KB items are now stored with individual dates instead of a global
date for the whole KB file. Yes, this means you have to delete your
old KB files
- When an host could not be pinged, his KB is not altered (nor created)
- fixed memory leaks in nessusd
- nessus-mkcert checks that the certificates were really created
before congratulating the user
- fixed a security problem where anybody with a shell on the nessusd
host could log in
1.1.5 :
. changes by Georges Dagousset (georges.dagousset at alert4web.com) :
- new KB entries for further "optimizations"
- improved find_services.nes
. changes by Renaud Deraison (deraison at nessus.org) :
- cleaned up the KB
- added doc/kb_entries.txt
- bugfix in find_services regarding the pem password
- new reporting GUI
- fixed a problem which would leave some plugin run against a host
considered as dead
- the KB are now stored with properly escaped \n and \r chars
- greatly improved tcp_ping.nasl (and tcp_ping() in libnasl)
. changes by Michel Arboi (arboi at algoriel.fr) :
- replaced PEKS by OpenSSL in the client/server communication
. changes by H D Moore (hdm@secureaustin.com)
- fixed no404.nasl
1.1.4 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed find_services.nes
- plugins that are slow to finish are _really_ killed by the server
- the client better handles the scan of big networks
- nmap_wrapper now updates its progress bar
- nessus-update-plugins support proxies (with or without authentication)
- monitor_backend.c and data_mining.c allow any developer to plug
a database behind the client (by default flatfiles are used)
- bug fixed in nmap_wrapper which would make it kill its parent
process randomly
- minor fix in the tcp_ping() function of NASL (ack would be set
to non-zero for a syn packet)
- fixed Alexis's ftp_write_dirs.nes & ftp_bounce_scan.nes
. changes by Michel Arboi (arboi at noos.fr) :
- find_services accepts password-protected .pem files
- patches in the way files were transmitted between the client
and the server (which could end up in a deadlock)
. changes by Alexis de Bernis <alexisb at tpfh.org) :
- fixed ftp_write_dirs.nes
1.1.3 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'torturecgis.nasl' which supplies bogus args to
the remote CGIs, in order to find the most blantantly broken
ones
- webmirror.nasl now retrieves the list of arguments of each
CGI.
- added filter support in the client. Use the key 'l' to filter
out plugins you don't want to see.
- added the 'safe checks' option which allow the user to not disturb
the network (but which weakens the Nessus tests)
- disabled backward support for port 3001 - the official port
is 1241 now.
1.1.2 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'webmirror.nasl', which extracts the list of
CGIs used by a remote web server (and will do much more).
- fixed a problem in NASL due to the SSL patch that would cause
a fd leak with some plugins.
- added a new plugin category (ACT_DESTRUCTIVE_ATTACK) for plugins
that may harm the remote host.
- SSL certificates & key can be imported
- corrected a bug introduced in 1.1.0 that would make the client not display
the name of the plugin currently being run.
- sending signal SIGUSR1 to nessusd makes the grandfather process (the one
who listens on tcp ports) die without killing its children, thus
allowing a smooth upgrade of nessusd
- updated config.guess and config.sub
1.1.1 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed mem leaks in NASL
- fixed a bug introduced in 1.1.0 regarding recv_line()
- fixed a bug introduced in 1.1.0 in the process management of the plugins
(all the KB would not be filled, resulting in incomplete tests)
- smb_sid2user.nasl is twice as fast ;)
1.1.0 :
. changes by Devin Kowatch (devink at SDSC.EDU) :
- fixed communication problem between client and server
- user-defined timing policy in nmap
- nessus-update-plugins uses wget (or any user-supplied command at
compilation time) if available.
. changes by Michel Arboi (arboi at bigfoot.com) :
- support for the -T option of nmap
- SSL support
. changes by Zorgon (zorgon at antionline.org) :
- support for the --os_guess option of nmap
. changes by Renaud Deraison (deraison at nessus.org) :
- the user can upload files to plugins through the client (ie: it is possible
to upload nmap's results directly to the nmap plugin)
- tests can be run in parallel now
- each user is now granted a home by nessus-adduser
- added nessus-rmuser
- per users plugins
Of course several new plugins were added as well.
2002-05-10 15:18:44 +02:00
|
|
|
lib/nessus/plugins/rich_media_ecommerce_stores_sensitive_information_insecurely.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/rlogin.nasl
|
2001-06-17 15:25:54 +02:00
|
|
|
lib/nessus/plugins/roads_cgi.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/rockliffe_mailsite_overflow.nasl
|
|
|
|
lib/nessus/plugins/rover_pop3_overflow.nasl
|
|
|
|
lib/nessus/plugins/roxen_counter.nasl
|
2000-08-04 01:09:21 +02:00
|
|
|
lib/nessus/plugins/roxen_percent.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/rpc_3270.nasl
|
|
|
|
lib/nessus/plugins/rpc_X25.nasl
|
|
|
|
lib/nessus/plugins/rpc_alis.nasl
|
|
|
|
lib/nessus/plugins/rpc_amd.nasl
|
|
|
|
lib/nessus/plugins/rpc_automountd.nasl
|
|
|
|
lib/nessus/plugins/rpc_cmsd.nasl
|
|
|
|
lib/nessus/plugins/rpc_database.nasl
|
|
|
|
lib/nessus/plugins/rpc_etherstatd.nasl
|
|
|
|
lib/nessus/plugins/rpc_fam.nasl
|
Update libnasl, nessus{-core,-libraries,-plugins} to 1.2.0.
1.1.15/1.2.0 :
. changes by Nicolas Dubee (ndubee@secway.com) :
- Better support for AF_UNIX sockets
. changes by Brian (bmc@snort.org) :
- CVE references
- several bugfixes in the plugins
. changes by Peter Gründl (pgrundl@kpmg.dk) and
Carsten Joergensen (carstenjoergensen@kpmg.dk) :
- Extensive review of the plugins and therefore numerous fixes
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- FD leak in save_kb.c fixed
. changes by Renaud Deraison (deraison at nessus.org)
- It is now possible to upload files to the server when using
the command line client
- lrand48() portability problems worked around
- fixed a bug in the report window that would make it crash
randomly
1.1.14 :
. changes by Renaud Deraison (deraison at nessus.org)
- SMB fixes (thanks to Michael Scheidell)
- When the safe checks option is enabled, dangerous tests with no
alternate code (ie: plugins of type ACT_DESTRUCTIVE_ATTACK and
ACT_DENIAL) are disabled
- Hosts can be designated by their MAC address of instead of their
IP address (mostly useful for DHCP networks)
- Fixed a bug in the report generation which would replace newlines (\n)
by semi-columns (;)
- Fixed a bug in the export of some types of reports, where open ports
with no data associated would not be saved
- Integrated THC's Hydra as a Nessus plugin
- Added new NT security checks (related to user management)
- Plugins of type ACT_SETTINGS can not be disabled
- Fixed a bug which would make nessusd hang when a scanner was reporting
too many open ports (as when a UDP scan reports all UDP ports as
being open)
. changes by Dion Stempfley (dion at riptech.com)
- The client can now filter on category
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- Fixed some plugins causing error messages in some circumstances
(dns_xfer.nasl, snmp_processes.nasl...)
- Stylish changes to prevent gcc -Wall from whining in some files
- XML NG output is now XML compliant
- Bug fixes
. changes by Jenni Scott (jenni.scott@guardent.com) and
Michael Slifcak (michael.slifcak@guardent.com) :
- Improved the reporting of the plugins (better consistency, better
wording)
1.1.13 :
. changes by Michel Arboi (arboi at algoriel.fr)
- New family ACT_SETTINGS dedicated to plugins which just let the user
enter some preferences
- Optional NIDS evasion techniques (url encoding, tcp slicing)
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug in the command line client which would make it ignore
some preferences
- SMB checks can now log into a Windows domain
- NIDS evasion techniques (data injection, short ttl)
- Fixed a bug which would randomly stall the scan
1.1.12 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workarounds on FreeBSD to prevent a kernel panic
(thanks to Michael Scheidell and Stefan Esser)
- nessus can export reports as other file formats again
1.1.11 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug regarding the saving of reports from the GUI
- Improved the backend in many ways (speed-wise, content-wise)
- Changes in the protocol
- More messages are sent between the server and the client (timestamps,
plugins version, ...)
- New .nbe file format, which looks like .nsr but has more information
in it
- Plugins now have versions numbers.
- The user can upload his plugins to the nessusd server from the client
- It is now possible to upload files to the server (ie: nmap's results) in
command-line mode
- Fixed false positives in SNMP plugins when launched against a non-configured
Solaris snmpd
. changes by Guillaume Valadon (guillaume at valadon.net)
- New XML output (the XML layout was defined by Lionel Cons [lionel.cons at cern.ch])
1.1.10 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug introduced in 1.1.9 which would sometimes prevent a user from
aborting an on-going test
- Fixed a bug in the client which would prevent the user from setting a port
range longer than 255 chars
- Fixed bugs in pcap_next() (thanks to Richard van den Berg). Also, pcap_next() is now more flexible.
- Fixed a bug in the command line client which would make it close the
communication too early when the client - server communication is not
ciphered
- Added an "auto-load dependencies at runtime" option
1.1.9 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fix in the GUI, when closing a saved report
- Fixed a bug in ftp_log_in() which would prevent nasl script from
logging into some FTP servers
- Solaris build problems fixed
- Darwin 1.4.1 build problems fixed
- MkLinux DR3 build problems fixed (is anyone using it anymore ?)
- GTK 1.0.x build problems fixed (the use of GTK 1.2 is recommended though)
- Fixed the "wrong call to getopt" problem which would make Nessus
segfault when built with cygwin, and which would prevent options
from working under Solaris & FreeBSD (thanks to Udo Schweigert)
- SMB checks speedup (thanks to Georges Dagousset's suggestion)
- Fixed a bug in the client - server communication that would make the
server close the communication when the client is idle
- Better support for AF_UNIX socket for client-server communication
(compile nessus-core with ./configure --enable-unix-socket)
- Plugins are disabled by default in batch mode
. changes by Michel Arboi (arboi at algoriel.fr)
- Client now properly checks the certificate of the server
. changes by Benoit Brodard (bbrodard at arkoon.net)
- fixed bugs in nasl/tcp.c (checksum, handling of unsigned int)
1.1.8 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workaround for systems with a low number of bpfs (OpenBSD, Darwin)
- Added some length checks for SMB checks
- No more zombies
- Fixed accounts.nes
- Fixed the reporting of the client (reports would be mixed)
- Client removes tempfiles when exiting
- Repaired ptyexecvp() which would not work on Solaris
- Slight bugfix in the NASL interpretor
. changes by Georges Dagousset (georges at alert4web.com)
- More optimizations
- Properly reloads KBs with the same value defined more than once
- Fixes in some plugins dependencies
. changes by Michael Slifcak <Michael.Slifcak at guardent.com>
- More nmap options
- Quiet mode in nessus-adduser
1.1.7 :
. changes by Renaud Deraison (deraison at nessus.org)
- Compiles on platforms without OpenSSL
- Better Solaris support
- Ported under Darwin (many thanks to Dieter Fiebelkorn
(dieter at fiebelkorn.net) who actually started the port and helped
me test this)
- Unscanned ports can now be considered as closed or open (instead of
just open), at user choice
- Upgraded to libtool 1.4.2
- fixed a bug in the client which would make it display the wrong report
when doing multiple scans
- enhanced the plugins filter (that appear when pressing 'l' in the GUI)
- fixed a serious problem in the SMB plugins which would prevent them to work
against Samba and which would make them slow against Windows (pointed out
by Georges Dagousset)
. changes by Iouri Pletnev (Iouri.Pletnec at xacta.com)
- Ported under Cygwin
. changes by Michel Arboi (arboi at algoriel.fr)
- Added nessus-mkrand for hosts with no /dev/random AND no EGD
running
1.1.6 :
. changes by Renaud Deraison (deraison at nessus.org)
- EGD support for OpenSSL (do ./configure --enable-egd=/path/to/egd/socket
in nessus-libraries)
- KB items are now stored with individual dates instead of a global
date for the whole KB file. Yes, this means you have to delete your
old KB files
- When an host could not be pinged, his KB is not altered (nor created)
- fixed memory leaks in nessusd
- nessus-mkcert checks that the certificates were really created
before congratulating the user
- fixed a security problem where anybody with a shell on the nessusd
host could log in
1.1.5 :
. changes by Georges Dagousset (georges.dagousset at alert4web.com) :
- new KB entries for further "optimizations"
- improved find_services.nes
. changes by Renaud Deraison (deraison at nessus.org) :
- cleaned up the KB
- added doc/kb_entries.txt
- bugfix in find_services regarding the pem password
- new reporting GUI
- fixed a problem which would leave some plugin run against a host
considered as dead
- the KB are now stored with properly escaped \n and \r chars
- greatly improved tcp_ping.nasl (and tcp_ping() in libnasl)
. changes by Michel Arboi (arboi at algoriel.fr) :
- replaced PEKS by OpenSSL in the client/server communication
. changes by H D Moore (hdm@secureaustin.com)
- fixed no404.nasl
1.1.4 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed find_services.nes
- plugins that are slow to finish are _really_ killed by the server
- the client better handles the scan of big networks
- nmap_wrapper now updates its progress bar
- nessus-update-plugins support proxies (with or without authentication)
- monitor_backend.c and data_mining.c allow any developer to plug
a database behind the client (by default flatfiles are used)
- bug fixed in nmap_wrapper which would make it kill its parent
process randomly
- minor fix in the tcp_ping() function of NASL (ack would be set
to non-zero for a syn packet)
- fixed Alexis's ftp_write_dirs.nes & ftp_bounce_scan.nes
. changes by Michel Arboi (arboi at noos.fr) :
- find_services accepts password-protected .pem files
- patches in the way files were transmitted between the client
and the server (which could end up in a deadlock)
. changes by Alexis de Bernis <alexisb at tpfh.org) :
- fixed ftp_write_dirs.nes
1.1.3 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'torturecgis.nasl' which supplies bogus args to
the remote CGIs, in order to find the most blantantly broken
ones
- webmirror.nasl now retrieves the list of arguments of each
CGI.
- added filter support in the client. Use the key 'l' to filter
out plugins you don't want to see.
- added the 'safe checks' option which allow the user to not disturb
the network (but which weakens the Nessus tests)
- disabled backward support for port 3001 - the official port
is 1241 now.
1.1.2 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'webmirror.nasl', which extracts the list of
CGIs used by a remote web server (and will do much more).
- fixed a problem in NASL due to the SSL patch that would cause
a fd leak with some plugins.
- added a new plugin category (ACT_DESTRUCTIVE_ATTACK) for plugins
that may harm the remote host.
- SSL certificates & key can be imported
- corrected a bug introduced in 1.1.0 that would make the client not display
the name of the plugin currently being run.
- sending signal SIGUSR1 to nessusd makes the grandfather process (the one
who listens on tcp ports) die without killing its children, thus
allowing a smooth upgrade of nessusd
- updated config.guess and config.sub
1.1.1 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed mem leaks in NASL
- fixed a bug introduced in 1.1.0 regarding recv_line()
- fixed a bug introduced in 1.1.0 in the process management of the plugins
(all the KB would not be filled, resulting in incomplete tests)
- smb_sid2user.nasl is twice as fast ;)
1.1.0 :
. changes by Devin Kowatch (devink at SDSC.EDU) :
- fixed communication problem between client and server
- user-defined timing policy in nmap
- nessus-update-plugins uses wget (or any user-supplied command at
compilation time) if available.
. changes by Michel Arboi (arboi at bigfoot.com) :
- support for the -T option of nmap
- SSL support
. changes by Zorgon (zorgon at antionline.org) :
- support for the --os_guess option of nmap
. changes by Renaud Deraison (deraison at nessus.org) :
- the user can upload files to plugins through the client (ie: it is possible
to upload nmap's results directly to the nmap plugin)
- tests can be run in parallel now
- each user is now granted a home by nessus-adduser
- added nessus-rmuser
- per users plugins
Of course several new plugins were added as well.
2002-05-10 15:18:44 +02:00
|
|
|
lib/nessus/plugins/rpc_kcms.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/rpc_keyserv.nasl
|
|
|
|
lib/nessus/plugins/rpc_llockmgr.nasl
|
|
|
|
lib/nessus/plugins/rpc_nfsd.nasl
|
|
|
|
lib/nessus/plugins/rpc_nlockmgr.nasl
|
|
|
|
lib/nessus/plugins/rpc_nsed.nasl
|
|
|
|
lib/nessus/plugins/rpc_nsemntd.nasl
|
|
|
|
lib/nessus/plugins/rpc_portmap.nasl
|
|
|
|
lib/nessus/plugins/rpc_rexd.nasl
|
|
|
|
lib/nessus/plugins/rpc_rje_mapper.nasl
|
|
|
|
lib/nessus/plugins/rpc_rquotad.nasl
|
|
|
|
lib/nessus/plugins/rpc_rstatd.nasl
|
|
|
|
lib/nessus/plugins/rpc_rusers.nasl
|
|
|
|
lib/nessus/plugins/rpc_sadmin.nasl
|
|
|
|
lib/nessus/plugins/rpc_sched.nasl
|
|
|
|
lib/nessus/plugins/rpc_selection.nasl
|
|
|
|
lib/nessus/plugins/rpc_showfhd.nasl
|
|
|
|
lib/nessus/plugins/rpc_snmp.nasl
|
|
|
|
lib/nessus/plugins/rpc_sprayd.nasl
|
|
|
|
lib/nessus/plugins/rpc_statd.nasl
|
|
|
|
lib/nessus/plugins/rpc_statmon.nasl
|
|
|
|
lib/nessus/plugins/rpc_sunlink_mapper.nasl
|
|
|
|
lib/nessus/plugins/rpc_tfsd.nasl
|
|
|
|
lib/nessus/plugins/rpc_tooltalk.nasl
|
2001-12-30 19:38:53 +01:00
|
|
|
lib/nessus/plugins/rpc_tooltalk_format_string.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/rpc_walld.nasl
|
|
|
|
lib/nessus/plugins/rpc_ypbind.nasl
|
|
|
|
lib/nessus/plugins/rpc_yppasswd.nasl
|
|
|
|
lib/nessus/plugins/rpc_ypupated.nasl
|
|
|
|
lib/nessus/plugins/rpc_ypxfrd.nasl
|
|
|
|
lib/nessus/plugins/rpm_query.nasl
|
|
|
|
lib/nessus/plugins/rsh.nasl
|
|
|
|
lib/nessus/plugins/rsh_users.nasl
|
2001-12-30 19:38:53 +01:00
|
|
|
lib/nessus/plugins/rtsp_detect.nasl
|
|
|
|
lib/nessus/plugins/rwhois_format_string.nasl
|
|
|
|
lib/nessus/plugins/rwhois_format_string2.nasl
|
|
|
|
lib/nessus/plugins/samba_arbitrary_file_creation.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/sambar_cgi.nasl
|
|
|
|
lib/nessus/plugins/sambar_mailit.nasl
|
2001-08-16 19:27:53 +02:00
|
|
|
lib/nessus/plugins/sambar_pagecount.nasl
|
2000-10-15 19:19:49 +02:00
|
|
|
lib/nessus/plugins/sambar_search_cgi.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/sambar_sendmail.nasl
|
|
|
|
lib/nessus/plugins/sambar_sysadmin.nasl
|
2001-06-17 15:25:54 +02:00
|
|
|
lib/nessus/plugins/savant_cgi_download.nasl
|
|
|
|
lib/nessus/plugins/savant_percent_dos.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/sawmill.nasl
|
|
|
|
lib/nessus/plugins/sawmill_password.nasl
|
2001-12-30 19:38:53 +01:00
|
|
|
lib/nessus/plugins/sdbsearch.nasl
|
2001-06-17 15:25:54 +02:00
|
|
|
lib/nessus/plugins/securemote.nasl
|
2001-08-16 19:27:53 +02:00
|
|
|
lib/nessus/plugins/securemote_info_leak.nasl
|
2001-06-17 15:25:54 +02:00
|
|
|
lib/nessus/plugins/sedum_dos.nasl
|
Update libnasl, nessus{-core,-libraries,-plugins} to 1.2.0.
1.1.15/1.2.0 :
. changes by Nicolas Dubee (ndubee@secway.com) :
- Better support for AF_UNIX sockets
. changes by Brian (bmc@snort.org) :
- CVE references
- several bugfixes in the plugins
. changes by Peter Gründl (pgrundl@kpmg.dk) and
Carsten Joergensen (carstenjoergensen@kpmg.dk) :
- Extensive review of the plugins and therefore numerous fixes
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- FD leak in save_kb.c fixed
. changes by Renaud Deraison (deraison at nessus.org)
- It is now possible to upload files to the server when using
the command line client
- lrand48() portability problems worked around
- fixed a bug in the report window that would make it crash
randomly
1.1.14 :
. changes by Renaud Deraison (deraison at nessus.org)
- SMB fixes (thanks to Michael Scheidell)
- When the safe checks option is enabled, dangerous tests with no
alternate code (ie: plugins of type ACT_DESTRUCTIVE_ATTACK and
ACT_DENIAL) are disabled
- Hosts can be designated by their MAC address of instead of their
IP address (mostly useful for DHCP networks)
- Fixed a bug in the report generation which would replace newlines (\n)
by semi-columns (;)
- Fixed a bug in the export of some types of reports, where open ports
with no data associated would not be saved
- Integrated THC's Hydra as a Nessus plugin
- Added new NT security checks (related to user management)
- Plugins of type ACT_SETTINGS can not be disabled
- Fixed a bug which would make nessusd hang when a scanner was reporting
too many open ports (as when a UDP scan reports all UDP ports as
being open)
. changes by Dion Stempfley (dion at riptech.com)
- The client can now filter on category
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- Fixed some plugins causing error messages in some circumstances
(dns_xfer.nasl, snmp_processes.nasl...)
- Stylish changes to prevent gcc -Wall from whining in some files
- XML NG output is now XML compliant
- Bug fixes
. changes by Jenni Scott (jenni.scott@guardent.com) and
Michael Slifcak (michael.slifcak@guardent.com) :
- Improved the reporting of the plugins (better consistency, better
wording)
1.1.13 :
. changes by Michel Arboi (arboi at algoriel.fr)
- New family ACT_SETTINGS dedicated to plugins which just let the user
enter some preferences
- Optional NIDS evasion techniques (url encoding, tcp slicing)
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug in the command line client which would make it ignore
some preferences
- SMB checks can now log into a Windows domain
- NIDS evasion techniques (data injection, short ttl)
- Fixed a bug which would randomly stall the scan
1.1.12 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workarounds on FreeBSD to prevent a kernel panic
(thanks to Michael Scheidell and Stefan Esser)
- nessus can export reports as other file formats again
1.1.11 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug regarding the saving of reports from the GUI
- Improved the backend in many ways (speed-wise, content-wise)
- Changes in the protocol
- More messages are sent between the server and the client (timestamps,
plugins version, ...)
- New .nbe file format, which looks like .nsr but has more information
in it
- Plugins now have versions numbers.
- The user can upload his plugins to the nessusd server from the client
- It is now possible to upload files to the server (ie: nmap's results) in
command-line mode
- Fixed false positives in SNMP plugins when launched against a non-configured
Solaris snmpd
. changes by Guillaume Valadon (guillaume at valadon.net)
- New XML output (the XML layout was defined by Lionel Cons [lionel.cons at cern.ch])
1.1.10 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug introduced in 1.1.9 which would sometimes prevent a user from
aborting an on-going test
- Fixed a bug in the client which would prevent the user from setting a port
range longer than 255 chars
- Fixed bugs in pcap_next() (thanks to Richard van den Berg). Also, pcap_next() is now more flexible.
- Fixed a bug in the command line client which would make it close the
communication too early when the client - server communication is not
ciphered
- Added an "auto-load dependencies at runtime" option
1.1.9 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fix in the GUI, when closing a saved report
- Fixed a bug in ftp_log_in() which would prevent nasl script from
logging into some FTP servers
- Solaris build problems fixed
- Darwin 1.4.1 build problems fixed
- MkLinux DR3 build problems fixed (is anyone using it anymore ?)
- GTK 1.0.x build problems fixed (the use of GTK 1.2 is recommended though)
- Fixed the "wrong call to getopt" problem which would make Nessus
segfault when built with cygwin, and which would prevent options
from working under Solaris & FreeBSD (thanks to Udo Schweigert)
- SMB checks speedup (thanks to Georges Dagousset's suggestion)
- Fixed a bug in the client - server communication that would make the
server close the communication when the client is idle
- Better support for AF_UNIX socket for client-server communication
(compile nessus-core with ./configure --enable-unix-socket)
- Plugins are disabled by default in batch mode
. changes by Michel Arboi (arboi at algoriel.fr)
- Client now properly checks the certificate of the server
. changes by Benoit Brodard (bbrodard at arkoon.net)
- fixed bugs in nasl/tcp.c (checksum, handling of unsigned int)
1.1.8 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workaround for systems with a low number of bpfs (OpenBSD, Darwin)
- Added some length checks for SMB checks
- No more zombies
- Fixed accounts.nes
- Fixed the reporting of the client (reports would be mixed)
- Client removes tempfiles when exiting
- Repaired ptyexecvp() which would not work on Solaris
- Slight bugfix in the NASL interpretor
. changes by Georges Dagousset (georges at alert4web.com)
- More optimizations
- Properly reloads KBs with the same value defined more than once
- Fixes in some plugins dependencies
. changes by Michael Slifcak <Michael.Slifcak at guardent.com>
- More nmap options
- Quiet mode in nessus-adduser
1.1.7 :
. changes by Renaud Deraison (deraison at nessus.org)
- Compiles on platforms without OpenSSL
- Better Solaris support
- Ported under Darwin (many thanks to Dieter Fiebelkorn
(dieter at fiebelkorn.net) who actually started the port and helped
me test this)
- Unscanned ports can now be considered as closed or open (instead of
just open), at user choice
- Upgraded to libtool 1.4.2
- fixed a bug in the client which would make it display the wrong report
when doing multiple scans
- enhanced the plugins filter (that appear when pressing 'l' in the GUI)
- fixed a serious problem in the SMB plugins which would prevent them to work
against Samba and which would make them slow against Windows (pointed out
by Georges Dagousset)
. changes by Iouri Pletnev (Iouri.Pletnec at xacta.com)
- Ported under Cygwin
. changes by Michel Arboi (arboi at algoriel.fr)
- Added nessus-mkrand for hosts with no /dev/random AND no EGD
running
1.1.6 :
. changes by Renaud Deraison (deraison at nessus.org)
- EGD support for OpenSSL (do ./configure --enable-egd=/path/to/egd/socket
in nessus-libraries)
- KB items are now stored with individual dates instead of a global
date for the whole KB file. Yes, this means you have to delete your
old KB files
- When an host could not be pinged, his KB is not altered (nor created)
- fixed memory leaks in nessusd
- nessus-mkcert checks that the certificates were really created
before congratulating the user
- fixed a security problem where anybody with a shell on the nessusd
host could log in
1.1.5 :
. changes by Georges Dagousset (georges.dagousset at alert4web.com) :
- new KB entries for further "optimizations"
- improved find_services.nes
. changes by Renaud Deraison (deraison at nessus.org) :
- cleaned up the KB
- added doc/kb_entries.txt
- bugfix in find_services regarding the pem password
- new reporting GUI
- fixed a problem which would leave some plugin run against a host
considered as dead
- the KB are now stored with properly escaped \n and \r chars
- greatly improved tcp_ping.nasl (and tcp_ping() in libnasl)
. changes by Michel Arboi (arboi at algoriel.fr) :
- replaced PEKS by OpenSSL in the client/server communication
. changes by H D Moore (hdm@secureaustin.com)
- fixed no404.nasl
1.1.4 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed find_services.nes
- plugins that are slow to finish are _really_ killed by the server
- the client better handles the scan of big networks
- nmap_wrapper now updates its progress bar
- nessus-update-plugins support proxies (with or without authentication)
- monitor_backend.c and data_mining.c allow any developer to plug
a database behind the client (by default flatfiles are used)
- bug fixed in nmap_wrapper which would make it kill its parent
process randomly
- minor fix in the tcp_ping() function of NASL (ack would be set
to non-zero for a syn packet)
- fixed Alexis's ftp_write_dirs.nes & ftp_bounce_scan.nes
. changes by Michel Arboi (arboi at noos.fr) :
- find_services accepts password-protected .pem files
- patches in the way files were transmitted between the client
and the server (which could end up in a deadlock)
. changes by Alexis de Bernis <alexisb at tpfh.org) :
- fixed ftp_write_dirs.nes
1.1.3 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'torturecgis.nasl' which supplies bogus args to
the remote CGIs, in order to find the most blantantly broken
ones
- webmirror.nasl now retrieves the list of arguments of each
CGI.
- added filter support in the client. Use the key 'l' to filter
out plugins you don't want to see.
- added the 'safe checks' option which allow the user to not disturb
the network (but which weakens the Nessus tests)
- disabled backward support for port 3001 - the official port
is 1241 now.
1.1.2 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'webmirror.nasl', which extracts the list of
CGIs used by a remote web server (and will do much more).
- fixed a problem in NASL due to the SSL patch that would cause
a fd leak with some plugins.
- added a new plugin category (ACT_DESTRUCTIVE_ATTACK) for plugins
that may harm the remote host.
- SSL certificates & key can be imported
- corrected a bug introduced in 1.1.0 that would make the client not display
the name of the plugin currently being run.
- sending signal SIGUSR1 to nessusd makes the grandfather process (the one
who listens on tcp ports) die without killing its children, thus
allowing a smooth upgrade of nessusd
- updated config.guess and config.sub
1.1.1 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed mem leaks in NASL
- fixed a bug introduced in 1.1.0 regarding recv_line()
- fixed a bug introduced in 1.1.0 in the process management of the plugins
(all the KB would not be filled, resulting in incomplete tests)
- smb_sid2user.nasl is twice as fast ;)
1.1.0 :
. changes by Devin Kowatch (devink at SDSC.EDU) :
- fixed communication problem between client and server
- user-defined timing policy in nmap
- nessus-update-plugins uses wget (or any user-supplied command at
compilation time) if available.
. changes by Michel Arboi (arboi at bigfoot.com) :
- support for the -T option of nmap
- SSL support
. changes by Zorgon (zorgon at antionline.org) :
- support for the --os_guess option of nmap
. changes by Renaud Deraison (deraison at nessus.org) :
- the user can upload files to plugins through the client (ie: it is possible
to upload nmap's results directly to the nmap plugin)
- tests can be run in parallel now
- each user is now granted a home by nessus-adduser
- added nessus-rmuser
- per users plugins
Of course several new plugins were added as well.
2002-05-10 15:18:44 +02:00
|
|
|
lib/nessus/plugins/sendmail_bt_switch.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/sendmail_debug.nasl
|
|
|
|
lib/nessus/plugins/sendmail_decode.nasl
|
|
|
|
lib/nessus/plugins/sendmail_expn.nasl
|
2001-12-30 19:38:53 +01:00
|
|
|
lib/nessus/plugins/sendmail_local_overflow.nasl
|
2001-01-28 19:52:32 +01:00
|
|
|
lib/nessus/plugins/sendmail_mime_overflow.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/sendmail_redirection.nasl
|
2001-06-17 15:25:54 +02:00
|
|
|
lib/nessus/plugins/sendtemp.nasl
|
2001-12-30 19:38:53 +01:00
|
|
|
lib/nessus/plugins/sglmerchant_information_disclosure.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/shaft.nasl
|
|
|
|
lib/nessus/plugins/shells.nasl
|
2000-10-15 19:19:49 +02:00
|
|
|
lib/nessus/plugins/shiva_default_pass.nasl
|
2001-12-30 19:38:53 +01:00
|
|
|
lib/nessus/plugins/shopping_cart_information_disclosure.nasl
|
|
|
|
lib/nessus/plugins/shopplus_information_disclosure.nasl
|
|
|
|
lib/nessus/plugins/shoutcast_version.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/showmount.nasl
|
Update libnasl, nessus{-core,-libraries,-plugins} to 1.2.0.
1.1.15/1.2.0 :
. changes by Nicolas Dubee (ndubee@secway.com) :
- Better support for AF_UNIX sockets
. changes by Brian (bmc@snort.org) :
- CVE references
- several bugfixes in the plugins
. changes by Peter Gründl (pgrundl@kpmg.dk) and
Carsten Joergensen (carstenjoergensen@kpmg.dk) :
- Extensive review of the plugins and therefore numerous fixes
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- FD leak in save_kb.c fixed
. changes by Renaud Deraison (deraison at nessus.org)
- It is now possible to upload files to the server when using
the command line client
- lrand48() portability problems worked around
- fixed a bug in the report window that would make it crash
randomly
1.1.14 :
. changes by Renaud Deraison (deraison at nessus.org)
- SMB fixes (thanks to Michael Scheidell)
- When the safe checks option is enabled, dangerous tests with no
alternate code (ie: plugins of type ACT_DESTRUCTIVE_ATTACK and
ACT_DENIAL) are disabled
- Hosts can be designated by their MAC address of instead of their
IP address (mostly useful for DHCP networks)
- Fixed a bug in the report generation which would replace newlines (\n)
by semi-columns (;)
- Fixed a bug in the export of some types of reports, where open ports
with no data associated would not be saved
- Integrated THC's Hydra as a Nessus plugin
- Added new NT security checks (related to user management)
- Plugins of type ACT_SETTINGS can not be disabled
- Fixed a bug which would make nessusd hang when a scanner was reporting
too many open ports (as when a UDP scan reports all UDP ports as
being open)
. changes by Dion Stempfley (dion at riptech.com)
- The client can now filter on category
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- Fixed some plugins causing error messages in some circumstances
(dns_xfer.nasl, snmp_processes.nasl...)
- Stylish changes to prevent gcc -Wall from whining in some files
- XML NG output is now XML compliant
- Bug fixes
. changes by Jenni Scott (jenni.scott@guardent.com) and
Michael Slifcak (michael.slifcak@guardent.com) :
- Improved the reporting of the plugins (better consistency, better
wording)
1.1.13 :
. changes by Michel Arboi (arboi at algoriel.fr)
- New family ACT_SETTINGS dedicated to plugins which just let the user
enter some preferences
- Optional NIDS evasion techniques (url encoding, tcp slicing)
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug in the command line client which would make it ignore
some preferences
- SMB checks can now log into a Windows domain
- NIDS evasion techniques (data injection, short ttl)
- Fixed a bug which would randomly stall the scan
1.1.12 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workarounds on FreeBSD to prevent a kernel panic
(thanks to Michael Scheidell and Stefan Esser)
- nessus can export reports as other file formats again
1.1.11 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug regarding the saving of reports from the GUI
- Improved the backend in many ways (speed-wise, content-wise)
- Changes in the protocol
- More messages are sent between the server and the client (timestamps,
plugins version, ...)
- New .nbe file format, which looks like .nsr but has more information
in it
- Plugins now have versions numbers.
- The user can upload his plugins to the nessusd server from the client
- It is now possible to upload files to the server (ie: nmap's results) in
command-line mode
- Fixed false positives in SNMP plugins when launched against a non-configured
Solaris snmpd
. changes by Guillaume Valadon (guillaume at valadon.net)
- New XML output (the XML layout was defined by Lionel Cons [lionel.cons at cern.ch])
1.1.10 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug introduced in 1.1.9 which would sometimes prevent a user from
aborting an on-going test
- Fixed a bug in the client which would prevent the user from setting a port
range longer than 255 chars
- Fixed bugs in pcap_next() (thanks to Richard van den Berg). Also, pcap_next() is now more flexible.
- Fixed a bug in the command line client which would make it close the
communication too early when the client - server communication is not
ciphered
- Added an "auto-load dependencies at runtime" option
1.1.9 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fix in the GUI, when closing a saved report
- Fixed a bug in ftp_log_in() which would prevent nasl script from
logging into some FTP servers
- Solaris build problems fixed
- Darwin 1.4.1 build problems fixed
- MkLinux DR3 build problems fixed (is anyone using it anymore ?)
- GTK 1.0.x build problems fixed (the use of GTK 1.2 is recommended though)
- Fixed the "wrong call to getopt" problem which would make Nessus
segfault when built with cygwin, and which would prevent options
from working under Solaris & FreeBSD (thanks to Udo Schweigert)
- SMB checks speedup (thanks to Georges Dagousset's suggestion)
- Fixed a bug in the client - server communication that would make the
server close the communication when the client is idle
- Better support for AF_UNIX socket for client-server communication
(compile nessus-core with ./configure --enable-unix-socket)
- Plugins are disabled by default in batch mode
. changes by Michel Arboi (arboi at algoriel.fr)
- Client now properly checks the certificate of the server
. changes by Benoit Brodard (bbrodard at arkoon.net)
- fixed bugs in nasl/tcp.c (checksum, handling of unsigned int)
1.1.8 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workaround for systems with a low number of bpfs (OpenBSD, Darwin)
- Added some length checks for SMB checks
- No more zombies
- Fixed accounts.nes
- Fixed the reporting of the client (reports would be mixed)
- Client removes tempfiles when exiting
- Repaired ptyexecvp() which would not work on Solaris
- Slight bugfix in the NASL interpretor
. changes by Georges Dagousset (georges at alert4web.com)
- More optimizations
- Properly reloads KBs with the same value defined more than once
- Fixes in some plugins dependencies
. changes by Michael Slifcak <Michael.Slifcak at guardent.com>
- More nmap options
- Quiet mode in nessus-adduser
1.1.7 :
. changes by Renaud Deraison (deraison at nessus.org)
- Compiles on platforms without OpenSSL
- Better Solaris support
- Ported under Darwin (many thanks to Dieter Fiebelkorn
(dieter at fiebelkorn.net) who actually started the port and helped
me test this)
- Unscanned ports can now be considered as closed or open (instead of
just open), at user choice
- Upgraded to libtool 1.4.2
- fixed a bug in the client which would make it display the wrong report
when doing multiple scans
- enhanced the plugins filter (that appear when pressing 'l' in the GUI)
- fixed a serious problem in the SMB plugins which would prevent them to work
against Samba and which would make them slow against Windows (pointed out
by Georges Dagousset)
. changes by Iouri Pletnev (Iouri.Pletnec at xacta.com)
- Ported under Cygwin
. changes by Michel Arboi (arboi at algoriel.fr)
- Added nessus-mkrand for hosts with no /dev/random AND no EGD
running
1.1.6 :
. changes by Renaud Deraison (deraison at nessus.org)
- EGD support for OpenSSL (do ./configure --enable-egd=/path/to/egd/socket
in nessus-libraries)
- KB items are now stored with individual dates instead of a global
date for the whole KB file. Yes, this means you have to delete your
old KB files
- When an host could not be pinged, his KB is not altered (nor created)
- fixed memory leaks in nessusd
- nessus-mkcert checks that the certificates were really created
before congratulating the user
- fixed a security problem where anybody with a shell on the nessusd
host could log in
1.1.5 :
. changes by Georges Dagousset (georges.dagousset at alert4web.com) :
- new KB entries for further "optimizations"
- improved find_services.nes
. changes by Renaud Deraison (deraison at nessus.org) :
- cleaned up the KB
- added doc/kb_entries.txt
- bugfix in find_services regarding the pem password
- new reporting GUI
- fixed a problem which would leave some plugin run against a host
considered as dead
- the KB are now stored with properly escaped \n and \r chars
- greatly improved tcp_ping.nasl (and tcp_ping() in libnasl)
. changes by Michel Arboi (arboi at algoriel.fr) :
- replaced PEKS by OpenSSL in the client/server communication
. changes by H D Moore (hdm@secureaustin.com)
- fixed no404.nasl
1.1.4 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed find_services.nes
- plugins that are slow to finish are _really_ killed by the server
- the client better handles the scan of big networks
- nmap_wrapper now updates its progress bar
- nessus-update-plugins support proxies (with or without authentication)
- monitor_backend.c and data_mining.c allow any developer to plug
a database behind the client (by default flatfiles are used)
- bug fixed in nmap_wrapper which would make it kill its parent
process randomly
- minor fix in the tcp_ping() function of NASL (ack would be set
to non-zero for a syn packet)
- fixed Alexis's ftp_write_dirs.nes & ftp_bounce_scan.nes
. changes by Michel Arboi (arboi at noos.fr) :
- find_services accepts password-protected .pem files
- patches in the way files were transmitted between the client
and the server (which could end up in a deadlock)
. changes by Alexis de Bernis <alexisb at tpfh.org) :
- fixed ftp_write_dirs.nes
1.1.3 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'torturecgis.nasl' which supplies bogus args to
the remote CGIs, in order to find the most blantantly broken
ones
- webmirror.nasl now retrieves the list of arguments of each
CGI.
- added filter support in the client. Use the key 'l' to filter
out plugins you don't want to see.
- added the 'safe checks' option which allow the user to not disturb
the network (but which weakens the Nessus tests)
- disabled backward support for port 3001 - the official port
is 1241 now.
1.1.2 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'webmirror.nasl', which extracts the list of
CGIs used by a remote web server (and will do much more).
- fixed a problem in NASL due to the SSL patch that would cause
a fd leak with some plugins.
- added a new plugin category (ACT_DESTRUCTIVE_ATTACK) for plugins
that may harm the remote host.
- SSL certificates & key can be imported
- corrected a bug introduced in 1.1.0 that would make the client not display
the name of the plugin currently being run.
- sending signal SIGUSR1 to nessusd makes the grandfather process (the one
who listens on tcp ports) die without killing its children, thus
allowing a smooth upgrade of nessusd
- updated config.guess and config.sub
1.1.1 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed mem leaks in NASL
- fixed a bug introduced in 1.1.0 regarding recv_line()
- fixed a bug introduced in 1.1.0 in the process management of the plugins
(all the KB would not be filled, resulting in incomplete tests)
- smb_sid2user.nasl is twice as fast ;)
1.1.0 :
. changes by Devin Kowatch (devink at SDSC.EDU) :
- fixed communication problem between client and server
- user-defined timing policy in nmap
- nessus-update-plugins uses wget (or any user-supplied command at
compilation time) if available.
. changes by Michel Arboi (arboi at bigfoot.com) :
- support for the -T option of nmap
- SSL support
. changes by Zorgon (zorgon at antionline.org) :
- support for the --os_guess option of nmap
. changes by Renaud Deraison (deraison at nessus.org) :
- the user can upload files to plugins through the client (ie: it is possible
to upload nmap's results directly to the nmap plugin)
- tests can be run in parallel now
- each user is now granted a home by nessus-adduser
- added nessus-rmuser
- per users plugins
Of course several new plugins were added as well.
2002-05-10 15:18:44 +02:00
|
|
|
lib/nessus/plugins/silverstream_database.nasl
|
|
|
|
lib/nessus/plugins/silverstream_dirlisting.nasl
|
2001-08-16 19:27:53 +02:00
|
|
|
lib/nessus/plugins/simplewww.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/siteUserMod.nasl
|
2001-12-30 19:38:53 +01:00
|
|
|
lib/nessus/plugins/sitescope_management_server.nasl
|
|
|
|
lib/nessus/plugins/sitescope_web_admin_server.nasl
|
|
|
|
lib/nessus/plugins/six_webboard.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/slmail.nasl
|
|
|
|
lib/nessus/plugins/slmail27.nasl
|
|
|
|
lib/nessus/plugins/slmail_helo.nasl
|
|
|
|
lib/nessus/plugins/smad.nes
|
|
|
|
lib/nessus/plugins/smartserver_pop_overflow.nasl
|
|
|
|
lib/nessus/plugins/smb_accessible_shares.nasl
|
2000-11-12 05:32:02 +01:00
|
|
|
lib/nessus/plugins/smb_bruteforce_pass.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/smb_crash_winlogon.nasl
|
|
|
|
lib/nessus/plugins/smb_dom2sid.nasl
|
|
|
|
lib/nessus/plugins/smb_enum_services.nasl
|
|
|
|
lib/nessus/plugins/smb_enum_shares.nasl
|
Update libnasl, nessus{-core,-libraries,-plugins} to 1.2.0.
1.1.15/1.2.0 :
. changes by Nicolas Dubee (ndubee@secway.com) :
- Better support for AF_UNIX sockets
. changes by Brian (bmc@snort.org) :
- CVE references
- several bugfixes in the plugins
. changes by Peter Gründl (pgrundl@kpmg.dk) and
Carsten Joergensen (carstenjoergensen@kpmg.dk) :
- Extensive review of the plugins and therefore numerous fixes
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- FD leak in save_kb.c fixed
. changes by Renaud Deraison (deraison at nessus.org)
- It is now possible to upload files to the server when using
the command line client
- lrand48() portability problems worked around
- fixed a bug in the report window that would make it crash
randomly
1.1.14 :
. changes by Renaud Deraison (deraison at nessus.org)
- SMB fixes (thanks to Michael Scheidell)
- When the safe checks option is enabled, dangerous tests with no
alternate code (ie: plugins of type ACT_DESTRUCTIVE_ATTACK and
ACT_DENIAL) are disabled
- Hosts can be designated by their MAC address of instead of their
IP address (mostly useful for DHCP networks)
- Fixed a bug in the report generation which would replace newlines (\n)
by semi-columns (;)
- Fixed a bug in the export of some types of reports, where open ports
with no data associated would not be saved
- Integrated THC's Hydra as a Nessus plugin
- Added new NT security checks (related to user management)
- Plugins of type ACT_SETTINGS can not be disabled
- Fixed a bug which would make nessusd hang when a scanner was reporting
too many open ports (as when a UDP scan reports all UDP ports as
being open)
. changes by Dion Stempfley (dion at riptech.com)
- The client can now filter on category
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- Fixed some plugins causing error messages in some circumstances
(dns_xfer.nasl, snmp_processes.nasl...)
- Stylish changes to prevent gcc -Wall from whining in some files
- XML NG output is now XML compliant
- Bug fixes
. changes by Jenni Scott (jenni.scott@guardent.com) and
Michael Slifcak (michael.slifcak@guardent.com) :
- Improved the reporting of the plugins (better consistency, better
wording)
1.1.13 :
. changes by Michel Arboi (arboi at algoriel.fr)
- New family ACT_SETTINGS dedicated to plugins which just let the user
enter some preferences
- Optional NIDS evasion techniques (url encoding, tcp slicing)
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug in the command line client which would make it ignore
some preferences
- SMB checks can now log into a Windows domain
- NIDS evasion techniques (data injection, short ttl)
- Fixed a bug which would randomly stall the scan
1.1.12 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workarounds on FreeBSD to prevent a kernel panic
(thanks to Michael Scheidell and Stefan Esser)
- nessus can export reports as other file formats again
1.1.11 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug regarding the saving of reports from the GUI
- Improved the backend in many ways (speed-wise, content-wise)
- Changes in the protocol
- More messages are sent between the server and the client (timestamps,
plugins version, ...)
- New .nbe file format, which looks like .nsr but has more information
in it
- Plugins now have versions numbers.
- The user can upload his plugins to the nessusd server from the client
- It is now possible to upload files to the server (ie: nmap's results) in
command-line mode
- Fixed false positives in SNMP plugins when launched against a non-configured
Solaris snmpd
. changes by Guillaume Valadon (guillaume at valadon.net)
- New XML output (the XML layout was defined by Lionel Cons [lionel.cons at cern.ch])
1.1.10 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug introduced in 1.1.9 which would sometimes prevent a user from
aborting an on-going test
- Fixed a bug in the client which would prevent the user from setting a port
range longer than 255 chars
- Fixed bugs in pcap_next() (thanks to Richard van den Berg). Also, pcap_next() is now more flexible.
- Fixed a bug in the command line client which would make it close the
communication too early when the client - server communication is not
ciphered
- Added an "auto-load dependencies at runtime" option
1.1.9 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fix in the GUI, when closing a saved report
- Fixed a bug in ftp_log_in() which would prevent nasl script from
logging into some FTP servers
- Solaris build problems fixed
- Darwin 1.4.1 build problems fixed
- MkLinux DR3 build problems fixed (is anyone using it anymore ?)
- GTK 1.0.x build problems fixed (the use of GTK 1.2 is recommended though)
- Fixed the "wrong call to getopt" problem which would make Nessus
segfault when built with cygwin, and which would prevent options
from working under Solaris & FreeBSD (thanks to Udo Schweigert)
- SMB checks speedup (thanks to Georges Dagousset's suggestion)
- Fixed a bug in the client - server communication that would make the
server close the communication when the client is idle
- Better support for AF_UNIX socket for client-server communication
(compile nessus-core with ./configure --enable-unix-socket)
- Plugins are disabled by default in batch mode
. changes by Michel Arboi (arboi at algoriel.fr)
- Client now properly checks the certificate of the server
. changes by Benoit Brodard (bbrodard at arkoon.net)
- fixed bugs in nasl/tcp.c (checksum, handling of unsigned int)
1.1.8 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workaround for systems with a low number of bpfs (OpenBSD, Darwin)
- Added some length checks for SMB checks
- No more zombies
- Fixed accounts.nes
- Fixed the reporting of the client (reports would be mixed)
- Client removes tempfiles when exiting
- Repaired ptyexecvp() which would not work on Solaris
- Slight bugfix in the NASL interpretor
. changes by Georges Dagousset (georges at alert4web.com)
- More optimizations
- Properly reloads KBs with the same value defined more than once
- Fixes in some plugins dependencies
. changes by Michael Slifcak <Michael.Slifcak at guardent.com>
- More nmap options
- Quiet mode in nessus-adduser
1.1.7 :
. changes by Renaud Deraison (deraison at nessus.org)
- Compiles on platforms without OpenSSL
- Better Solaris support
- Ported under Darwin (many thanks to Dieter Fiebelkorn
(dieter at fiebelkorn.net) who actually started the port and helped
me test this)
- Unscanned ports can now be considered as closed or open (instead of
just open), at user choice
- Upgraded to libtool 1.4.2
- fixed a bug in the client which would make it display the wrong report
when doing multiple scans
- enhanced the plugins filter (that appear when pressing 'l' in the GUI)
- fixed a serious problem in the SMB plugins which would prevent them to work
against Samba and which would make them slow against Windows (pointed out
by Georges Dagousset)
. changes by Iouri Pletnev (Iouri.Pletnec at xacta.com)
- Ported under Cygwin
. changes by Michel Arboi (arboi at algoriel.fr)
- Added nessus-mkrand for hosts with no /dev/random AND no EGD
running
1.1.6 :
. changes by Renaud Deraison (deraison at nessus.org)
- EGD support for OpenSSL (do ./configure --enable-egd=/path/to/egd/socket
in nessus-libraries)
- KB items are now stored with individual dates instead of a global
date for the whole KB file. Yes, this means you have to delete your
old KB files
- When an host could not be pinged, his KB is not altered (nor created)
- fixed memory leaks in nessusd
- nessus-mkcert checks that the certificates were really created
before congratulating the user
- fixed a security problem where anybody with a shell on the nessusd
host could log in
1.1.5 :
. changes by Georges Dagousset (georges.dagousset at alert4web.com) :
- new KB entries for further "optimizations"
- improved find_services.nes
. changes by Renaud Deraison (deraison at nessus.org) :
- cleaned up the KB
- added doc/kb_entries.txt
- bugfix in find_services regarding the pem password
- new reporting GUI
- fixed a problem which would leave some plugin run against a host
considered as dead
- the KB are now stored with properly escaped \n and \r chars
- greatly improved tcp_ping.nasl (and tcp_ping() in libnasl)
. changes by Michel Arboi (arboi at algoriel.fr) :
- replaced PEKS by OpenSSL in the client/server communication
. changes by H D Moore (hdm@secureaustin.com)
- fixed no404.nasl
1.1.4 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed find_services.nes
- plugins that are slow to finish are _really_ killed by the server
- the client better handles the scan of big networks
- nmap_wrapper now updates its progress bar
- nessus-update-plugins support proxies (with or without authentication)
- monitor_backend.c and data_mining.c allow any developer to plug
a database behind the client (by default flatfiles are used)
- bug fixed in nmap_wrapper which would make it kill its parent
process randomly
- minor fix in the tcp_ping() function of NASL (ack would be set
to non-zero for a syn packet)
- fixed Alexis's ftp_write_dirs.nes & ftp_bounce_scan.nes
. changes by Michel Arboi (arboi at noos.fr) :
- find_services accepts password-protected .pem files
- patches in the way files were transmitted between the client
and the server (which could end up in a deadlock)
. changes by Alexis de Bernis <alexisb at tpfh.org) :
- fixed ftp_write_dirs.nes
1.1.3 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'torturecgis.nasl' which supplies bogus args to
the remote CGIs, in order to find the most blantantly broken
ones
- webmirror.nasl now retrieves the list of arguments of each
CGI.
- added filter support in the client. Use the key 'l' to filter
out plugins you don't want to see.
- added the 'safe checks' option which allow the user to not disturb
the network (but which weakens the Nessus tests)
- disabled backward support for port 3001 - the official port
is 1241 now.
1.1.2 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'webmirror.nasl', which extracts the list of
CGIs used by a remote web server (and will do much more).
- fixed a problem in NASL due to the SSL patch that would cause
a fd leak with some plugins.
- added a new plugin category (ACT_DESTRUCTIVE_ATTACK) for plugins
that may harm the remote host.
- SSL certificates & key can be imported
- corrected a bug introduced in 1.1.0 that would make the client not display
the name of the plugin currently being run.
- sending signal SIGUSR1 to nessusd makes the grandfather process (the one
who listens on tcp ports) die without killing its children, thus
allowing a smooth upgrade of nessusd
- updated config.guess and config.sub
1.1.1 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed mem leaks in NASL
- fixed a bug introduced in 1.1.0 regarding recv_line()
- fixed a bug introduced in 1.1.0 in the process management of the plugins
(all the KB would not be filled, resulting in incomplete tests)
- smb_sid2user.nasl is twice as fast ;)
1.1.0 :
. changes by Devin Kowatch (devink at SDSC.EDU) :
- fixed communication problem between client and server
- user-defined timing policy in nmap
- nessus-update-plugins uses wget (or any user-supplied command at
compilation time) if available.
. changes by Michel Arboi (arboi at bigfoot.com) :
- support for the -T option of nmap
- SSL support
. changes by Zorgon (zorgon at antionline.org) :
- support for the --os_guess option of nmap
. changes by Renaud Deraison (deraison at nessus.org) :
- the user can upload files to plugins through the client (ie: it is possible
to upload nmap's results directly to the nmap plugin)
- tests can be run in parallel now
- each user is now granted a home by nessus-adduser
- added nessus-rmuser
- per users plugins
Of course several new plugins were added as well.
2002-05-10 15:18:44 +02:00
|
|
|
lib/nessus/plugins/smb_group_account_op.nasl
|
|
|
|
lib/nessus/plugins/smb_group_admin.nasl
|
|
|
|
lib/nessus/plugins/smb_group_backup_op.nasl
|
|
|
|
lib/nessus/plugins/smb_group_domain_admin.nasl
|
|
|
|
lib/nessus/plugins/smb_group_print_op.nasl
|
|
|
|
lib/nessus/plugins/smb_group_replicator.nasl
|
|
|
|
lib/nessus/plugins/smb_group_system_op.nasl
|
|
|
|
lib/nessus/plugins/smb_groups_guest.nasl
|
|
|
|
lib/nessus/plugins/smb_host2sid.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/smb_lanman_browse_list.nasl
|
Update libnasl, nessus{-core,-libraries,-plugins} to 1.2.0.
1.1.15/1.2.0 :
. changes by Nicolas Dubee (ndubee@secway.com) :
- Better support for AF_UNIX sockets
. changes by Brian (bmc@snort.org) :
- CVE references
- several bugfixes in the plugins
. changes by Peter Gründl (pgrundl@kpmg.dk) and
Carsten Joergensen (carstenjoergensen@kpmg.dk) :
- Extensive review of the plugins and therefore numerous fixes
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- FD leak in save_kb.c fixed
. changes by Renaud Deraison (deraison at nessus.org)
- It is now possible to upload files to the server when using
the command line client
- lrand48() portability problems worked around
- fixed a bug in the report window that would make it crash
randomly
1.1.14 :
. changes by Renaud Deraison (deraison at nessus.org)
- SMB fixes (thanks to Michael Scheidell)
- When the safe checks option is enabled, dangerous tests with no
alternate code (ie: plugins of type ACT_DESTRUCTIVE_ATTACK and
ACT_DENIAL) are disabled
- Hosts can be designated by their MAC address of instead of their
IP address (mostly useful for DHCP networks)
- Fixed a bug in the report generation which would replace newlines (\n)
by semi-columns (;)
- Fixed a bug in the export of some types of reports, where open ports
with no data associated would not be saved
- Integrated THC's Hydra as a Nessus plugin
- Added new NT security checks (related to user management)
- Plugins of type ACT_SETTINGS can not be disabled
- Fixed a bug which would make nessusd hang when a scanner was reporting
too many open ports (as when a UDP scan reports all UDP ports as
being open)
. changes by Dion Stempfley (dion at riptech.com)
- The client can now filter on category
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- Fixed some plugins causing error messages in some circumstances
(dns_xfer.nasl, snmp_processes.nasl...)
- Stylish changes to prevent gcc -Wall from whining in some files
- XML NG output is now XML compliant
- Bug fixes
. changes by Jenni Scott (jenni.scott@guardent.com) and
Michael Slifcak (michael.slifcak@guardent.com) :
- Improved the reporting of the plugins (better consistency, better
wording)
1.1.13 :
. changes by Michel Arboi (arboi at algoriel.fr)
- New family ACT_SETTINGS dedicated to plugins which just let the user
enter some preferences
- Optional NIDS evasion techniques (url encoding, tcp slicing)
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug in the command line client which would make it ignore
some preferences
- SMB checks can now log into a Windows domain
- NIDS evasion techniques (data injection, short ttl)
- Fixed a bug which would randomly stall the scan
1.1.12 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workarounds on FreeBSD to prevent a kernel panic
(thanks to Michael Scheidell and Stefan Esser)
- nessus can export reports as other file formats again
1.1.11 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug regarding the saving of reports from the GUI
- Improved the backend in many ways (speed-wise, content-wise)
- Changes in the protocol
- More messages are sent between the server and the client (timestamps,
plugins version, ...)
- New .nbe file format, which looks like .nsr but has more information
in it
- Plugins now have versions numbers.
- The user can upload his plugins to the nessusd server from the client
- It is now possible to upload files to the server (ie: nmap's results) in
command-line mode
- Fixed false positives in SNMP plugins when launched against a non-configured
Solaris snmpd
. changes by Guillaume Valadon (guillaume at valadon.net)
- New XML output (the XML layout was defined by Lionel Cons [lionel.cons at cern.ch])
1.1.10 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug introduced in 1.1.9 which would sometimes prevent a user from
aborting an on-going test
- Fixed a bug in the client which would prevent the user from setting a port
range longer than 255 chars
- Fixed bugs in pcap_next() (thanks to Richard van den Berg). Also, pcap_next() is now more flexible.
- Fixed a bug in the command line client which would make it close the
communication too early when the client - server communication is not
ciphered
- Added an "auto-load dependencies at runtime" option
1.1.9 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fix in the GUI, when closing a saved report
- Fixed a bug in ftp_log_in() which would prevent nasl script from
logging into some FTP servers
- Solaris build problems fixed
- Darwin 1.4.1 build problems fixed
- MkLinux DR3 build problems fixed (is anyone using it anymore ?)
- GTK 1.0.x build problems fixed (the use of GTK 1.2 is recommended though)
- Fixed the "wrong call to getopt" problem which would make Nessus
segfault when built with cygwin, and which would prevent options
from working under Solaris & FreeBSD (thanks to Udo Schweigert)
- SMB checks speedup (thanks to Georges Dagousset's suggestion)
- Fixed a bug in the client - server communication that would make the
server close the communication when the client is idle
- Better support for AF_UNIX socket for client-server communication
(compile nessus-core with ./configure --enable-unix-socket)
- Plugins are disabled by default in batch mode
. changes by Michel Arboi (arboi at algoriel.fr)
- Client now properly checks the certificate of the server
. changes by Benoit Brodard (bbrodard at arkoon.net)
- fixed bugs in nasl/tcp.c (checksum, handling of unsigned int)
1.1.8 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workaround for systems with a low number of bpfs (OpenBSD, Darwin)
- Added some length checks for SMB checks
- No more zombies
- Fixed accounts.nes
- Fixed the reporting of the client (reports would be mixed)
- Client removes tempfiles when exiting
- Repaired ptyexecvp() which would not work on Solaris
- Slight bugfix in the NASL interpretor
. changes by Georges Dagousset (georges at alert4web.com)
- More optimizations
- Properly reloads KBs with the same value defined more than once
- Fixes in some plugins dependencies
. changes by Michael Slifcak <Michael.Slifcak at guardent.com>
- More nmap options
- Quiet mode in nessus-adduser
1.1.7 :
. changes by Renaud Deraison (deraison at nessus.org)
- Compiles on platforms without OpenSSL
- Better Solaris support
- Ported under Darwin (many thanks to Dieter Fiebelkorn
(dieter at fiebelkorn.net) who actually started the port and helped
me test this)
- Unscanned ports can now be considered as closed or open (instead of
just open), at user choice
- Upgraded to libtool 1.4.2
- fixed a bug in the client which would make it display the wrong report
when doing multiple scans
- enhanced the plugins filter (that appear when pressing 'l' in the GUI)
- fixed a serious problem in the SMB plugins which would prevent them to work
against Samba and which would make them slow against Windows (pointed out
by Georges Dagousset)
. changes by Iouri Pletnev (Iouri.Pletnec at xacta.com)
- Ported under Cygwin
. changes by Michel Arboi (arboi at algoriel.fr)
- Added nessus-mkrand for hosts with no /dev/random AND no EGD
running
1.1.6 :
. changes by Renaud Deraison (deraison at nessus.org)
- EGD support for OpenSSL (do ./configure --enable-egd=/path/to/egd/socket
in nessus-libraries)
- KB items are now stored with individual dates instead of a global
date for the whole KB file. Yes, this means you have to delete your
old KB files
- When an host could not be pinged, his KB is not altered (nor created)
- fixed memory leaks in nessusd
- nessus-mkcert checks that the certificates were really created
before congratulating the user
- fixed a security problem where anybody with a shell on the nessusd
host could log in
1.1.5 :
. changes by Georges Dagousset (georges.dagousset at alert4web.com) :
- new KB entries for further "optimizations"
- improved find_services.nes
. changes by Renaud Deraison (deraison at nessus.org) :
- cleaned up the KB
- added doc/kb_entries.txt
- bugfix in find_services regarding the pem password
- new reporting GUI
- fixed a problem which would leave some plugin run against a host
considered as dead
- the KB are now stored with properly escaped \n and \r chars
- greatly improved tcp_ping.nasl (and tcp_ping() in libnasl)
. changes by Michel Arboi (arboi at algoriel.fr) :
- replaced PEKS by OpenSSL in the client/server communication
. changes by H D Moore (hdm@secureaustin.com)
- fixed no404.nasl
1.1.4 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed find_services.nes
- plugins that are slow to finish are _really_ killed by the server
- the client better handles the scan of big networks
- nmap_wrapper now updates its progress bar
- nessus-update-plugins support proxies (with or without authentication)
- monitor_backend.c and data_mining.c allow any developer to plug
a database behind the client (by default flatfiles are used)
- bug fixed in nmap_wrapper which would make it kill its parent
process randomly
- minor fix in the tcp_ping() function of NASL (ack would be set
to non-zero for a syn packet)
- fixed Alexis's ftp_write_dirs.nes & ftp_bounce_scan.nes
. changes by Michel Arboi (arboi at noos.fr) :
- find_services accepts password-protected .pem files
- patches in the way files were transmitted between the client
and the server (which could end up in a deadlock)
. changes by Alexis de Bernis <alexisb at tpfh.org) :
- fixed ftp_write_dirs.nes
1.1.3 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'torturecgis.nasl' which supplies bogus args to
the remote CGIs, in order to find the most blantantly broken
ones
- webmirror.nasl now retrieves the list of arguments of each
CGI.
- added filter support in the client. Use the key 'l' to filter
out plugins you don't want to see.
- added the 'safe checks' option which allow the user to not disturb
the network (but which weakens the Nessus tests)
- disabled backward support for port 3001 - the official port
is 1241 now.
1.1.2 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'webmirror.nasl', which extracts the list of
CGIs used by a remote web server (and will do much more).
- fixed a problem in NASL due to the SSL patch that would cause
a fd leak with some plugins.
- added a new plugin category (ACT_DESTRUCTIVE_ATTACK) for plugins
that may harm the remote host.
- SSL certificates & key can be imported
- corrected a bug introduced in 1.1.0 that would make the client not display
the name of the plugin currently being run.
- sending signal SIGUSR1 to nessusd makes the grandfather process (the one
who listens on tcp ports) die without killing its children, thus
allowing a smooth upgrade of nessusd
- updated config.guess and config.sub
1.1.1 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed mem leaks in NASL
- fixed a bug introduced in 1.1.0 regarding recv_line()
- fixed a bug introduced in 1.1.0 in the process management of the plugins
(all the KB would not be filled, resulting in incomplete tests)
- smb_sid2user.nasl is twice as fast ;)
1.1.0 :
. changes by Devin Kowatch (devink at SDSC.EDU) :
- fixed communication problem between client and server
- user-defined timing policy in nmap
- nessus-update-plugins uses wget (or any user-supplied command at
compilation time) if available.
. changes by Michel Arboi (arboi at bigfoot.com) :
- support for the -T option of nmap
- SSL support
. changes by Zorgon (zorgon at antionline.org) :
- support for the --os_guess option of nmap
. changes by Renaud Deraison (deraison at nessus.org) :
- the user can upload files to plugins through the client (ie: it is possible
to upload nmap's results directly to the nmap plugin)
- tests can be run in parallel now
- each user is now granted a home by nessus-adduser
- added nessus-rmuser
- per users plugins
Of course several new plugins were added as well.
2002-05-10 15:18:44 +02:00
|
|
|
lib/nessus/plugins/smb_localusers_autodisabled.nasl
|
|
|
|
lib/nessus/plugins/smb_localusers_changepw.nasl
|
|
|
|
lib/nessus/plugins/smb_localusers_disabled.nasl
|
|
|
|
lib/nessus/plugins/smb_localusers_lastpwchange.nasl
|
|
|
|
lib/nessus/plugins/smb_localusers_neverloggedon.nasl
|
|
|
|
lib/nessus/plugins/smb_localusers_pwexpiry.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/smb_login.nasl
|
|
|
|
lib/nessus/plugins/smb_login_as_users.nasl
|
2001-06-17 15:25:54 +02:00
|
|
|
lib/nessus/plugins/smb_mssql7.nasl
|
2001-12-30 19:38:53 +01:00
|
|
|
lib/nessus/plugins/smb_nativelanman.nasl
|
Update libnasl, nessus{-core,-libraries,-plugins} to 1.2.0.
1.1.15/1.2.0 :
. changes by Nicolas Dubee (ndubee@secway.com) :
- Better support for AF_UNIX sockets
. changes by Brian (bmc@snort.org) :
- CVE references
- several bugfixes in the plugins
. changes by Peter Gründl (pgrundl@kpmg.dk) and
Carsten Joergensen (carstenjoergensen@kpmg.dk) :
- Extensive review of the plugins and therefore numerous fixes
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- FD leak in save_kb.c fixed
. changes by Renaud Deraison (deraison at nessus.org)
- It is now possible to upload files to the server when using
the command line client
- lrand48() portability problems worked around
- fixed a bug in the report window that would make it crash
randomly
1.1.14 :
. changes by Renaud Deraison (deraison at nessus.org)
- SMB fixes (thanks to Michael Scheidell)
- When the safe checks option is enabled, dangerous tests with no
alternate code (ie: plugins of type ACT_DESTRUCTIVE_ATTACK and
ACT_DENIAL) are disabled
- Hosts can be designated by their MAC address of instead of their
IP address (mostly useful for DHCP networks)
- Fixed a bug in the report generation which would replace newlines (\n)
by semi-columns (;)
- Fixed a bug in the export of some types of reports, where open ports
with no data associated would not be saved
- Integrated THC's Hydra as a Nessus plugin
- Added new NT security checks (related to user management)
- Plugins of type ACT_SETTINGS can not be disabled
- Fixed a bug which would make nessusd hang when a scanner was reporting
too many open ports (as when a UDP scan reports all UDP ports as
being open)
. changes by Dion Stempfley (dion at riptech.com)
- The client can now filter on category
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- Fixed some plugins causing error messages in some circumstances
(dns_xfer.nasl, snmp_processes.nasl...)
- Stylish changes to prevent gcc -Wall from whining in some files
- XML NG output is now XML compliant
- Bug fixes
. changes by Jenni Scott (jenni.scott@guardent.com) and
Michael Slifcak (michael.slifcak@guardent.com) :
- Improved the reporting of the plugins (better consistency, better
wording)
1.1.13 :
. changes by Michel Arboi (arboi at algoriel.fr)
- New family ACT_SETTINGS dedicated to plugins which just let the user
enter some preferences
- Optional NIDS evasion techniques (url encoding, tcp slicing)
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug in the command line client which would make it ignore
some preferences
- SMB checks can now log into a Windows domain
- NIDS evasion techniques (data injection, short ttl)
- Fixed a bug which would randomly stall the scan
1.1.12 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workarounds on FreeBSD to prevent a kernel panic
(thanks to Michael Scheidell and Stefan Esser)
- nessus can export reports as other file formats again
1.1.11 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug regarding the saving of reports from the GUI
- Improved the backend in many ways (speed-wise, content-wise)
- Changes in the protocol
- More messages are sent between the server and the client (timestamps,
plugins version, ...)
- New .nbe file format, which looks like .nsr but has more information
in it
- Plugins now have versions numbers.
- The user can upload his plugins to the nessusd server from the client
- It is now possible to upload files to the server (ie: nmap's results) in
command-line mode
- Fixed false positives in SNMP plugins when launched against a non-configured
Solaris snmpd
. changes by Guillaume Valadon (guillaume at valadon.net)
- New XML output (the XML layout was defined by Lionel Cons [lionel.cons at cern.ch])
1.1.10 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug introduced in 1.1.9 which would sometimes prevent a user from
aborting an on-going test
- Fixed a bug in the client which would prevent the user from setting a port
range longer than 255 chars
- Fixed bugs in pcap_next() (thanks to Richard van den Berg). Also, pcap_next() is now more flexible.
- Fixed a bug in the command line client which would make it close the
communication too early when the client - server communication is not
ciphered
- Added an "auto-load dependencies at runtime" option
1.1.9 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fix in the GUI, when closing a saved report
- Fixed a bug in ftp_log_in() which would prevent nasl script from
logging into some FTP servers
- Solaris build problems fixed
- Darwin 1.4.1 build problems fixed
- MkLinux DR3 build problems fixed (is anyone using it anymore ?)
- GTK 1.0.x build problems fixed (the use of GTK 1.2 is recommended though)
- Fixed the "wrong call to getopt" problem which would make Nessus
segfault when built with cygwin, and which would prevent options
from working under Solaris & FreeBSD (thanks to Udo Schweigert)
- SMB checks speedup (thanks to Georges Dagousset's suggestion)
- Fixed a bug in the client - server communication that would make the
server close the communication when the client is idle
- Better support for AF_UNIX socket for client-server communication
(compile nessus-core with ./configure --enable-unix-socket)
- Plugins are disabled by default in batch mode
. changes by Michel Arboi (arboi at algoriel.fr)
- Client now properly checks the certificate of the server
. changes by Benoit Brodard (bbrodard at arkoon.net)
- fixed bugs in nasl/tcp.c (checksum, handling of unsigned int)
1.1.8 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workaround for systems with a low number of bpfs (OpenBSD, Darwin)
- Added some length checks for SMB checks
- No more zombies
- Fixed accounts.nes
- Fixed the reporting of the client (reports would be mixed)
- Client removes tempfiles when exiting
- Repaired ptyexecvp() which would not work on Solaris
- Slight bugfix in the NASL interpretor
. changes by Georges Dagousset (georges at alert4web.com)
- More optimizations
- Properly reloads KBs with the same value defined more than once
- Fixes in some plugins dependencies
. changes by Michael Slifcak <Michael.Slifcak at guardent.com>
- More nmap options
- Quiet mode in nessus-adduser
1.1.7 :
. changes by Renaud Deraison (deraison at nessus.org)
- Compiles on platforms without OpenSSL
- Better Solaris support
- Ported under Darwin (many thanks to Dieter Fiebelkorn
(dieter at fiebelkorn.net) who actually started the port and helped
me test this)
- Unscanned ports can now be considered as closed or open (instead of
just open), at user choice
- Upgraded to libtool 1.4.2
- fixed a bug in the client which would make it display the wrong report
when doing multiple scans
- enhanced the plugins filter (that appear when pressing 'l' in the GUI)
- fixed a serious problem in the SMB plugins which would prevent them to work
against Samba and which would make them slow against Windows (pointed out
by Georges Dagousset)
. changes by Iouri Pletnev (Iouri.Pletnec at xacta.com)
- Ported under Cygwin
. changes by Michel Arboi (arboi at algoriel.fr)
- Added nessus-mkrand for hosts with no /dev/random AND no EGD
running
1.1.6 :
. changes by Renaud Deraison (deraison at nessus.org)
- EGD support for OpenSSL (do ./configure --enable-egd=/path/to/egd/socket
in nessus-libraries)
- KB items are now stored with individual dates instead of a global
date for the whole KB file. Yes, this means you have to delete your
old KB files
- When an host could not be pinged, his KB is not altered (nor created)
- fixed memory leaks in nessusd
- nessus-mkcert checks that the certificates were really created
before congratulating the user
- fixed a security problem where anybody with a shell on the nessusd
host could log in
1.1.5 :
. changes by Georges Dagousset (georges.dagousset at alert4web.com) :
- new KB entries for further "optimizations"
- improved find_services.nes
. changes by Renaud Deraison (deraison at nessus.org) :
- cleaned up the KB
- added doc/kb_entries.txt
- bugfix in find_services regarding the pem password
- new reporting GUI
- fixed a problem which would leave some plugin run against a host
considered as dead
- the KB are now stored with properly escaped \n and \r chars
- greatly improved tcp_ping.nasl (and tcp_ping() in libnasl)
. changes by Michel Arboi (arboi at algoriel.fr) :
- replaced PEKS by OpenSSL in the client/server communication
. changes by H D Moore (hdm@secureaustin.com)
- fixed no404.nasl
1.1.4 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed find_services.nes
- plugins that are slow to finish are _really_ killed by the server
- the client better handles the scan of big networks
- nmap_wrapper now updates its progress bar
- nessus-update-plugins support proxies (with or without authentication)
- monitor_backend.c and data_mining.c allow any developer to plug
a database behind the client (by default flatfiles are used)
- bug fixed in nmap_wrapper which would make it kill its parent
process randomly
- minor fix in the tcp_ping() function of NASL (ack would be set
to non-zero for a syn packet)
- fixed Alexis's ftp_write_dirs.nes & ftp_bounce_scan.nes
. changes by Michel Arboi (arboi at noos.fr) :
- find_services accepts password-protected .pem files
- patches in the way files were transmitted between the client
and the server (which could end up in a deadlock)
. changes by Alexis de Bernis <alexisb at tpfh.org) :
- fixed ftp_write_dirs.nes
1.1.3 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'torturecgis.nasl' which supplies bogus args to
the remote CGIs, in order to find the most blantantly broken
ones
- webmirror.nasl now retrieves the list of arguments of each
CGI.
- added filter support in the client. Use the key 'l' to filter
out plugins you don't want to see.
- added the 'safe checks' option which allow the user to not disturb
the network (but which weakens the Nessus tests)
- disabled backward support for port 3001 - the official port
is 1241 now.
1.1.2 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'webmirror.nasl', which extracts the list of
CGIs used by a remote web server (and will do much more).
- fixed a problem in NASL due to the SSL patch that would cause
a fd leak with some plugins.
- added a new plugin category (ACT_DESTRUCTIVE_ATTACK) for plugins
that may harm the remote host.
- SSL certificates & key can be imported
- corrected a bug introduced in 1.1.0 that would make the client not display
the name of the plugin currently being run.
- sending signal SIGUSR1 to nessusd makes the grandfather process (the one
who listens on tcp ports) die without killing its children, thus
allowing a smooth upgrade of nessusd
- updated config.guess and config.sub
1.1.1 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed mem leaks in NASL
- fixed a bug introduced in 1.1.0 regarding recv_line()
- fixed a bug introduced in 1.1.0 in the process management of the plugins
(all the KB would not be filled, resulting in incomplete tests)
- smb_sid2user.nasl is twice as fast ;)
1.1.0 :
. changes by Devin Kowatch (devink at SDSC.EDU) :
- fixed communication problem between client and server
- user-defined timing policy in nmap
- nessus-update-plugins uses wget (or any user-supplied command at
compilation time) if available.
. changes by Michel Arboi (arboi at bigfoot.com) :
- support for the -T option of nmap
- SSL support
. changes by Zorgon (zorgon at antionline.org) :
- support for the --os_guess option of nmap
. changes by Renaud Deraison (deraison at nessus.org) :
- the user can upload files to plugins through the client (ie: it is possible
to upload nmap's results directly to the nmap plugin)
- tests can be run in parallel now
- each user is now granted a home by nessus-adduser
- added nessus-rmuser
- per users plugins
Of course several new plugins were added as well.
2002-05-10 15:18:44 +02:00
|
|
|
lib/nessus/plugins/smb_netusergetaliases.nasl
|
|
|
|
lib/nessus/plugins/smb_netusergetgroups.nasl
|
|
|
|
lib/nessus/plugins/smb_netusergetinfo.nasl
|
|
|
|
lib/nessus/plugins/smb_netusergetinfo_local.nasl
|
|
|
|
lib/nessus/plugins/smb_nt.inc
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/smb_nt_ms00-029.nasl
|
|
|
|
lib/nessus/plugins/smb_nt_ms00-036.nasl
|
2000-08-04 01:09:21 +02:00
|
|
|
lib/nessus/plugins/smb_nt_ms00-047.nasl
|
2000-10-15 19:19:49 +02:00
|
|
|
lib/nessus/plugins/smb_nt_ms00-052.nasl
|
|
|
|
lib/nessus/plugins/smb_nt_ms00-053.nasl
|
|
|
|
lib/nessus/plugins/smb_nt_ms00-062.nasl
|
|
|
|
lib/nessus/plugins/smb_nt_ms00-065.nasl
|
|
|
|
lib/nessus/plugins/smb_nt_ms00-066.nasl
|
2000-11-12 05:32:02 +01:00
|
|
|
lib/nessus/plugins/smb_nt_ms00-067.nasl
|
|
|
|
lib/nessus/plugins/smb_nt_ms00-070.nasl
|
2001-06-17 15:25:54 +02:00
|
|
|
lib/nessus/plugins/smb_nt_ms00-086.nasl
|
2001-01-28 19:52:32 +01:00
|
|
|
lib/nessus/plugins/smb_nt_ms00-089.nasl
|
|
|
|
lib/nessus/plugins/smb_nt_ms00-091.nasl
|
2001-03-10 19:53:39 +01:00
|
|
|
lib/nessus/plugins/smb_nt_ms01-003.nasl
|
2001-08-16 19:27:53 +02:00
|
|
|
lib/nessus/plugins/smb_nt_ms01-008.nasl
|
2001-06-17 15:25:54 +02:00
|
|
|
lib/nessus/plugins/smb_nt_ms01-009.nasl
|
|
|
|
lib/nessus/plugins/smb_nt_ms01-011.nasl
|
|
|
|
lib/nessus/plugins/smb_nt_ms01-025.nasl
|
2001-12-30 19:38:53 +01:00
|
|
|
lib/nessus/plugins/smb_nt_ms01-046.nasl
|
|
|
|
lib/nessus/plugins/smb_nt_ms01-048.nasl
|
Update libnasl, nessus{-core,-libraries,-plugins} to 1.2.0.
1.1.15/1.2.0 :
. changes by Nicolas Dubee (ndubee@secway.com) :
- Better support for AF_UNIX sockets
. changes by Brian (bmc@snort.org) :
- CVE references
- several bugfixes in the plugins
. changes by Peter Gründl (pgrundl@kpmg.dk) and
Carsten Joergensen (carstenjoergensen@kpmg.dk) :
- Extensive review of the plugins and therefore numerous fixes
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- FD leak in save_kb.c fixed
. changes by Renaud Deraison (deraison at nessus.org)
- It is now possible to upload files to the server when using
the command line client
- lrand48() portability problems worked around
- fixed a bug in the report window that would make it crash
randomly
1.1.14 :
. changes by Renaud Deraison (deraison at nessus.org)
- SMB fixes (thanks to Michael Scheidell)
- When the safe checks option is enabled, dangerous tests with no
alternate code (ie: plugins of type ACT_DESTRUCTIVE_ATTACK and
ACT_DENIAL) are disabled
- Hosts can be designated by their MAC address of instead of their
IP address (mostly useful for DHCP networks)
- Fixed a bug in the report generation which would replace newlines (\n)
by semi-columns (;)
- Fixed a bug in the export of some types of reports, where open ports
with no data associated would not be saved
- Integrated THC's Hydra as a Nessus plugin
- Added new NT security checks (related to user management)
- Plugins of type ACT_SETTINGS can not be disabled
- Fixed a bug which would make nessusd hang when a scanner was reporting
too many open ports (as when a UDP scan reports all UDP ports as
being open)
. changes by Dion Stempfley (dion at riptech.com)
- The client can now filter on category
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- Fixed some plugins causing error messages in some circumstances
(dns_xfer.nasl, snmp_processes.nasl...)
- Stylish changes to prevent gcc -Wall from whining in some files
- XML NG output is now XML compliant
- Bug fixes
. changes by Jenni Scott (jenni.scott@guardent.com) and
Michael Slifcak (michael.slifcak@guardent.com) :
- Improved the reporting of the plugins (better consistency, better
wording)
1.1.13 :
. changes by Michel Arboi (arboi at algoriel.fr)
- New family ACT_SETTINGS dedicated to plugins which just let the user
enter some preferences
- Optional NIDS evasion techniques (url encoding, tcp slicing)
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug in the command line client which would make it ignore
some preferences
- SMB checks can now log into a Windows domain
- NIDS evasion techniques (data injection, short ttl)
- Fixed a bug which would randomly stall the scan
1.1.12 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workarounds on FreeBSD to prevent a kernel panic
(thanks to Michael Scheidell and Stefan Esser)
- nessus can export reports as other file formats again
1.1.11 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug regarding the saving of reports from the GUI
- Improved the backend in many ways (speed-wise, content-wise)
- Changes in the protocol
- More messages are sent between the server and the client (timestamps,
plugins version, ...)
- New .nbe file format, which looks like .nsr but has more information
in it
- Plugins now have versions numbers.
- The user can upload his plugins to the nessusd server from the client
- It is now possible to upload files to the server (ie: nmap's results) in
command-line mode
- Fixed false positives in SNMP plugins when launched against a non-configured
Solaris snmpd
. changes by Guillaume Valadon (guillaume at valadon.net)
- New XML output (the XML layout was defined by Lionel Cons [lionel.cons at cern.ch])
1.1.10 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug introduced in 1.1.9 which would sometimes prevent a user from
aborting an on-going test
- Fixed a bug in the client which would prevent the user from setting a port
range longer than 255 chars
- Fixed bugs in pcap_next() (thanks to Richard van den Berg). Also, pcap_next() is now more flexible.
- Fixed a bug in the command line client which would make it close the
communication too early when the client - server communication is not
ciphered
- Added an "auto-load dependencies at runtime" option
1.1.9 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fix in the GUI, when closing a saved report
- Fixed a bug in ftp_log_in() which would prevent nasl script from
logging into some FTP servers
- Solaris build problems fixed
- Darwin 1.4.1 build problems fixed
- MkLinux DR3 build problems fixed (is anyone using it anymore ?)
- GTK 1.0.x build problems fixed (the use of GTK 1.2 is recommended though)
- Fixed the "wrong call to getopt" problem which would make Nessus
segfault when built with cygwin, and which would prevent options
from working under Solaris & FreeBSD (thanks to Udo Schweigert)
- SMB checks speedup (thanks to Georges Dagousset's suggestion)
- Fixed a bug in the client - server communication that would make the
server close the communication when the client is idle
- Better support for AF_UNIX socket for client-server communication
(compile nessus-core with ./configure --enable-unix-socket)
- Plugins are disabled by default in batch mode
. changes by Michel Arboi (arboi at algoriel.fr)
- Client now properly checks the certificate of the server
. changes by Benoit Brodard (bbrodard at arkoon.net)
- fixed bugs in nasl/tcp.c (checksum, handling of unsigned int)
1.1.8 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workaround for systems with a low number of bpfs (OpenBSD, Darwin)
- Added some length checks for SMB checks
- No more zombies
- Fixed accounts.nes
- Fixed the reporting of the client (reports would be mixed)
- Client removes tempfiles when exiting
- Repaired ptyexecvp() which would not work on Solaris
- Slight bugfix in the NASL interpretor
. changes by Georges Dagousset (georges at alert4web.com)
- More optimizations
- Properly reloads KBs with the same value defined more than once
- Fixes in some plugins dependencies
. changes by Michael Slifcak <Michael.Slifcak at guardent.com>
- More nmap options
- Quiet mode in nessus-adduser
1.1.7 :
. changes by Renaud Deraison (deraison at nessus.org)
- Compiles on platforms without OpenSSL
- Better Solaris support
- Ported under Darwin (many thanks to Dieter Fiebelkorn
(dieter at fiebelkorn.net) who actually started the port and helped
me test this)
- Unscanned ports can now be considered as closed or open (instead of
just open), at user choice
- Upgraded to libtool 1.4.2
- fixed a bug in the client which would make it display the wrong report
when doing multiple scans
- enhanced the plugins filter (that appear when pressing 'l' in the GUI)
- fixed a serious problem in the SMB plugins which would prevent them to work
against Samba and which would make them slow against Windows (pointed out
by Georges Dagousset)
. changes by Iouri Pletnev (Iouri.Pletnec at xacta.com)
- Ported under Cygwin
. changes by Michel Arboi (arboi at algoriel.fr)
- Added nessus-mkrand for hosts with no /dev/random AND no EGD
running
1.1.6 :
. changes by Renaud Deraison (deraison at nessus.org)
- EGD support for OpenSSL (do ./configure --enable-egd=/path/to/egd/socket
in nessus-libraries)
- KB items are now stored with individual dates instead of a global
date for the whole KB file. Yes, this means you have to delete your
old KB files
- When an host could not be pinged, his KB is not altered (nor created)
- fixed memory leaks in nessusd
- nessus-mkcert checks that the certificates were really created
before congratulating the user
- fixed a security problem where anybody with a shell on the nessusd
host could log in
1.1.5 :
. changes by Georges Dagousset (georges.dagousset at alert4web.com) :
- new KB entries for further "optimizations"
- improved find_services.nes
. changes by Renaud Deraison (deraison at nessus.org) :
- cleaned up the KB
- added doc/kb_entries.txt
- bugfix in find_services regarding the pem password
- new reporting GUI
- fixed a problem which would leave some plugin run against a host
considered as dead
- the KB are now stored with properly escaped \n and \r chars
- greatly improved tcp_ping.nasl (and tcp_ping() in libnasl)
. changes by Michel Arboi (arboi at algoriel.fr) :
- replaced PEKS by OpenSSL in the client/server communication
. changes by H D Moore (hdm@secureaustin.com)
- fixed no404.nasl
1.1.4 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed find_services.nes
- plugins that are slow to finish are _really_ killed by the server
- the client better handles the scan of big networks
- nmap_wrapper now updates its progress bar
- nessus-update-plugins support proxies (with or without authentication)
- monitor_backend.c and data_mining.c allow any developer to plug
a database behind the client (by default flatfiles are used)
- bug fixed in nmap_wrapper which would make it kill its parent
process randomly
- minor fix in the tcp_ping() function of NASL (ack would be set
to non-zero for a syn packet)
- fixed Alexis's ftp_write_dirs.nes & ftp_bounce_scan.nes
. changes by Michel Arboi (arboi at noos.fr) :
- find_services accepts password-protected .pem files
- patches in the way files were transmitted between the client
and the server (which could end up in a deadlock)
. changes by Alexis de Bernis <alexisb at tpfh.org) :
- fixed ftp_write_dirs.nes
1.1.3 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'torturecgis.nasl' which supplies bogus args to
the remote CGIs, in order to find the most blantantly broken
ones
- webmirror.nasl now retrieves the list of arguments of each
CGI.
- added filter support in the client. Use the key 'l' to filter
out plugins you don't want to see.
- added the 'safe checks' option which allow the user to not disturb
the network (but which weakens the Nessus tests)
- disabled backward support for port 3001 - the official port
is 1241 now.
1.1.2 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'webmirror.nasl', which extracts the list of
CGIs used by a remote web server (and will do much more).
- fixed a problem in NASL due to the SSL patch that would cause
a fd leak with some plugins.
- added a new plugin category (ACT_DESTRUCTIVE_ATTACK) for plugins
that may harm the remote host.
- SSL certificates & key can be imported
- corrected a bug introduced in 1.1.0 that would make the client not display
the name of the plugin currently being run.
- sending signal SIGUSR1 to nessusd makes the grandfather process (the one
who listens on tcp ports) die without killing its children, thus
allowing a smooth upgrade of nessusd
- updated config.guess and config.sub
1.1.1 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed mem leaks in NASL
- fixed a bug introduced in 1.1.0 regarding recv_line()
- fixed a bug introduced in 1.1.0 in the process management of the plugins
(all the KB would not be filled, resulting in incomplete tests)
- smb_sid2user.nasl is twice as fast ;)
1.1.0 :
. changes by Devin Kowatch (devink at SDSC.EDU) :
- fixed communication problem between client and server
- user-defined timing policy in nmap
- nessus-update-plugins uses wget (or any user-supplied command at
compilation time) if available.
. changes by Michel Arboi (arboi at bigfoot.com) :
- support for the -T option of nmap
- SSL support
. changes by Zorgon (zorgon at antionline.org) :
- support for the --os_guess option of nmap
. changes by Renaud Deraison (deraison at nessus.org) :
- the user can upload files to plugins through the client (ie: it is possible
to upload nmap's results directly to the nmap plugin)
- tests can be run in parallel now
- each user is now granted a home by nessus-adduser
- added nessus-rmuser
- per users plugins
Of course several new plugins were added as well.
2002-05-10 15:18:44 +02:00
|
|
|
lib/nessus/plugins/smb_nt_ms02-005.nasl
|
|
|
|
lib/nessus/plugins/smb_nt_ms02-006.nasl
|
|
|
|
lib/nessus/plugins/smb_nt_ms02-008.nasl
|
|
|
|
lib/nessus/plugins/smb_nt_ms02-009.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/smb_reg_autologon.nasl
|
|
|
|
lib/nessus/plugins/smb_reg_hklm.nasl
|
|
|
|
lib/nessus/plugins/smb_reg_missing_winreg.nasl
|
|
|
|
lib/nessus/plugins/smb_reg_pdc.nasl
|
2001-01-28 19:52:32 +01:00
|
|
|
lib/nessus/plugins/smb_reg_ras_access.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/smb_reg_run_permissions.nasl
|
|
|
|
lib/nessus/plugins/smb_reg_schedule.nasl
|
|
|
|
lib/nessus/plugins/smb_reg_service_pack.nasl
|
2000-11-12 05:32:02 +01:00
|
|
|
lib/nessus/plugins/smb_reg_service_pack_W2K.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/smb_reg_sfcdisable.nasl
|
|
|
|
lib/nessus/plugins/smb_reg_trojan_paths.nasl
|
|
|
|
lib/nessus/plugins/smb_reg_winlogon_permissions.nasl
|
2001-01-28 19:52:32 +01:00
|
|
|
lib/nessus/plugins/smb_reg_winvnc_perms.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/smb_registry_access.nasl
|
|
|
|
lib/nessus/plugins/smb_registry_full_access.nasl
|
Update libnasl, nessus{-core,-libraries,-plugins} to 1.2.0.
1.1.15/1.2.0 :
. changes by Nicolas Dubee (ndubee@secway.com) :
- Better support for AF_UNIX sockets
. changes by Brian (bmc@snort.org) :
- CVE references
- several bugfixes in the plugins
. changes by Peter Gründl (pgrundl@kpmg.dk) and
Carsten Joergensen (carstenjoergensen@kpmg.dk) :
- Extensive review of the plugins and therefore numerous fixes
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- FD leak in save_kb.c fixed
. changes by Renaud Deraison (deraison at nessus.org)
- It is now possible to upload files to the server when using
the command line client
- lrand48() portability problems worked around
- fixed a bug in the report window that would make it crash
randomly
1.1.14 :
. changes by Renaud Deraison (deraison at nessus.org)
- SMB fixes (thanks to Michael Scheidell)
- When the safe checks option is enabled, dangerous tests with no
alternate code (ie: plugins of type ACT_DESTRUCTIVE_ATTACK and
ACT_DENIAL) are disabled
- Hosts can be designated by their MAC address of instead of their
IP address (mostly useful for DHCP networks)
- Fixed a bug in the report generation which would replace newlines (\n)
by semi-columns (;)
- Fixed a bug in the export of some types of reports, where open ports
with no data associated would not be saved
- Integrated THC's Hydra as a Nessus plugin
- Added new NT security checks (related to user management)
- Plugins of type ACT_SETTINGS can not be disabled
- Fixed a bug which would make nessusd hang when a scanner was reporting
too many open ports (as when a UDP scan reports all UDP ports as
being open)
. changes by Dion Stempfley (dion at riptech.com)
- The client can now filter on category
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- Fixed some plugins causing error messages in some circumstances
(dns_xfer.nasl, snmp_processes.nasl...)
- Stylish changes to prevent gcc -Wall from whining in some files
- XML NG output is now XML compliant
- Bug fixes
. changes by Jenni Scott (jenni.scott@guardent.com) and
Michael Slifcak (michael.slifcak@guardent.com) :
- Improved the reporting of the plugins (better consistency, better
wording)
1.1.13 :
. changes by Michel Arboi (arboi at algoriel.fr)
- New family ACT_SETTINGS dedicated to plugins which just let the user
enter some preferences
- Optional NIDS evasion techniques (url encoding, tcp slicing)
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug in the command line client which would make it ignore
some preferences
- SMB checks can now log into a Windows domain
- NIDS evasion techniques (data injection, short ttl)
- Fixed a bug which would randomly stall the scan
1.1.12 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workarounds on FreeBSD to prevent a kernel panic
(thanks to Michael Scheidell and Stefan Esser)
- nessus can export reports as other file formats again
1.1.11 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug regarding the saving of reports from the GUI
- Improved the backend in many ways (speed-wise, content-wise)
- Changes in the protocol
- More messages are sent between the server and the client (timestamps,
plugins version, ...)
- New .nbe file format, which looks like .nsr but has more information
in it
- Plugins now have versions numbers.
- The user can upload his plugins to the nessusd server from the client
- It is now possible to upload files to the server (ie: nmap's results) in
command-line mode
- Fixed false positives in SNMP plugins when launched against a non-configured
Solaris snmpd
. changes by Guillaume Valadon (guillaume at valadon.net)
- New XML output (the XML layout was defined by Lionel Cons [lionel.cons at cern.ch])
1.1.10 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug introduced in 1.1.9 which would sometimes prevent a user from
aborting an on-going test
- Fixed a bug in the client which would prevent the user from setting a port
range longer than 255 chars
- Fixed bugs in pcap_next() (thanks to Richard van den Berg). Also, pcap_next() is now more flexible.
- Fixed a bug in the command line client which would make it close the
communication too early when the client - server communication is not
ciphered
- Added an "auto-load dependencies at runtime" option
1.1.9 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fix in the GUI, when closing a saved report
- Fixed a bug in ftp_log_in() which would prevent nasl script from
logging into some FTP servers
- Solaris build problems fixed
- Darwin 1.4.1 build problems fixed
- MkLinux DR3 build problems fixed (is anyone using it anymore ?)
- GTK 1.0.x build problems fixed (the use of GTK 1.2 is recommended though)
- Fixed the "wrong call to getopt" problem which would make Nessus
segfault when built with cygwin, and which would prevent options
from working under Solaris & FreeBSD (thanks to Udo Schweigert)
- SMB checks speedup (thanks to Georges Dagousset's suggestion)
- Fixed a bug in the client - server communication that would make the
server close the communication when the client is idle
- Better support for AF_UNIX socket for client-server communication
(compile nessus-core with ./configure --enable-unix-socket)
- Plugins are disabled by default in batch mode
. changes by Michel Arboi (arboi at algoriel.fr)
- Client now properly checks the certificate of the server
. changes by Benoit Brodard (bbrodard at arkoon.net)
- fixed bugs in nasl/tcp.c (checksum, handling of unsigned int)
1.1.8 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workaround for systems with a low number of bpfs (OpenBSD, Darwin)
- Added some length checks for SMB checks
- No more zombies
- Fixed accounts.nes
- Fixed the reporting of the client (reports would be mixed)
- Client removes tempfiles when exiting
- Repaired ptyexecvp() which would not work on Solaris
- Slight bugfix in the NASL interpretor
. changes by Georges Dagousset (georges at alert4web.com)
- More optimizations
- Properly reloads KBs with the same value defined more than once
- Fixes in some plugins dependencies
. changes by Michael Slifcak <Michael.Slifcak at guardent.com>
- More nmap options
- Quiet mode in nessus-adduser
1.1.7 :
. changes by Renaud Deraison (deraison at nessus.org)
- Compiles on platforms without OpenSSL
- Better Solaris support
- Ported under Darwin (many thanks to Dieter Fiebelkorn
(dieter at fiebelkorn.net) who actually started the port and helped
me test this)
- Unscanned ports can now be considered as closed or open (instead of
just open), at user choice
- Upgraded to libtool 1.4.2
- fixed a bug in the client which would make it display the wrong report
when doing multiple scans
- enhanced the plugins filter (that appear when pressing 'l' in the GUI)
- fixed a serious problem in the SMB plugins which would prevent them to work
against Samba and which would make them slow against Windows (pointed out
by Georges Dagousset)
. changes by Iouri Pletnev (Iouri.Pletnec at xacta.com)
- Ported under Cygwin
. changes by Michel Arboi (arboi at algoriel.fr)
- Added nessus-mkrand for hosts with no /dev/random AND no EGD
running
1.1.6 :
. changes by Renaud Deraison (deraison at nessus.org)
- EGD support for OpenSSL (do ./configure --enable-egd=/path/to/egd/socket
in nessus-libraries)
- KB items are now stored with individual dates instead of a global
date for the whole KB file. Yes, this means you have to delete your
old KB files
- When an host could not be pinged, his KB is not altered (nor created)
- fixed memory leaks in nessusd
- nessus-mkcert checks that the certificates were really created
before congratulating the user
- fixed a security problem where anybody with a shell on the nessusd
host could log in
1.1.5 :
. changes by Georges Dagousset (georges.dagousset at alert4web.com) :
- new KB entries for further "optimizations"
- improved find_services.nes
. changes by Renaud Deraison (deraison at nessus.org) :
- cleaned up the KB
- added doc/kb_entries.txt
- bugfix in find_services regarding the pem password
- new reporting GUI
- fixed a problem which would leave some plugin run against a host
considered as dead
- the KB are now stored with properly escaped \n and \r chars
- greatly improved tcp_ping.nasl (and tcp_ping() in libnasl)
. changes by Michel Arboi (arboi at algoriel.fr) :
- replaced PEKS by OpenSSL in the client/server communication
. changes by H D Moore (hdm@secureaustin.com)
- fixed no404.nasl
1.1.4 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed find_services.nes
- plugins that are slow to finish are _really_ killed by the server
- the client better handles the scan of big networks
- nmap_wrapper now updates its progress bar
- nessus-update-plugins support proxies (with or without authentication)
- monitor_backend.c and data_mining.c allow any developer to plug
a database behind the client (by default flatfiles are used)
- bug fixed in nmap_wrapper which would make it kill its parent
process randomly
- minor fix in the tcp_ping() function of NASL (ack would be set
to non-zero for a syn packet)
- fixed Alexis's ftp_write_dirs.nes & ftp_bounce_scan.nes
. changes by Michel Arboi (arboi at noos.fr) :
- find_services accepts password-protected .pem files
- patches in the way files were transmitted between the client
and the server (which could end up in a deadlock)
. changes by Alexis de Bernis <alexisb at tpfh.org) :
- fixed ftp_write_dirs.nes
1.1.3 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'torturecgis.nasl' which supplies bogus args to
the remote CGIs, in order to find the most blantantly broken
ones
- webmirror.nasl now retrieves the list of arguments of each
CGI.
- added filter support in the client. Use the key 'l' to filter
out plugins you don't want to see.
- added the 'safe checks' option which allow the user to not disturb
the network (but which weakens the Nessus tests)
- disabled backward support for port 3001 - the official port
is 1241 now.
1.1.2 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'webmirror.nasl', which extracts the list of
CGIs used by a remote web server (and will do much more).
- fixed a problem in NASL due to the SSL patch that would cause
a fd leak with some plugins.
- added a new plugin category (ACT_DESTRUCTIVE_ATTACK) for plugins
that may harm the remote host.
- SSL certificates & key can be imported
- corrected a bug introduced in 1.1.0 that would make the client not display
the name of the plugin currently being run.
- sending signal SIGUSR1 to nessusd makes the grandfather process (the one
who listens on tcp ports) die without killing its children, thus
allowing a smooth upgrade of nessusd
- updated config.guess and config.sub
1.1.1 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed mem leaks in NASL
- fixed a bug introduced in 1.1.0 regarding recv_line()
- fixed a bug introduced in 1.1.0 in the process management of the plugins
(all the KB would not be filled, resulting in incomplete tests)
- smb_sid2user.nasl is twice as fast ;)
1.1.0 :
. changes by Devin Kowatch (devink at SDSC.EDU) :
- fixed communication problem between client and server
- user-defined timing policy in nmap
- nessus-update-plugins uses wget (or any user-supplied command at
compilation time) if available.
. changes by Michel Arboi (arboi at bigfoot.com) :
- support for the -T option of nmap
- SSL support
. changes by Zorgon (zorgon at antionline.org) :
- support for the --os_guess option of nmap
. changes by Renaud Deraison (deraison at nessus.org) :
- the user can upload files to plugins through the client (ie: it is possible
to upload nmap's results directly to the nmap plugin)
- tests can be run in parallel now
- each user is now granted a home by nessus-adduser
- added nessus-rmuser
- per users plugins
Of course several new plugins were added as well.
2002-05-10 15:18:44 +02:00
|
|
|
lib/nessus/plugins/smb_scope.nasl
|
|
|
|
lib/nessus/plugins/smb_sid2localuser.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/smb_sid2user.nasl
|
|
|
|
lib/nessus/plugins/smb_svc_alerter.nasl
|
|
|
|
lib/nessus/plugins/smb_svc_messenger.nasl
|
Update libnasl, nessus{-core,-libraries,-plugins} to 1.2.0.
1.1.15/1.2.0 :
. changes by Nicolas Dubee (ndubee@secway.com) :
- Better support for AF_UNIX sockets
. changes by Brian (bmc@snort.org) :
- CVE references
- several bugfixes in the plugins
. changes by Peter Gründl (pgrundl@kpmg.dk) and
Carsten Joergensen (carstenjoergensen@kpmg.dk) :
- Extensive review of the plugins and therefore numerous fixes
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- FD leak in save_kb.c fixed
. changes by Renaud Deraison (deraison at nessus.org)
- It is now possible to upload files to the server when using
the command line client
- lrand48() portability problems worked around
- fixed a bug in the report window that would make it crash
randomly
1.1.14 :
. changes by Renaud Deraison (deraison at nessus.org)
- SMB fixes (thanks to Michael Scheidell)
- When the safe checks option is enabled, dangerous tests with no
alternate code (ie: plugins of type ACT_DESTRUCTIVE_ATTACK and
ACT_DENIAL) are disabled
- Hosts can be designated by their MAC address of instead of their
IP address (mostly useful for DHCP networks)
- Fixed a bug in the report generation which would replace newlines (\n)
by semi-columns (;)
- Fixed a bug in the export of some types of reports, where open ports
with no data associated would not be saved
- Integrated THC's Hydra as a Nessus plugin
- Added new NT security checks (related to user management)
- Plugins of type ACT_SETTINGS can not be disabled
- Fixed a bug which would make nessusd hang when a scanner was reporting
too many open ports (as when a UDP scan reports all UDP ports as
being open)
. changes by Dion Stempfley (dion at riptech.com)
- The client can now filter on category
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- Fixed some plugins causing error messages in some circumstances
(dns_xfer.nasl, snmp_processes.nasl...)
- Stylish changes to prevent gcc -Wall from whining in some files
- XML NG output is now XML compliant
- Bug fixes
. changes by Jenni Scott (jenni.scott@guardent.com) and
Michael Slifcak (michael.slifcak@guardent.com) :
- Improved the reporting of the plugins (better consistency, better
wording)
1.1.13 :
. changes by Michel Arboi (arboi at algoriel.fr)
- New family ACT_SETTINGS dedicated to plugins which just let the user
enter some preferences
- Optional NIDS evasion techniques (url encoding, tcp slicing)
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug in the command line client which would make it ignore
some preferences
- SMB checks can now log into a Windows domain
- NIDS evasion techniques (data injection, short ttl)
- Fixed a bug which would randomly stall the scan
1.1.12 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workarounds on FreeBSD to prevent a kernel panic
(thanks to Michael Scheidell and Stefan Esser)
- nessus can export reports as other file formats again
1.1.11 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug regarding the saving of reports from the GUI
- Improved the backend in many ways (speed-wise, content-wise)
- Changes in the protocol
- More messages are sent between the server and the client (timestamps,
plugins version, ...)
- New .nbe file format, which looks like .nsr but has more information
in it
- Plugins now have versions numbers.
- The user can upload his plugins to the nessusd server from the client
- It is now possible to upload files to the server (ie: nmap's results) in
command-line mode
- Fixed false positives in SNMP plugins when launched against a non-configured
Solaris snmpd
. changes by Guillaume Valadon (guillaume at valadon.net)
- New XML output (the XML layout was defined by Lionel Cons [lionel.cons at cern.ch])
1.1.10 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug introduced in 1.1.9 which would sometimes prevent a user from
aborting an on-going test
- Fixed a bug in the client which would prevent the user from setting a port
range longer than 255 chars
- Fixed bugs in pcap_next() (thanks to Richard van den Berg). Also, pcap_next() is now more flexible.
- Fixed a bug in the command line client which would make it close the
communication too early when the client - server communication is not
ciphered
- Added an "auto-load dependencies at runtime" option
1.1.9 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fix in the GUI, when closing a saved report
- Fixed a bug in ftp_log_in() which would prevent nasl script from
logging into some FTP servers
- Solaris build problems fixed
- Darwin 1.4.1 build problems fixed
- MkLinux DR3 build problems fixed (is anyone using it anymore ?)
- GTK 1.0.x build problems fixed (the use of GTK 1.2 is recommended though)
- Fixed the "wrong call to getopt" problem which would make Nessus
segfault when built with cygwin, and which would prevent options
from working under Solaris & FreeBSD (thanks to Udo Schweigert)
- SMB checks speedup (thanks to Georges Dagousset's suggestion)
- Fixed a bug in the client - server communication that would make the
server close the communication when the client is idle
- Better support for AF_UNIX socket for client-server communication
(compile nessus-core with ./configure --enable-unix-socket)
- Plugins are disabled by default in batch mode
. changes by Michel Arboi (arboi at algoriel.fr)
- Client now properly checks the certificate of the server
. changes by Benoit Brodard (bbrodard at arkoon.net)
- fixed bugs in nasl/tcp.c (checksum, handling of unsigned int)
1.1.8 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workaround for systems with a low number of bpfs (OpenBSD, Darwin)
- Added some length checks for SMB checks
- No more zombies
- Fixed accounts.nes
- Fixed the reporting of the client (reports would be mixed)
- Client removes tempfiles when exiting
- Repaired ptyexecvp() which would not work on Solaris
- Slight bugfix in the NASL interpretor
. changes by Georges Dagousset (georges at alert4web.com)
- More optimizations
- Properly reloads KBs with the same value defined more than once
- Fixes in some plugins dependencies
. changes by Michael Slifcak <Michael.Slifcak at guardent.com>
- More nmap options
- Quiet mode in nessus-adduser
1.1.7 :
. changes by Renaud Deraison (deraison at nessus.org)
- Compiles on platforms without OpenSSL
- Better Solaris support
- Ported under Darwin (many thanks to Dieter Fiebelkorn
(dieter at fiebelkorn.net) who actually started the port and helped
me test this)
- Unscanned ports can now be considered as closed or open (instead of
just open), at user choice
- Upgraded to libtool 1.4.2
- fixed a bug in the client which would make it display the wrong report
when doing multiple scans
- enhanced the plugins filter (that appear when pressing 'l' in the GUI)
- fixed a serious problem in the SMB plugins which would prevent them to work
against Samba and which would make them slow against Windows (pointed out
by Georges Dagousset)
. changes by Iouri Pletnev (Iouri.Pletnec at xacta.com)
- Ported under Cygwin
. changes by Michel Arboi (arboi at algoriel.fr)
- Added nessus-mkrand for hosts with no /dev/random AND no EGD
running
1.1.6 :
. changes by Renaud Deraison (deraison at nessus.org)
- EGD support for OpenSSL (do ./configure --enable-egd=/path/to/egd/socket
in nessus-libraries)
- KB items are now stored with individual dates instead of a global
date for the whole KB file. Yes, this means you have to delete your
old KB files
- When an host could not be pinged, his KB is not altered (nor created)
- fixed memory leaks in nessusd
- nessus-mkcert checks that the certificates were really created
before congratulating the user
- fixed a security problem where anybody with a shell on the nessusd
host could log in
1.1.5 :
. changes by Georges Dagousset (georges.dagousset at alert4web.com) :
- new KB entries for further "optimizations"
- improved find_services.nes
. changes by Renaud Deraison (deraison at nessus.org) :
- cleaned up the KB
- added doc/kb_entries.txt
- bugfix in find_services regarding the pem password
- new reporting GUI
- fixed a problem which would leave some plugin run against a host
considered as dead
- the KB are now stored with properly escaped \n and \r chars
- greatly improved tcp_ping.nasl (and tcp_ping() in libnasl)
. changes by Michel Arboi (arboi at algoriel.fr) :
- replaced PEKS by OpenSSL in the client/server communication
. changes by H D Moore (hdm@secureaustin.com)
- fixed no404.nasl
1.1.4 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed find_services.nes
- plugins that are slow to finish are _really_ killed by the server
- the client better handles the scan of big networks
- nmap_wrapper now updates its progress bar
- nessus-update-plugins support proxies (with or without authentication)
- monitor_backend.c and data_mining.c allow any developer to plug
a database behind the client (by default flatfiles are used)
- bug fixed in nmap_wrapper which would make it kill its parent
process randomly
- minor fix in the tcp_ping() function of NASL (ack would be set
to non-zero for a syn packet)
- fixed Alexis's ftp_write_dirs.nes & ftp_bounce_scan.nes
. changes by Michel Arboi (arboi at noos.fr) :
- find_services accepts password-protected .pem files
- patches in the way files were transmitted between the client
and the server (which could end up in a deadlock)
. changes by Alexis de Bernis <alexisb at tpfh.org) :
- fixed ftp_write_dirs.nes
1.1.3 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'torturecgis.nasl' which supplies bogus args to
the remote CGIs, in order to find the most blantantly broken
ones
- webmirror.nasl now retrieves the list of arguments of each
CGI.
- added filter support in the client. Use the key 'l' to filter
out plugins you don't want to see.
- added the 'safe checks' option which allow the user to not disturb
the network (but which weakens the Nessus tests)
- disabled backward support for port 3001 - the official port
is 1241 now.
1.1.2 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'webmirror.nasl', which extracts the list of
CGIs used by a remote web server (and will do much more).
- fixed a problem in NASL due to the SSL patch that would cause
a fd leak with some plugins.
- added a new plugin category (ACT_DESTRUCTIVE_ATTACK) for plugins
that may harm the remote host.
- SSL certificates & key can be imported
- corrected a bug introduced in 1.1.0 that would make the client not display
the name of the plugin currently being run.
- sending signal SIGUSR1 to nessusd makes the grandfather process (the one
who listens on tcp ports) die without killing its children, thus
allowing a smooth upgrade of nessusd
- updated config.guess and config.sub
1.1.1 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed mem leaks in NASL
- fixed a bug introduced in 1.1.0 regarding recv_line()
- fixed a bug introduced in 1.1.0 in the process management of the plugins
(all the KB would not be filled, resulting in incomplete tests)
- smb_sid2user.nasl is twice as fast ;)
1.1.0 :
. changes by Devin Kowatch (devink at SDSC.EDU) :
- fixed communication problem between client and server
- user-defined timing policy in nmap
- nessus-update-plugins uses wget (or any user-supplied command at
compilation time) if available.
. changes by Michel Arboi (arboi at bigfoot.com) :
- support for the -T option of nmap
- SSL support
. changes by Zorgon (zorgon at antionline.org) :
- support for the --os_guess option of nmap
. changes by Renaud Deraison (deraison at nessus.org) :
- the user can upload files to plugins through the client (ie: it is possible
to upload nmap's results directly to the nmap plugin)
- tests can be run in parallel now
- each user is now granted a home by nessus-adduser
- added nessus-rmuser
- per users plugins
Of course several new plugins were added as well.
2002-05-10 15:18:44 +02:00
|
|
|
lib/nessus/plugins/smb_users_autodisabled.nasl
|
|
|
|
lib/nessus/plugins/smb_users_changepw.nasl
|
|
|
|
lib/nessus/plugins/smb_users_disabled.nasl
|
|
|
|
lib/nessus/plugins/smb_users_lastpwchange.nasl
|
|
|
|
lib/nessus/plugins/smb_users_neverloggedon.nasl
|
|
|
|
lib/nessus/plugins/smb_users_pwexpiry.nasl
|
|
|
|
lib/nessus/plugins/smb_xp_ms01-059.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/smtp_bounce.nasl
|
2000-11-12 05:32:02 +01:00
|
|
|
lib/nessus/plugins/smtp_bypass_cisco.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/smtp_file.nasl
|
|
|
|
lib/nessus/plugins/smtp_helo.nasl
|
2001-08-16 19:27:53 +02:00
|
|
|
lib/nessus/plugins/smtp_ms01-037.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/smtp_program.nasl
|
|
|
|
lib/nessus/plugins/smtp_relay.nasl
|
|
|
|
lib/nessus/plugins/smtpserver_detect.nasl
|
2001-06-17 15:25:54 +02:00
|
|
|
lib/nessus/plugins/snmpXdmid.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/snmp_default_communities.nasl
|
|
|
|
lib/nessus/plugins/snmp_detect.nasl
|
|
|
|
lib/nessus/plugins/snmp_dos.nasl
|
2001-01-28 19:52:32 +01:00
|
|
|
lib/nessus/plugins/snmp_ifaces.nasl
|
|
|
|
lib/nessus/plugins/snmp_lanman_services.nasl
|
|
|
|
lib/nessus/plugins/snmp_lanman_shares.nasl
|
|
|
|
lib/nessus/plugins/snmp_lanman_users.nasl
|
Update libnasl, nessus{-core,-libraries,-plugins} to 1.2.0.
1.1.15/1.2.0 :
. changes by Nicolas Dubee (ndubee@secway.com) :
- Better support for AF_UNIX sockets
. changes by Brian (bmc@snort.org) :
- CVE references
- several bugfixes in the plugins
. changes by Peter Gründl (pgrundl@kpmg.dk) and
Carsten Joergensen (carstenjoergensen@kpmg.dk) :
- Extensive review of the plugins and therefore numerous fixes
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- FD leak in save_kb.c fixed
. changes by Renaud Deraison (deraison at nessus.org)
- It is now possible to upload files to the server when using
the command line client
- lrand48() portability problems worked around
- fixed a bug in the report window that would make it crash
randomly
1.1.14 :
. changes by Renaud Deraison (deraison at nessus.org)
- SMB fixes (thanks to Michael Scheidell)
- When the safe checks option is enabled, dangerous tests with no
alternate code (ie: plugins of type ACT_DESTRUCTIVE_ATTACK and
ACT_DENIAL) are disabled
- Hosts can be designated by their MAC address of instead of their
IP address (mostly useful for DHCP networks)
- Fixed a bug in the report generation which would replace newlines (\n)
by semi-columns (;)
- Fixed a bug in the export of some types of reports, where open ports
with no data associated would not be saved
- Integrated THC's Hydra as a Nessus plugin
- Added new NT security checks (related to user management)
- Plugins of type ACT_SETTINGS can not be disabled
- Fixed a bug which would make nessusd hang when a scanner was reporting
too many open ports (as when a UDP scan reports all UDP ports as
being open)
. changes by Dion Stempfley (dion at riptech.com)
- The client can now filter on category
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- Fixed some plugins causing error messages in some circumstances
(dns_xfer.nasl, snmp_processes.nasl...)
- Stylish changes to prevent gcc -Wall from whining in some files
- XML NG output is now XML compliant
- Bug fixes
. changes by Jenni Scott (jenni.scott@guardent.com) and
Michael Slifcak (michael.slifcak@guardent.com) :
- Improved the reporting of the plugins (better consistency, better
wording)
1.1.13 :
. changes by Michel Arboi (arboi at algoriel.fr)
- New family ACT_SETTINGS dedicated to plugins which just let the user
enter some preferences
- Optional NIDS evasion techniques (url encoding, tcp slicing)
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug in the command line client which would make it ignore
some preferences
- SMB checks can now log into a Windows domain
- NIDS evasion techniques (data injection, short ttl)
- Fixed a bug which would randomly stall the scan
1.1.12 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workarounds on FreeBSD to prevent a kernel panic
(thanks to Michael Scheidell and Stefan Esser)
- nessus can export reports as other file formats again
1.1.11 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug regarding the saving of reports from the GUI
- Improved the backend in many ways (speed-wise, content-wise)
- Changes in the protocol
- More messages are sent between the server and the client (timestamps,
plugins version, ...)
- New .nbe file format, which looks like .nsr but has more information
in it
- Plugins now have versions numbers.
- The user can upload his plugins to the nessusd server from the client
- It is now possible to upload files to the server (ie: nmap's results) in
command-line mode
- Fixed false positives in SNMP plugins when launched against a non-configured
Solaris snmpd
. changes by Guillaume Valadon (guillaume at valadon.net)
- New XML output (the XML layout was defined by Lionel Cons [lionel.cons at cern.ch])
1.1.10 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug introduced in 1.1.9 which would sometimes prevent a user from
aborting an on-going test
- Fixed a bug in the client which would prevent the user from setting a port
range longer than 255 chars
- Fixed bugs in pcap_next() (thanks to Richard van den Berg). Also, pcap_next() is now more flexible.
- Fixed a bug in the command line client which would make it close the
communication too early when the client - server communication is not
ciphered
- Added an "auto-load dependencies at runtime" option
1.1.9 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fix in the GUI, when closing a saved report
- Fixed a bug in ftp_log_in() which would prevent nasl script from
logging into some FTP servers
- Solaris build problems fixed
- Darwin 1.4.1 build problems fixed
- MkLinux DR3 build problems fixed (is anyone using it anymore ?)
- GTK 1.0.x build problems fixed (the use of GTK 1.2 is recommended though)
- Fixed the "wrong call to getopt" problem which would make Nessus
segfault when built with cygwin, and which would prevent options
from working under Solaris & FreeBSD (thanks to Udo Schweigert)
- SMB checks speedup (thanks to Georges Dagousset's suggestion)
- Fixed a bug in the client - server communication that would make the
server close the communication when the client is idle
- Better support for AF_UNIX socket for client-server communication
(compile nessus-core with ./configure --enable-unix-socket)
- Plugins are disabled by default in batch mode
. changes by Michel Arboi (arboi at algoriel.fr)
- Client now properly checks the certificate of the server
. changes by Benoit Brodard (bbrodard at arkoon.net)
- fixed bugs in nasl/tcp.c (checksum, handling of unsigned int)
1.1.8 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workaround for systems with a low number of bpfs (OpenBSD, Darwin)
- Added some length checks for SMB checks
- No more zombies
- Fixed accounts.nes
- Fixed the reporting of the client (reports would be mixed)
- Client removes tempfiles when exiting
- Repaired ptyexecvp() which would not work on Solaris
- Slight bugfix in the NASL interpretor
. changes by Georges Dagousset (georges at alert4web.com)
- More optimizations
- Properly reloads KBs with the same value defined more than once
- Fixes in some plugins dependencies
. changes by Michael Slifcak <Michael.Slifcak at guardent.com>
- More nmap options
- Quiet mode in nessus-adduser
1.1.7 :
. changes by Renaud Deraison (deraison at nessus.org)
- Compiles on platforms without OpenSSL
- Better Solaris support
- Ported under Darwin (many thanks to Dieter Fiebelkorn
(dieter at fiebelkorn.net) who actually started the port and helped
me test this)
- Unscanned ports can now be considered as closed or open (instead of
just open), at user choice
- Upgraded to libtool 1.4.2
- fixed a bug in the client which would make it display the wrong report
when doing multiple scans
- enhanced the plugins filter (that appear when pressing 'l' in the GUI)
- fixed a serious problem in the SMB plugins which would prevent them to work
against Samba and which would make them slow against Windows (pointed out
by Georges Dagousset)
. changes by Iouri Pletnev (Iouri.Pletnec at xacta.com)
- Ported under Cygwin
. changes by Michel Arboi (arboi at algoriel.fr)
- Added nessus-mkrand for hosts with no /dev/random AND no EGD
running
1.1.6 :
. changes by Renaud Deraison (deraison at nessus.org)
- EGD support for OpenSSL (do ./configure --enable-egd=/path/to/egd/socket
in nessus-libraries)
- KB items are now stored with individual dates instead of a global
date for the whole KB file. Yes, this means you have to delete your
old KB files
- When an host could not be pinged, his KB is not altered (nor created)
- fixed memory leaks in nessusd
- nessus-mkcert checks that the certificates were really created
before congratulating the user
- fixed a security problem where anybody with a shell on the nessusd
host could log in
1.1.5 :
. changes by Georges Dagousset (georges.dagousset at alert4web.com) :
- new KB entries for further "optimizations"
- improved find_services.nes
. changes by Renaud Deraison (deraison at nessus.org) :
- cleaned up the KB
- added doc/kb_entries.txt
- bugfix in find_services regarding the pem password
- new reporting GUI
- fixed a problem which would leave some plugin run against a host
considered as dead
- the KB are now stored with properly escaped \n and \r chars
- greatly improved tcp_ping.nasl (and tcp_ping() in libnasl)
. changes by Michel Arboi (arboi at algoriel.fr) :
- replaced PEKS by OpenSSL in the client/server communication
. changes by H D Moore (hdm@secureaustin.com)
- fixed no404.nasl
1.1.4 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed find_services.nes
- plugins that are slow to finish are _really_ killed by the server
- the client better handles the scan of big networks
- nmap_wrapper now updates its progress bar
- nessus-update-plugins support proxies (with or without authentication)
- monitor_backend.c and data_mining.c allow any developer to plug
a database behind the client (by default flatfiles are used)
- bug fixed in nmap_wrapper which would make it kill its parent
process randomly
- minor fix in the tcp_ping() function of NASL (ack would be set
to non-zero for a syn packet)
- fixed Alexis's ftp_write_dirs.nes & ftp_bounce_scan.nes
. changes by Michel Arboi (arboi at noos.fr) :
- find_services accepts password-protected .pem files
- patches in the way files were transmitted between the client
and the server (which could end up in a deadlock)
. changes by Alexis de Bernis <alexisb at tpfh.org) :
- fixed ftp_write_dirs.nes
1.1.3 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'torturecgis.nasl' which supplies bogus args to
the remote CGIs, in order to find the most blantantly broken
ones
- webmirror.nasl now retrieves the list of arguments of each
CGI.
- added filter support in the client. Use the key 'l' to filter
out plugins you don't want to see.
- added the 'safe checks' option which allow the user to not disturb
the network (but which weakens the Nessus tests)
- disabled backward support for port 3001 - the official port
is 1241 now.
1.1.2 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'webmirror.nasl', which extracts the list of
CGIs used by a remote web server (and will do much more).
- fixed a problem in NASL due to the SSL patch that would cause
a fd leak with some plugins.
- added a new plugin category (ACT_DESTRUCTIVE_ATTACK) for plugins
that may harm the remote host.
- SSL certificates & key can be imported
- corrected a bug introduced in 1.1.0 that would make the client not display
the name of the plugin currently being run.
- sending signal SIGUSR1 to nessusd makes the grandfather process (the one
who listens on tcp ports) die without killing its children, thus
allowing a smooth upgrade of nessusd
- updated config.guess and config.sub
1.1.1 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed mem leaks in NASL
- fixed a bug introduced in 1.1.0 regarding recv_line()
- fixed a bug introduced in 1.1.0 in the process management of the plugins
(all the KB would not be filled, resulting in incomplete tests)
- smb_sid2user.nasl is twice as fast ;)
1.1.0 :
. changes by Devin Kowatch (devink at SDSC.EDU) :
- fixed communication problem between client and server
- user-defined timing policy in nmap
- nessus-update-plugins uses wget (or any user-supplied command at
compilation time) if available.
. changes by Michel Arboi (arboi at bigfoot.com) :
- support for the -T option of nmap
- SSL support
. changes by Zorgon (zorgon at antionline.org) :
- support for the --os_guess option of nmap
. changes by Renaud Deraison (deraison at nessus.org) :
- the user can upload files to plugins through the client (ie: it is possible
to upload nmap's results directly to the nmap plugin)
- tests can be run in parallel now
- each user is now granted a home by nessus-adduser
- added nessus-rmuser
- per users plugins
Of course several new plugins were added as well.
2002-05-10 15:18:44 +02:00
|
|
|
lib/nessus/plugins/snmp_oversized_length_field_dos.nasl
|
|
|
|
lib/nessus/plugins/snmp_oversized_length_field_two.nasl
|
|
|
|
lib/nessus/plugins/snmp_portscan.nes
|
2001-01-28 19:52:32 +01:00
|
|
|
lib/nessus/plugins/snmp_processes.nasl
|
2001-12-30 19:38:53 +01:00
|
|
|
lib/nessus/plugins/snmp_sysDesc.nasl
|
2001-08-16 19:27:53 +02:00
|
|
|
lib/nessus/plugins/snmp_vacm.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/sojourn.nasl
|
|
|
|
lib/nessus/plugins/spinclient.nasl
|
2001-12-30 19:38:53 +01:00
|
|
|
lib/nessus/plugins/sqlqhit_information_disclosure.nasl
|
|
|
|
lib/nessus/plugins/squid_dos.nasl
|
Update libnasl, nessus{-core,-libraries,-plugins} to 1.2.0.
1.1.15/1.2.0 :
. changes by Nicolas Dubee (ndubee@secway.com) :
- Better support for AF_UNIX sockets
. changes by Brian (bmc@snort.org) :
- CVE references
- several bugfixes in the plugins
. changes by Peter Gründl (pgrundl@kpmg.dk) and
Carsten Joergensen (carstenjoergensen@kpmg.dk) :
- Extensive review of the plugins and therefore numerous fixes
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- FD leak in save_kb.c fixed
. changes by Renaud Deraison (deraison at nessus.org)
- It is now possible to upload files to the server when using
the command line client
- lrand48() portability problems worked around
- fixed a bug in the report window that would make it crash
randomly
1.1.14 :
. changes by Renaud Deraison (deraison at nessus.org)
- SMB fixes (thanks to Michael Scheidell)
- When the safe checks option is enabled, dangerous tests with no
alternate code (ie: plugins of type ACT_DESTRUCTIVE_ATTACK and
ACT_DENIAL) are disabled
- Hosts can be designated by their MAC address of instead of their
IP address (mostly useful for DHCP networks)
- Fixed a bug in the report generation which would replace newlines (\n)
by semi-columns (;)
- Fixed a bug in the export of some types of reports, where open ports
with no data associated would not be saved
- Integrated THC's Hydra as a Nessus plugin
- Added new NT security checks (related to user management)
- Plugins of type ACT_SETTINGS can not be disabled
- Fixed a bug which would make nessusd hang when a scanner was reporting
too many open ports (as when a UDP scan reports all UDP ports as
being open)
. changes by Dion Stempfley (dion at riptech.com)
- The client can now filter on category
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- Fixed some plugins causing error messages in some circumstances
(dns_xfer.nasl, snmp_processes.nasl...)
- Stylish changes to prevent gcc -Wall from whining in some files
- XML NG output is now XML compliant
- Bug fixes
. changes by Jenni Scott (jenni.scott@guardent.com) and
Michael Slifcak (michael.slifcak@guardent.com) :
- Improved the reporting of the plugins (better consistency, better
wording)
1.1.13 :
. changes by Michel Arboi (arboi at algoriel.fr)
- New family ACT_SETTINGS dedicated to plugins which just let the user
enter some preferences
- Optional NIDS evasion techniques (url encoding, tcp slicing)
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug in the command line client which would make it ignore
some preferences
- SMB checks can now log into a Windows domain
- NIDS evasion techniques (data injection, short ttl)
- Fixed a bug which would randomly stall the scan
1.1.12 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workarounds on FreeBSD to prevent a kernel panic
(thanks to Michael Scheidell and Stefan Esser)
- nessus can export reports as other file formats again
1.1.11 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug regarding the saving of reports from the GUI
- Improved the backend in many ways (speed-wise, content-wise)
- Changes in the protocol
- More messages are sent between the server and the client (timestamps,
plugins version, ...)
- New .nbe file format, which looks like .nsr but has more information
in it
- Plugins now have versions numbers.
- The user can upload his plugins to the nessusd server from the client
- It is now possible to upload files to the server (ie: nmap's results) in
command-line mode
- Fixed false positives in SNMP plugins when launched against a non-configured
Solaris snmpd
. changes by Guillaume Valadon (guillaume at valadon.net)
- New XML output (the XML layout was defined by Lionel Cons [lionel.cons at cern.ch])
1.1.10 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug introduced in 1.1.9 which would sometimes prevent a user from
aborting an on-going test
- Fixed a bug in the client which would prevent the user from setting a port
range longer than 255 chars
- Fixed bugs in pcap_next() (thanks to Richard van den Berg). Also, pcap_next() is now more flexible.
- Fixed a bug in the command line client which would make it close the
communication too early when the client - server communication is not
ciphered
- Added an "auto-load dependencies at runtime" option
1.1.9 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fix in the GUI, when closing a saved report
- Fixed a bug in ftp_log_in() which would prevent nasl script from
logging into some FTP servers
- Solaris build problems fixed
- Darwin 1.4.1 build problems fixed
- MkLinux DR3 build problems fixed (is anyone using it anymore ?)
- GTK 1.0.x build problems fixed (the use of GTK 1.2 is recommended though)
- Fixed the "wrong call to getopt" problem which would make Nessus
segfault when built with cygwin, and which would prevent options
from working under Solaris & FreeBSD (thanks to Udo Schweigert)
- SMB checks speedup (thanks to Georges Dagousset's suggestion)
- Fixed a bug in the client - server communication that would make the
server close the communication when the client is idle
- Better support for AF_UNIX socket for client-server communication
(compile nessus-core with ./configure --enable-unix-socket)
- Plugins are disabled by default in batch mode
. changes by Michel Arboi (arboi at algoriel.fr)
- Client now properly checks the certificate of the server
. changes by Benoit Brodard (bbrodard at arkoon.net)
- fixed bugs in nasl/tcp.c (checksum, handling of unsigned int)
1.1.8 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workaround for systems with a low number of bpfs (OpenBSD, Darwin)
- Added some length checks for SMB checks
- No more zombies
- Fixed accounts.nes
- Fixed the reporting of the client (reports would be mixed)
- Client removes tempfiles when exiting
- Repaired ptyexecvp() which would not work on Solaris
- Slight bugfix in the NASL interpretor
. changes by Georges Dagousset (georges at alert4web.com)
- More optimizations
- Properly reloads KBs with the same value defined more than once
- Fixes in some plugins dependencies
. changes by Michael Slifcak <Michael.Slifcak at guardent.com>
- More nmap options
- Quiet mode in nessus-adduser
1.1.7 :
. changes by Renaud Deraison (deraison at nessus.org)
- Compiles on platforms without OpenSSL
- Better Solaris support
- Ported under Darwin (many thanks to Dieter Fiebelkorn
(dieter at fiebelkorn.net) who actually started the port and helped
me test this)
- Unscanned ports can now be considered as closed or open (instead of
just open), at user choice
- Upgraded to libtool 1.4.2
- fixed a bug in the client which would make it display the wrong report
when doing multiple scans
- enhanced the plugins filter (that appear when pressing 'l' in the GUI)
- fixed a serious problem in the SMB plugins which would prevent them to work
against Samba and which would make them slow against Windows (pointed out
by Georges Dagousset)
. changes by Iouri Pletnev (Iouri.Pletnec at xacta.com)
- Ported under Cygwin
. changes by Michel Arboi (arboi at algoriel.fr)
- Added nessus-mkrand for hosts with no /dev/random AND no EGD
running
1.1.6 :
. changes by Renaud Deraison (deraison at nessus.org)
- EGD support for OpenSSL (do ./configure --enable-egd=/path/to/egd/socket
in nessus-libraries)
- KB items are now stored with individual dates instead of a global
date for the whole KB file. Yes, this means you have to delete your
old KB files
- When an host could not be pinged, his KB is not altered (nor created)
- fixed memory leaks in nessusd
- nessus-mkcert checks that the certificates were really created
before congratulating the user
- fixed a security problem where anybody with a shell on the nessusd
host could log in
1.1.5 :
. changes by Georges Dagousset (georges.dagousset at alert4web.com) :
- new KB entries for further "optimizations"
- improved find_services.nes
. changes by Renaud Deraison (deraison at nessus.org) :
- cleaned up the KB
- added doc/kb_entries.txt
- bugfix in find_services regarding the pem password
- new reporting GUI
- fixed a problem which would leave some plugin run against a host
considered as dead
- the KB are now stored with properly escaped \n and \r chars
- greatly improved tcp_ping.nasl (and tcp_ping() in libnasl)
. changes by Michel Arboi (arboi at algoriel.fr) :
- replaced PEKS by OpenSSL in the client/server communication
. changes by H D Moore (hdm@secureaustin.com)
- fixed no404.nasl
1.1.4 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed find_services.nes
- plugins that are slow to finish are _really_ killed by the server
- the client better handles the scan of big networks
- nmap_wrapper now updates its progress bar
- nessus-update-plugins support proxies (with or without authentication)
- monitor_backend.c and data_mining.c allow any developer to plug
a database behind the client (by default flatfiles are used)
- bug fixed in nmap_wrapper which would make it kill its parent
process randomly
- minor fix in the tcp_ping() function of NASL (ack would be set
to non-zero for a syn packet)
- fixed Alexis's ftp_write_dirs.nes & ftp_bounce_scan.nes
. changes by Michel Arboi (arboi at noos.fr) :
- find_services accepts password-protected .pem files
- patches in the way files were transmitted between the client
and the server (which could end up in a deadlock)
. changes by Alexis de Bernis <alexisb at tpfh.org) :
- fixed ftp_write_dirs.nes
1.1.3 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'torturecgis.nasl' which supplies bogus args to
the remote CGIs, in order to find the most blantantly broken
ones
- webmirror.nasl now retrieves the list of arguments of each
CGI.
- added filter support in the client. Use the key 'l' to filter
out plugins you don't want to see.
- added the 'safe checks' option which allow the user to not disturb
the network (but which weakens the Nessus tests)
- disabled backward support for port 3001 - the official port
is 1241 now.
1.1.2 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'webmirror.nasl', which extracts the list of
CGIs used by a remote web server (and will do much more).
- fixed a problem in NASL due to the SSL patch that would cause
a fd leak with some plugins.
- added a new plugin category (ACT_DESTRUCTIVE_ATTACK) for plugins
that may harm the remote host.
- SSL certificates & key can be imported
- corrected a bug introduced in 1.1.0 that would make the client not display
the name of the plugin currently being run.
- sending signal SIGUSR1 to nessusd makes the grandfather process (the one
who listens on tcp ports) die without killing its children, thus
allowing a smooth upgrade of nessusd
- updated config.guess and config.sub
1.1.1 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed mem leaks in NASL
- fixed a bug introduced in 1.1.0 regarding recv_line()
- fixed a bug introduced in 1.1.0 in the process management of the plugins
(all the KB would not be filled, resulting in incomplete tests)
- smb_sid2user.nasl is twice as fast ;)
1.1.0 :
. changes by Devin Kowatch (devink at SDSC.EDU) :
- fixed communication problem between client and server
- user-defined timing policy in nmap
- nessus-update-plugins uses wget (or any user-supplied command at
compilation time) if available.
. changes by Michel Arboi (arboi at bigfoot.com) :
- support for the -T option of nmap
- SSL support
. changes by Zorgon (zorgon at antionline.org) :
- support for the --os_guess option of nmap
. changes by Renaud Deraison (deraison at nessus.org) :
- the user can upload files to plugins through the client (ie: it is possible
to upload nmap's results directly to the nmap plugin)
- tests can be run in parallel now
- each user is now granted a home by nessus-adduser
- added nessus-rmuser
- per users plugins
Of course several new plugins were added as well.
2002-05-10 15:18:44 +02:00
|
|
|
lib/nessus/plugins/squid_overflows.nasl
|
|
|
|
lib/nessus/plugins/ssh1_proto_enabled.nasl
|
2001-08-16 19:27:53 +02:00
|
|
|
lib/nessus/plugins/ssh3_passwd.nasl
|
2001-06-17 15:25:54 +02:00
|
|
|
lib/nessus/plugins/ssh_crc32.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/ssh_detect.nasl
|
|
|
|
lib/nessus/plugins/ssh_insertion.nasl
|
2000-08-04 01:09:21 +02:00
|
|
|
lib/nessus/plugins/ssh_kerberos.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/ssh_overflow.nasl
|
Update libnasl, nessus{-core,-libraries,-plugins} to 1.2.0.
1.1.15/1.2.0 :
. changes by Nicolas Dubee (ndubee@secway.com) :
- Better support for AF_UNIX sockets
. changes by Brian (bmc@snort.org) :
- CVE references
- several bugfixes in the plugins
. changes by Peter Gründl (pgrundl@kpmg.dk) and
Carsten Joergensen (carstenjoergensen@kpmg.dk) :
- Extensive review of the plugins and therefore numerous fixes
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- FD leak in save_kb.c fixed
. changes by Renaud Deraison (deraison at nessus.org)
- It is now possible to upload files to the server when using
the command line client
- lrand48() portability problems worked around
- fixed a bug in the report window that would make it crash
randomly
1.1.14 :
. changes by Renaud Deraison (deraison at nessus.org)
- SMB fixes (thanks to Michael Scheidell)
- When the safe checks option is enabled, dangerous tests with no
alternate code (ie: plugins of type ACT_DESTRUCTIVE_ATTACK and
ACT_DENIAL) are disabled
- Hosts can be designated by their MAC address of instead of their
IP address (mostly useful for DHCP networks)
- Fixed a bug in the report generation which would replace newlines (\n)
by semi-columns (;)
- Fixed a bug in the export of some types of reports, where open ports
with no data associated would not be saved
- Integrated THC's Hydra as a Nessus plugin
- Added new NT security checks (related to user management)
- Plugins of type ACT_SETTINGS can not be disabled
- Fixed a bug which would make nessusd hang when a scanner was reporting
too many open ports (as when a UDP scan reports all UDP ports as
being open)
. changes by Dion Stempfley (dion at riptech.com)
- The client can now filter on category
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- Fixed some plugins causing error messages in some circumstances
(dns_xfer.nasl, snmp_processes.nasl...)
- Stylish changes to prevent gcc -Wall from whining in some files
- XML NG output is now XML compliant
- Bug fixes
. changes by Jenni Scott (jenni.scott@guardent.com) and
Michael Slifcak (michael.slifcak@guardent.com) :
- Improved the reporting of the plugins (better consistency, better
wording)
1.1.13 :
. changes by Michel Arboi (arboi at algoriel.fr)
- New family ACT_SETTINGS dedicated to plugins which just let the user
enter some preferences
- Optional NIDS evasion techniques (url encoding, tcp slicing)
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug in the command line client which would make it ignore
some preferences
- SMB checks can now log into a Windows domain
- NIDS evasion techniques (data injection, short ttl)
- Fixed a bug which would randomly stall the scan
1.1.12 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workarounds on FreeBSD to prevent a kernel panic
(thanks to Michael Scheidell and Stefan Esser)
- nessus can export reports as other file formats again
1.1.11 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug regarding the saving of reports from the GUI
- Improved the backend in many ways (speed-wise, content-wise)
- Changes in the protocol
- More messages are sent between the server and the client (timestamps,
plugins version, ...)
- New .nbe file format, which looks like .nsr but has more information
in it
- Plugins now have versions numbers.
- The user can upload his plugins to the nessusd server from the client
- It is now possible to upload files to the server (ie: nmap's results) in
command-line mode
- Fixed false positives in SNMP plugins when launched against a non-configured
Solaris snmpd
. changes by Guillaume Valadon (guillaume at valadon.net)
- New XML output (the XML layout was defined by Lionel Cons [lionel.cons at cern.ch])
1.1.10 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug introduced in 1.1.9 which would sometimes prevent a user from
aborting an on-going test
- Fixed a bug in the client which would prevent the user from setting a port
range longer than 255 chars
- Fixed bugs in pcap_next() (thanks to Richard van den Berg). Also, pcap_next() is now more flexible.
- Fixed a bug in the command line client which would make it close the
communication too early when the client - server communication is not
ciphered
- Added an "auto-load dependencies at runtime" option
1.1.9 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fix in the GUI, when closing a saved report
- Fixed a bug in ftp_log_in() which would prevent nasl script from
logging into some FTP servers
- Solaris build problems fixed
- Darwin 1.4.1 build problems fixed
- MkLinux DR3 build problems fixed (is anyone using it anymore ?)
- GTK 1.0.x build problems fixed (the use of GTK 1.2 is recommended though)
- Fixed the "wrong call to getopt" problem which would make Nessus
segfault when built with cygwin, and which would prevent options
from working under Solaris & FreeBSD (thanks to Udo Schweigert)
- SMB checks speedup (thanks to Georges Dagousset's suggestion)
- Fixed a bug in the client - server communication that would make the
server close the communication when the client is idle
- Better support for AF_UNIX socket for client-server communication
(compile nessus-core with ./configure --enable-unix-socket)
- Plugins are disabled by default in batch mode
. changes by Michel Arboi (arboi at algoriel.fr)
- Client now properly checks the certificate of the server
. changes by Benoit Brodard (bbrodard at arkoon.net)
- fixed bugs in nasl/tcp.c (checksum, handling of unsigned int)
1.1.8 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workaround for systems with a low number of bpfs (OpenBSD, Darwin)
- Added some length checks for SMB checks
- No more zombies
- Fixed accounts.nes
- Fixed the reporting of the client (reports would be mixed)
- Client removes tempfiles when exiting
- Repaired ptyexecvp() which would not work on Solaris
- Slight bugfix in the NASL interpretor
. changes by Georges Dagousset (georges at alert4web.com)
- More optimizations
- Properly reloads KBs with the same value defined more than once
- Fixes in some plugins dependencies
. changes by Michael Slifcak <Michael.Slifcak at guardent.com>
- More nmap options
- Quiet mode in nessus-adduser
1.1.7 :
. changes by Renaud Deraison (deraison at nessus.org)
- Compiles on platforms without OpenSSL
- Better Solaris support
- Ported under Darwin (many thanks to Dieter Fiebelkorn
(dieter at fiebelkorn.net) who actually started the port and helped
me test this)
- Unscanned ports can now be considered as closed or open (instead of
just open), at user choice
- Upgraded to libtool 1.4.2
- fixed a bug in the client which would make it display the wrong report
when doing multiple scans
- enhanced the plugins filter (that appear when pressing 'l' in the GUI)
- fixed a serious problem in the SMB plugins which would prevent them to work
against Samba and which would make them slow against Windows (pointed out
by Georges Dagousset)
. changes by Iouri Pletnev (Iouri.Pletnec at xacta.com)
- Ported under Cygwin
. changes by Michel Arboi (arboi at algoriel.fr)
- Added nessus-mkrand for hosts with no /dev/random AND no EGD
running
1.1.6 :
. changes by Renaud Deraison (deraison at nessus.org)
- EGD support for OpenSSL (do ./configure --enable-egd=/path/to/egd/socket
in nessus-libraries)
- KB items are now stored with individual dates instead of a global
date for the whole KB file. Yes, this means you have to delete your
old KB files
- When an host could not be pinged, his KB is not altered (nor created)
- fixed memory leaks in nessusd
- nessus-mkcert checks that the certificates were really created
before congratulating the user
- fixed a security problem where anybody with a shell on the nessusd
host could log in
1.1.5 :
. changes by Georges Dagousset (georges.dagousset at alert4web.com) :
- new KB entries for further "optimizations"
- improved find_services.nes
. changes by Renaud Deraison (deraison at nessus.org) :
- cleaned up the KB
- added doc/kb_entries.txt
- bugfix in find_services regarding the pem password
- new reporting GUI
- fixed a problem which would leave some plugin run against a host
considered as dead
- the KB are now stored with properly escaped \n and \r chars
- greatly improved tcp_ping.nasl (and tcp_ping() in libnasl)
. changes by Michel Arboi (arboi at algoriel.fr) :
- replaced PEKS by OpenSSL in the client/server communication
. changes by H D Moore (hdm@secureaustin.com)
- fixed no404.nasl
1.1.4 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed find_services.nes
- plugins that are slow to finish are _really_ killed by the server
- the client better handles the scan of big networks
- nmap_wrapper now updates its progress bar
- nessus-update-plugins support proxies (with or without authentication)
- monitor_backend.c and data_mining.c allow any developer to plug
a database behind the client (by default flatfiles are used)
- bug fixed in nmap_wrapper which would make it kill its parent
process randomly
- minor fix in the tcp_ping() function of NASL (ack would be set
to non-zero for a syn packet)
- fixed Alexis's ftp_write_dirs.nes & ftp_bounce_scan.nes
. changes by Michel Arboi (arboi at noos.fr) :
- find_services accepts password-protected .pem files
- patches in the way files were transmitted between the client
and the server (which could end up in a deadlock)
. changes by Alexis de Bernis <alexisb at tpfh.org) :
- fixed ftp_write_dirs.nes
1.1.3 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'torturecgis.nasl' which supplies bogus args to
the remote CGIs, in order to find the most blantantly broken
ones
- webmirror.nasl now retrieves the list of arguments of each
CGI.
- added filter support in the client. Use the key 'l' to filter
out plugins you don't want to see.
- added the 'safe checks' option which allow the user to not disturb
the network (but which weakens the Nessus tests)
- disabled backward support for port 3001 - the official port
is 1241 now.
1.1.2 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'webmirror.nasl', which extracts the list of
CGIs used by a remote web server (and will do much more).
- fixed a problem in NASL due to the SSL patch that would cause
a fd leak with some plugins.
- added a new plugin category (ACT_DESTRUCTIVE_ATTACK) for plugins
that may harm the remote host.
- SSL certificates & key can be imported
- corrected a bug introduced in 1.1.0 that would make the client not display
the name of the plugin currently being run.
- sending signal SIGUSR1 to nessusd makes the grandfather process (the one
who listens on tcp ports) die without killing its children, thus
allowing a smooth upgrade of nessusd
- updated config.guess and config.sub
1.1.1 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed mem leaks in NASL
- fixed a bug introduced in 1.1.0 regarding recv_line()
- fixed a bug introduced in 1.1.0 in the process management of the plugins
(all the KB would not be filled, resulting in incomplete tests)
- smb_sid2user.nasl is twice as fast ;)
1.1.0 :
. changes by Devin Kowatch (devink at SDSC.EDU) :
- fixed communication problem between client and server
- user-defined timing policy in nmap
- nessus-update-plugins uses wget (or any user-supplied command at
compilation time) if available.
. changes by Michel Arboi (arboi at bigfoot.com) :
- support for the -T option of nmap
- SSL support
. changes by Zorgon (zorgon at antionline.org) :
- support for the --os_guess option of nmap
. changes by Renaud Deraison (deraison at nessus.org) :
- the user can upload files to plugins through the client (ie: it is possible
to upload nmap's results directly to the nmap plugin)
- tests can be run in parallel now
- each user is now granted a home by nessus-adduser
- added nessus-rmuser
- per users plugins
Of course several new plugins were added as well.
2002-05-10 15:18:44 +02:00
|
|
|
lib/nessus/plugins/ssh_proto_version.nasl
|
|
|
|
lib/nessus/plugins/ssl_ciphers.nes
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/stacheldraht.nasl
|
2001-01-28 19:52:32 +01:00
|
|
|
lib/nessus/plugins/statd_format_string.nasl
|
2001-06-17 15:25:54 +02:00
|
|
|
lib/nessus/plugins/store_cgi.nasl
|
2001-12-30 19:38:53 +01:00
|
|
|
lib/nessus/plugins/story.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/stream.nasl
|
2001-12-30 19:38:53 +01:00
|
|
|
lib/nessus/plugins/stronghold.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/subseven.nasl
|
Update libnasl, nessus{-core,-libraries,-plugins} to 1.2.0.
1.1.15/1.2.0 :
. changes by Nicolas Dubee (ndubee@secway.com) :
- Better support for AF_UNIX sockets
. changes by Brian (bmc@snort.org) :
- CVE references
- several bugfixes in the plugins
. changes by Peter Gründl (pgrundl@kpmg.dk) and
Carsten Joergensen (carstenjoergensen@kpmg.dk) :
- Extensive review of the plugins and therefore numerous fixes
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- FD leak in save_kb.c fixed
. changes by Renaud Deraison (deraison at nessus.org)
- It is now possible to upload files to the server when using
the command line client
- lrand48() portability problems worked around
- fixed a bug in the report window that would make it crash
randomly
1.1.14 :
. changes by Renaud Deraison (deraison at nessus.org)
- SMB fixes (thanks to Michael Scheidell)
- When the safe checks option is enabled, dangerous tests with no
alternate code (ie: plugins of type ACT_DESTRUCTIVE_ATTACK and
ACT_DENIAL) are disabled
- Hosts can be designated by their MAC address of instead of their
IP address (mostly useful for DHCP networks)
- Fixed a bug in the report generation which would replace newlines (\n)
by semi-columns (;)
- Fixed a bug in the export of some types of reports, where open ports
with no data associated would not be saved
- Integrated THC's Hydra as a Nessus plugin
- Added new NT security checks (related to user management)
- Plugins of type ACT_SETTINGS can not be disabled
- Fixed a bug which would make nessusd hang when a scanner was reporting
too many open ports (as when a UDP scan reports all UDP ports as
being open)
. changes by Dion Stempfley (dion at riptech.com)
- The client can now filter on category
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- Fixed some plugins causing error messages in some circumstances
(dns_xfer.nasl, snmp_processes.nasl...)
- Stylish changes to prevent gcc -Wall from whining in some files
- XML NG output is now XML compliant
- Bug fixes
. changes by Jenni Scott (jenni.scott@guardent.com) and
Michael Slifcak (michael.slifcak@guardent.com) :
- Improved the reporting of the plugins (better consistency, better
wording)
1.1.13 :
. changes by Michel Arboi (arboi at algoriel.fr)
- New family ACT_SETTINGS dedicated to plugins which just let the user
enter some preferences
- Optional NIDS evasion techniques (url encoding, tcp slicing)
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug in the command line client which would make it ignore
some preferences
- SMB checks can now log into a Windows domain
- NIDS evasion techniques (data injection, short ttl)
- Fixed a bug which would randomly stall the scan
1.1.12 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workarounds on FreeBSD to prevent a kernel panic
(thanks to Michael Scheidell and Stefan Esser)
- nessus can export reports as other file formats again
1.1.11 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug regarding the saving of reports from the GUI
- Improved the backend in many ways (speed-wise, content-wise)
- Changes in the protocol
- More messages are sent between the server and the client (timestamps,
plugins version, ...)
- New .nbe file format, which looks like .nsr but has more information
in it
- Plugins now have versions numbers.
- The user can upload his plugins to the nessusd server from the client
- It is now possible to upload files to the server (ie: nmap's results) in
command-line mode
- Fixed false positives in SNMP plugins when launched against a non-configured
Solaris snmpd
. changes by Guillaume Valadon (guillaume at valadon.net)
- New XML output (the XML layout was defined by Lionel Cons [lionel.cons at cern.ch])
1.1.10 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug introduced in 1.1.9 which would sometimes prevent a user from
aborting an on-going test
- Fixed a bug in the client which would prevent the user from setting a port
range longer than 255 chars
- Fixed bugs in pcap_next() (thanks to Richard van den Berg). Also, pcap_next() is now more flexible.
- Fixed a bug in the command line client which would make it close the
communication too early when the client - server communication is not
ciphered
- Added an "auto-load dependencies at runtime" option
1.1.9 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fix in the GUI, when closing a saved report
- Fixed a bug in ftp_log_in() which would prevent nasl script from
logging into some FTP servers
- Solaris build problems fixed
- Darwin 1.4.1 build problems fixed
- MkLinux DR3 build problems fixed (is anyone using it anymore ?)
- GTK 1.0.x build problems fixed (the use of GTK 1.2 is recommended though)
- Fixed the "wrong call to getopt" problem which would make Nessus
segfault when built with cygwin, and which would prevent options
from working under Solaris & FreeBSD (thanks to Udo Schweigert)
- SMB checks speedup (thanks to Georges Dagousset's suggestion)
- Fixed a bug in the client - server communication that would make the
server close the communication when the client is idle
- Better support for AF_UNIX socket for client-server communication
(compile nessus-core with ./configure --enable-unix-socket)
- Plugins are disabled by default in batch mode
. changes by Michel Arboi (arboi at algoriel.fr)
- Client now properly checks the certificate of the server
. changes by Benoit Brodard (bbrodard at arkoon.net)
- fixed bugs in nasl/tcp.c (checksum, handling of unsigned int)
1.1.8 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workaround for systems with a low number of bpfs (OpenBSD, Darwin)
- Added some length checks for SMB checks
- No more zombies
- Fixed accounts.nes
- Fixed the reporting of the client (reports would be mixed)
- Client removes tempfiles when exiting
- Repaired ptyexecvp() which would not work on Solaris
- Slight bugfix in the NASL interpretor
. changes by Georges Dagousset (georges at alert4web.com)
- More optimizations
- Properly reloads KBs with the same value defined more than once
- Fixes in some plugins dependencies
. changes by Michael Slifcak <Michael.Slifcak at guardent.com>
- More nmap options
- Quiet mode in nessus-adduser
1.1.7 :
. changes by Renaud Deraison (deraison at nessus.org)
- Compiles on platforms without OpenSSL
- Better Solaris support
- Ported under Darwin (many thanks to Dieter Fiebelkorn
(dieter at fiebelkorn.net) who actually started the port and helped
me test this)
- Unscanned ports can now be considered as closed or open (instead of
just open), at user choice
- Upgraded to libtool 1.4.2
- fixed a bug in the client which would make it display the wrong report
when doing multiple scans
- enhanced the plugins filter (that appear when pressing 'l' in the GUI)
- fixed a serious problem in the SMB plugins which would prevent them to work
against Samba and which would make them slow against Windows (pointed out
by Georges Dagousset)
. changes by Iouri Pletnev (Iouri.Pletnec at xacta.com)
- Ported under Cygwin
. changes by Michel Arboi (arboi at algoriel.fr)
- Added nessus-mkrand for hosts with no /dev/random AND no EGD
running
1.1.6 :
. changes by Renaud Deraison (deraison at nessus.org)
- EGD support for OpenSSL (do ./configure --enable-egd=/path/to/egd/socket
in nessus-libraries)
- KB items are now stored with individual dates instead of a global
date for the whole KB file. Yes, this means you have to delete your
old KB files
- When an host could not be pinged, his KB is not altered (nor created)
- fixed memory leaks in nessusd
- nessus-mkcert checks that the certificates were really created
before congratulating the user
- fixed a security problem where anybody with a shell on the nessusd
host could log in
1.1.5 :
. changes by Georges Dagousset (georges.dagousset at alert4web.com) :
- new KB entries for further "optimizations"
- improved find_services.nes
. changes by Renaud Deraison (deraison at nessus.org) :
- cleaned up the KB
- added doc/kb_entries.txt
- bugfix in find_services regarding the pem password
- new reporting GUI
- fixed a problem which would leave some plugin run against a host
considered as dead
- the KB are now stored with properly escaped \n and \r chars
- greatly improved tcp_ping.nasl (and tcp_ping() in libnasl)
. changes by Michel Arboi (arboi at algoriel.fr) :
- replaced PEKS by OpenSSL in the client/server communication
. changes by H D Moore (hdm@secureaustin.com)
- fixed no404.nasl
1.1.4 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed find_services.nes
- plugins that are slow to finish are _really_ killed by the server
- the client better handles the scan of big networks
- nmap_wrapper now updates its progress bar
- nessus-update-plugins support proxies (with or without authentication)
- monitor_backend.c and data_mining.c allow any developer to plug
a database behind the client (by default flatfiles are used)
- bug fixed in nmap_wrapper which would make it kill its parent
process randomly
- minor fix in the tcp_ping() function of NASL (ack would be set
to non-zero for a syn packet)
- fixed Alexis's ftp_write_dirs.nes & ftp_bounce_scan.nes
. changes by Michel Arboi (arboi at noos.fr) :
- find_services accepts password-protected .pem files
- patches in the way files were transmitted between the client
and the server (which could end up in a deadlock)
. changes by Alexis de Bernis <alexisb at tpfh.org) :
- fixed ftp_write_dirs.nes
1.1.3 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'torturecgis.nasl' which supplies bogus args to
the remote CGIs, in order to find the most blantantly broken
ones
- webmirror.nasl now retrieves the list of arguments of each
CGI.
- added filter support in the client. Use the key 'l' to filter
out plugins you don't want to see.
- added the 'safe checks' option which allow the user to not disturb
the network (but which weakens the Nessus tests)
- disabled backward support for port 3001 - the official port
is 1241 now.
1.1.2 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'webmirror.nasl', which extracts the list of
CGIs used by a remote web server (and will do much more).
- fixed a problem in NASL due to the SSL patch that would cause
a fd leak with some plugins.
- added a new plugin category (ACT_DESTRUCTIVE_ATTACK) for plugins
that may harm the remote host.
- SSL certificates & key can be imported
- corrected a bug introduced in 1.1.0 that would make the client not display
the name of the plugin currently being run.
- sending signal SIGUSR1 to nessusd makes the grandfather process (the one
who listens on tcp ports) die without killing its children, thus
allowing a smooth upgrade of nessusd
- updated config.guess and config.sub
1.1.1 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed mem leaks in NASL
- fixed a bug introduced in 1.1.0 regarding recv_line()
- fixed a bug introduced in 1.1.0 in the process management of the plugins
(all the KB would not be filled, resulting in incomplete tests)
- smb_sid2user.nasl is twice as fast ;)
1.1.0 :
. changes by Devin Kowatch (devink at SDSC.EDU) :
- fixed communication problem between client and server
- user-defined timing policy in nmap
- nessus-update-plugins uses wget (or any user-supplied command at
compilation time) if available.
. changes by Michel Arboi (arboi at bigfoot.com) :
- support for the -T option of nmap
- SSL support
. changes by Zorgon (zorgon at antionline.org) :
- support for the --os_guess option of nmap
. changes by Renaud Deraison (deraison at nessus.org) :
- the user can upload files to plugins through the client (ie: it is possible
to upload nmap's results directly to the nmap plugin)
- tests can be run in parallel now
- each user is now granted a home by nessus-adduser
- added nessus-rmuser
- per users plugins
Of course several new plugins were added as well.
2002-05-10 15:18:44 +02:00
|
|
|
lib/nessus/plugins/sun_cobalt_adaptive_firewall_detect.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/sunkill.nasl
|
2000-10-15 19:19:49 +02:00
|
|
|
lib/nessus/plugins/suse_cgi_bin_sdb.nasl
|
2001-01-28 19:52:32 +01:00
|
|
|
lib/nessus/plugins/suse_identd.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/swat_detect.nasl
|
2001-01-28 19:52:32 +01:00
|
|
|
lib/nessus/plugins/swat_guessable_usernames.nasl
|
2000-10-15 19:19:49 +02:00
|
|
|
lib/nessus/plugins/swc_overflow.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/sygate_remote_control.nasl
|
|
|
|
lib/nessus/plugins/systat.nasl
|
|
|
|
lib/nessus/plugins/tcp_chorusing.nasl
|
|
|
|
lib/nessus/plugins/teardrop.nasl
|
2001-01-28 19:52:32 +01:00
|
|
|
lib/nessus/plugins/technote.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/telnet.nasl
|
|
|
|
lib/nessus/plugins/telnetserver_detect_type_nd_version.nasl
|
2001-08-16 19:27:53 +02:00
|
|
|
lib/nessus/plugins/teso_telnet.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/test-cgi.nasl
|
|
|
|
lib/nessus/plugins/tfn.nasl
|
|
|
|
lib/nessus/plugins/tfs_smtp_overflow.nasl
|
|
|
|
lib/nessus/plugins/tftp_grab_file.nes
|
|
|
|
lib/nessus/plugins/thttpd_buffer_overflow.nasl
|
|
|
|
lib/nessus/plugins/thttpd_bug.nasl
|
2000-11-12 05:32:02 +01:00
|
|
|
lib/nessus/plugins/thttpd_ssi.nasl
|
2001-01-28 19:52:32 +01:00
|
|
|
lib/nessus/plugins/tiny_proxy_heap_overflow.nasl
|
2000-08-04 01:09:21 +02:00
|
|
|
lib/nessus/plugins/tomcat_admin.nasl
|
2001-12-30 19:38:53 +01:00
|
|
|
lib/nessus/plugins/tomcat_path_disclosure.nasl
|
2000-08-04 01:09:21 +02:00
|
|
|
lib/nessus/plugins/tomcat_snoop.nasl
|
Update libnasl, nessus{-core,-libraries,-plugins} to 1.2.0.
1.1.15/1.2.0 :
. changes by Nicolas Dubee (ndubee@secway.com) :
- Better support for AF_UNIX sockets
. changes by Brian (bmc@snort.org) :
- CVE references
- several bugfixes in the plugins
. changes by Peter Gründl (pgrundl@kpmg.dk) and
Carsten Joergensen (carstenjoergensen@kpmg.dk) :
- Extensive review of the plugins and therefore numerous fixes
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- FD leak in save_kb.c fixed
. changes by Renaud Deraison (deraison at nessus.org)
- It is now possible to upload files to the server when using
the command line client
- lrand48() portability problems worked around
- fixed a bug in the report window that would make it crash
randomly
1.1.14 :
. changes by Renaud Deraison (deraison at nessus.org)
- SMB fixes (thanks to Michael Scheidell)
- When the safe checks option is enabled, dangerous tests with no
alternate code (ie: plugins of type ACT_DESTRUCTIVE_ATTACK and
ACT_DENIAL) are disabled
- Hosts can be designated by their MAC address of instead of their
IP address (mostly useful for DHCP networks)
- Fixed a bug in the report generation which would replace newlines (\n)
by semi-columns (;)
- Fixed a bug in the export of some types of reports, where open ports
with no data associated would not be saved
- Integrated THC's Hydra as a Nessus plugin
- Added new NT security checks (related to user management)
- Plugins of type ACT_SETTINGS can not be disabled
- Fixed a bug which would make nessusd hang when a scanner was reporting
too many open ports (as when a UDP scan reports all UDP ports as
being open)
. changes by Dion Stempfley (dion at riptech.com)
- The client can now filter on category
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- Fixed some plugins causing error messages in some circumstances
(dns_xfer.nasl, snmp_processes.nasl...)
- Stylish changes to prevent gcc -Wall from whining in some files
- XML NG output is now XML compliant
- Bug fixes
. changes by Jenni Scott (jenni.scott@guardent.com) and
Michael Slifcak (michael.slifcak@guardent.com) :
- Improved the reporting of the plugins (better consistency, better
wording)
1.1.13 :
. changes by Michel Arboi (arboi at algoriel.fr)
- New family ACT_SETTINGS dedicated to plugins which just let the user
enter some preferences
- Optional NIDS evasion techniques (url encoding, tcp slicing)
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug in the command line client which would make it ignore
some preferences
- SMB checks can now log into a Windows domain
- NIDS evasion techniques (data injection, short ttl)
- Fixed a bug which would randomly stall the scan
1.1.12 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workarounds on FreeBSD to prevent a kernel panic
(thanks to Michael Scheidell and Stefan Esser)
- nessus can export reports as other file formats again
1.1.11 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug regarding the saving of reports from the GUI
- Improved the backend in many ways (speed-wise, content-wise)
- Changes in the protocol
- More messages are sent between the server and the client (timestamps,
plugins version, ...)
- New .nbe file format, which looks like .nsr but has more information
in it
- Plugins now have versions numbers.
- The user can upload his plugins to the nessusd server from the client
- It is now possible to upload files to the server (ie: nmap's results) in
command-line mode
- Fixed false positives in SNMP plugins when launched against a non-configured
Solaris snmpd
. changes by Guillaume Valadon (guillaume at valadon.net)
- New XML output (the XML layout was defined by Lionel Cons [lionel.cons at cern.ch])
1.1.10 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug introduced in 1.1.9 which would sometimes prevent a user from
aborting an on-going test
- Fixed a bug in the client which would prevent the user from setting a port
range longer than 255 chars
- Fixed bugs in pcap_next() (thanks to Richard van den Berg). Also, pcap_next() is now more flexible.
- Fixed a bug in the command line client which would make it close the
communication too early when the client - server communication is not
ciphered
- Added an "auto-load dependencies at runtime" option
1.1.9 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fix in the GUI, when closing a saved report
- Fixed a bug in ftp_log_in() which would prevent nasl script from
logging into some FTP servers
- Solaris build problems fixed
- Darwin 1.4.1 build problems fixed
- MkLinux DR3 build problems fixed (is anyone using it anymore ?)
- GTK 1.0.x build problems fixed (the use of GTK 1.2 is recommended though)
- Fixed the "wrong call to getopt" problem which would make Nessus
segfault when built with cygwin, and which would prevent options
from working under Solaris & FreeBSD (thanks to Udo Schweigert)
- SMB checks speedup (thanks to Georges Dagousset's suggestion)
- Fixed a bug in the client - server communication that would make the
server close the communication when the client is idle
- Better support for AF_UNIX socket for client-server communication
(compile nessus-core with ./configure --enable-unix-socket)
- Plugins are disabled by default in batch mode
. changes by Michel Arboi (arboi at algoriel.fr)
- Client now properly checks the certificate of the server
. changes by Benoit Brodard (bbrodard at arkoon.net)
- fixed bugs in nasl/tcp.c (checksum, handling of unsigned int)
1.1.8 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workaround for systems with a low number of bpfs (OpenBSD, Darwin)
- Added some length checks for SMB checks
- No more zombies
- Fixed accounts.nes
- Fixed the reporting of the client (reports would be mixed)
- Client removes tempfiles when exiting
- Repaired ptyexecvp() which would not work on Solaris
- Slight bugfix in the NASL interpretor
. changes by Georges Dagousset (georges at alert4web.com)
- More optimizations
- Properly reloads KBs with the same value defined more than once
- Fixes in some plugins dependencies
. changes by Michael Slifcak <Michael.Slifcak at guardent.com>
- More nmap options
- Quiet mode in nessus-adduser
1.1.7 :
. changes by Renaud Deraison (deraison at nessus.org)
- Compiles on platforms without OpenSSL
- Better Solaris support
- Ported under Darwin (many thanks to Dieter Fiebelkorn
(dieter at fiebelkorn.net) who actually started the port and helped
me test this)
- Unscanned ports can now be considered as closed or open (instead of
just open), at user choice
- Upgraded to libtool 1.4.2
- fixed a bug in the client which would make it display the wrong report
when doing multiple scans
- enhanced the plugins filter (that appear when pressing 'l' in the GUI)
- fixed a serious problem in the SMB plugins which would prevent them to work
against Samba and which would make them slow against Windows (pointed out
by Georges Dagousset)
. changes by Iouri Pletnev (Iouri.Pletnec at xacta.com)
- Ported under Cygwin
. changes by Michel Arboi (arboi at algoriel.fr)
- Added nessus-mkrand for hosts with no /dev/random AND no EGD
running
1.1.6 :
. changes by Renaud Deraison (deraison at nessus.org)
- EGD support for OpenSSL (do ./configure --enable-egd=/path/to/egd/socket
in nessus-libraries)
- KB items are now stored with individual dates instead of a global
date for the whole KB file. Yes, this means you have to delete your
old KB files
- When an host could not be pinged, his KB is not altered (nor created)
- fixed memory leaks in nessusd
- nessus-mkcert checks that the certificates were really created
before congratulating the user
- fixed a security problem where anybody with a shell on the nessusd
host could log in
1.1.5 :
. changes by Georges Dagousset (georges.dagousset at alert4web.com) :
- new KB entries for further "optimizations"
- improved find_services.nes
. changes by Renaud Deraison (deraison at nessus.org) :
- cleaned up the KB
- added doc/kb_entries.txt
- bugfix in find_services regarding the pem password
- new reporting GUI
- fixed a problem which would leave some plugin run against a host
considered as dead
- the KB are now stored with properly escaped \n and \r chars
- greatly improved tcp_ping.nasl (and tcp_ping() in libnasl)
. changes by Michel Arboi (arboi at algoriel.fr) :
- replaced PEKS by OpenSSL in the client/server communication
. changes by H D Moore (hdm@secureaustin.com)
- fixed no404.nasl
1.1.4 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed find_services.nes
- plugins that are slow to finish are _really_ killed by the server
- the client better handles the scan of big networks
- nmap_wrapper now updates its progress bar
- nessus-update-plugins support proxies (with or without authentication)
- monitor_backend.c and data_mining.c allow any developer to plug
a database behind the client (by default flatfiles are used)
- bug fixed in nmap_wrapper which would make it kill its parent
process randomly
- minor fix in the tcp_ping() function of NASL (ack would be set
to non-zero for a syn packet)
- fixed Alexis's ftp_write_dirs.nes & ftp_bounce_scan.nes
. changes by Michel Arboi (arboi at noos.fr) :
- find_services accepts password-protected .pem files
- patches in the way files were transmitted between the client
and the server (which could end up in a deadlock)
. changes by Alexis de Bernis <alexisb at tpfh.org) :
- fixed ftp_write_dirs.nes
1.1.3 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'torturecgis.nasl' which supplies bogus args to
the remote CGIs, in order to find the most blantantly broken
ones
- webmirror.nasl now retrieves the list of arguments of each
CGI.
- added filter support in the client. Use the key 'l' to filter
out plugins you don't want to see.
- added the 'safe checks' option which allow the user to not disturb
the network (but which weakens the Nessus tests)
- disabled backward support for port 3001 - the official port
is 1241 now.
1.1.2 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'webmirror.nasl', which extracts the list of
CGIs used by a remote web server (and will do much more).
- fixed a problem in NASL due to the SSL patch that would cause
a fd leak with some plugins.
- added a new plugin category (ACT_DESTRUCTIVE_ATTACK) for plugins
that may harm the remote host.
- SSL certificates & key can be imported
- corrected a bug introduced in 1.1.0 that would make the client not display
the name of the plugin currently being run.
- sending signal SIGUSR1 to nessusd makes the grandfather process (the one
who listens on tcp ports) die without killing its children, thus
allowing a smooth upgrade of nessusd
- updated config.guess and config.sub
1.1.1 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed mem leaks in NASL
- fixed a bug introduced in 1.1.0 regarding recv_line()
- fixed a bug introduced in 1.1.0 in the process management of the plugins
(all the KB would not be filled, resulting in incomplete tests)
- smb_sid2user.nasl is twice as fast ;)
1.1.0 :
. changes by Devin Kowatch (devink at SDSC.EDU) :
- fixed communication problem between client and server
- user-defined timing policy in nmap
- nessus-update-plugins uses wget (or any user-supplied command at
compilation time) if available.
. changes by Michel Arboi (arboi at bigfoot.com) :
- support for the -T option of nmap
- SSL support
. changes by Zorgon (zorgon at antionline.org) :
- support for the --os_guess option of nmap
. changes by Renaud Deraison (deraison at nessus.org) :
- the user can upload files to plugins through the client (ie: it is possible
to upload nmap's results directly to the nmap plugin)
- tests can be run in parallel now
- each user is now granted a home by nessus-adduser
- added nessus-rmuser
- per users plugins
Of course several new plugins were added as well.
2002-05-10 15:18:44 +02:00
|
|
|
lib/nessus/plugins/torturecgis.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/traceroute.nasl
|
2000-10-15 19:19:49 +02:00
|
|
|
lib/nessus/plugins/translate_f.nasl
|
|
|
|
lib/nessus/plugins/trinity.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/trinoo.nasl
|
2001-12-30 19:38:53 +01:00
|
|
|
lib/nessus/plugins/tripwire_webpage.nasl
|
2001-08-16 19:27:53 +02:00
|
|
|
lib/nessus/plugins/ttawebtop.nasl
|
2001-12-30 19:38:53 +01:00
|
|
|
lib/nessus/plugins/ultraseek_detect.nasl
|
2000-11-12 05:32:02 +01:00
|
|
|
lib/nessus/plugins/ultraseek_dos.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/unicast_dos.nasl
|
|
|
|
lib/nessus/plugins/upload_cgi.nasl
|
|
|
|
lib/nessus/plugins/uploader_exe.nasl
|
Update libnasl, nessus{-core,-libraries,-plugins} to 1.2.0.
1.1.15/1.2.0 :
. changes by Nicolas Dubee (ndubee@secway.com) :
- Better support for AF_UNIX sockets
. changes by Brian (bmc@snort.org) :
- CVE references
- several bugfixes in the plugins
. changes by Peter Gründl (pgrundl@kpmg.dk) and
Carsten Joergensen (carstenjoergensen@kpmg.dk) :
- Extensive review of the plugins and therefore numerous fixes
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- FD leak in save_kb.c fixed
. changes by Renaud Deraison (deraison at nessus.org)
- It is now possible to upload files to the server when using
the command line client
- lrand48() portability problems worked around
- fixed a bug in the report window that would make it crash
randomly
1.1.14 :
. changes by Renaud Deraison (deraison at nessus.org)
- SMB fixes (thanks to Michael Scheidell)
- When the safe checks option is enabled, dangerous tests with no
alternate code (ie: plugins of type ACT_DESTRUCTIVE_ATTACK and
ACT_DENIAL) are disabled
- Hosts can be designated by their MAC address of instead of their
IP address (mostly useful for DHCP networks)
- Fixed a bug in the report generation which would replace newlines (\n)
by semi-columns (;)
- Fixed a bug in the export of some types of reports, where open ports
with no data associated would not be saved
- Integrated THC's Hydra as a Nessus plugin
- Added new NT security checks (related to user management)
- Plugins of type ACT_SETTINGS can not be disabled
- Fixed a bug which would make nessusd hang when a scanner was reporting
too many open ports (as when a UDP scan reports all UDP ports as
being open)
. changes by Dion Stempfley (dion at riptech.com)
- The client can now filter on category
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- Fixed some plugins causing error messages in some circumstances
(dns_xfer.nasl, snmp_processes.nasl...)
- Stylish changes to prevent gcc -Wall from whining in some files
- XML NG output is now XML compliant
- Bug fixes
. changes by Jenni Scott (jenni.scott@guardent.com) and
Michael Slifcak (michael.slifcak@guardent.com) :
- Improved the reporting of the plugins (better consistency, better
wording)
1.1.13 :
. changes by Michel Arboi (arboi at algoriel.fr)
- New family ACT_SETTINGS dedicated to plugins which just let the user
enter some preferences
- Optional NIDS evasion techniques (url encoding, tcp slicing)
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug in the command line client which would make it ignore
some preferences
- SMB checks can now log into a Windows domain
- NIDS evasion techniques (data injection, short ttl)
- Fixed a bug which would randomly stall the scan
1.1.12 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workarounds on FreeBSD to prevent a kernel panic
(thanks to Michael Scheidell and Stefan Esser)
- nessus can export reports as other file formats again
1.1.11 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug regarding the saving of reports from the GUI
- Improved the backend in many ways (speed-wise, content-wise)
- Changes in the protocol
- More messages are sent between the server and the client (timestamps,
plugins version, ...)
- New .nbe file format, which looks like .nsr but has more information
in it
- Plugins now have versions numbers.
- The user can upload his plugins to the nessusd server from the client
- It is now possible to upload files to the server (ie: nmap's results) in
command-line mode
- Fixed false positives in SNMP plugins when launched against a non-configured
Solaris snmpd
. changes by Guillaume Valadon (guillaume at valadon.net)
- New XML output (the XML layout was defined by Lionel Cons [lionel.cons at cern.ch])
1.1.10 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug introduced in 1.1.9 which would sometimes prevent a user from
aborting an on-going test
- Fixed a bug in the client which would prevent the user from setting a port
range longer than 255 chars
- Fixed bugs in pcap_next() (thanks to Richard van den Berg). Also, pcap_next() is now more flexible.
- Fixed a bug in the command line client which would make it close the
communication too early when the client - server communication is not
ciphered
- Added an "auto-load dependencies at runtime" option
1.1.9 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fix in the GUI, when closing a saved report
- Fixed a bug in ftp_log_in() which would prevent nasl script from
logging into some FTP servers
- Solaris build problems fixed
- Darwin 1.4.1 build problems fixed
- MkLinux DR3 build problems fixed (is anyone using it anymore ?)
- GTK 1.0.x build problems fixed (the use of GTK 1.2 is recommended though)
- Fixed the "wrong call to getopt" problem which would make Nessus
segfault when built with cygwin, and which would prevent options
from working under Solaris & FreeBSD (thanks to Udo Schweigert)
- SMB checks speedup (thanks to Georges Dagousset's suggestion)
- Fixed a bug in the client - server communication that would make the
server close the communication when the client is idle
- Better support for AF_UNIX socket for client-server communication
(compile nessus-core with ./configure --enable-unix-socket)
- Plugins are disabled by default in batch mode
. changes by Michel Arboi (arboi at algoriel.fr)
- Client now properly checks the certificate of the server
. changes by Benoit Brodard (bbrodard at arkoon.net)
- fixed bugs in nasl/tcp.c (checksum, handling of unsigned int)
1.1.8 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workaround for systems with a low number of bpfs (OpenBSD, Darwin)
- Added some length checks for SMB checks
- No more zombies
- Fixed accounts.nes
- Fixed the reporting of the client (reports would be mixed)
- Client removes tempfiles when exiting
- Repaired ptyexecvp() which would not work on Solaris
- Slight bugfix in the NASL interpretor
. changes by Georges Dagousset (georges at alert4web.com)
- More optimizations
- Properly reloads KBs with the same value defined more than once
- Fixes in some plugins dependencies
. changes by Michael Slifcak <Michael.Slifcak at guardent.com>
- More nmap options
- Quiet mode in nessus-adduser
1.1.7 :
. changes by Renaud Deraison (deraison at nessus.org)
- Compiles on platforms without OpenSSL
- Better Solaris support
- Ported under Darwin (many thanks to Dieter Fiebelkorn
(dieter at fiebelkorn.net) who actually started the port and helped
me test this)
- Unscanned ports can now be considered as closed or open (instead of
just open), at user choice
- Upgraded to libtool 1.4.2
- fixed a bug in the client which would make it display the wrong report
when doing multiple scans
- enhanced the plugins filter (that appear when pressing 'l' in the GUI)
- fixed a serious problem in the SMB plugins which would prevent them to work
against Samba and which would make them slow against Windows (pointed out
by Georges Dagousset)
. changes by Iouri Pletnev (Iouri.Pletnec at xacta.com)
- Ported under Cygwin
. changes by Michel Arboi (arboi at algoriel.fr)
- Added nessus-mkrand for hosts with no /dev/random AND no EGD
running
1.1.6 :
. changes by Renaud Deraison (deraison at nessus.org)
- EGD support for OpenSSL (do ./configure --enable-egd=/path/to/egd/socket
in nessus-libraries)
- KB items are now stored with individual dates instead of a global
date for the whole KB file. Yes, this means you have to delete your
old KB files
- When an host could not be pinged, his KB is not altered (nor created)
- fixed memory leaks in nessusd
- nessus-mkcert checks that the certificates were really created
before congratulating the user
- fixed a security problem where anybody with a shell on the nessusd
host could log in
1.1.5 :
. changes by Georges Dagousset (georges.dagousset at alert4web.com) :
- new KB entries for further "optimizations"
- improved find_services.nes
. changes by Renaud Deraison (deraison at nessus.org) :
- cleaned up the KB
- added doc/kb_entries.txt
- bugfix in find_services regarding the pem password
- new reporting GUI
- fixed a problem which would leave some plugin run against a host
considered as dead
- the KB are now stored with properly escaped \n and \r chars
- greatly improved tcp_ping.nasl (and tcp_ping() in libnasl)
. changes by Michel Arboi (arboi at algoriel.fr) :
- replaced PEKS by OpenSSL in the client/server communication
. changes by H D Moore (hdm@secureaustin.com)
- fixed no404.nasl
1.1.4 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed find_services.nes
- plugins that are slow to finish are _really_ killed by the server
- the client better handles the scan of big networks
- nmap_wrapper now updates its progress bar
- nessus-update-plugins support proxies (with or without authentication)
- monitor_backend.c and data_mining.c allow any developer to plug
a database behind the client (by default flatfiles are used)
- bug fixed in nmap_wrapper which would make it kill its parent
process randomly
- minor fix in the tcp_ping() function of NASL (ack would be set
to non-zero for a syn packet)
- fixed Alexis's ftp_write_dirs.nes & ftp_bounce_scan.nes
. changes by Michel Arboi (arboi at noos.fr) :
- find_services accepts password-protected .pem files
- patches in the way files were transmitted between the client
and the server (which could end up in a deadlock)
. changes by Alexis de Bernis <alexisb at tpfh.org) :
- fixed ftp_write_dirs.nes
1.1.3 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'torturecgis.nasl' which supplies bogus args to
the remote CGIs, in order to find the most blantantly broken
ones
- webmirror.nasl now retrieves the list of arguments of each
CGI.
- added filter support in the client. Use the key 'l' to filter
out plugins you don't want to see.
- added the 'safe checks' option which allow the user to not disturb
the network (but which weakens the Nessus tests)
- disabled backward support for port 3001 - the official port
is 1241 now.
1.1.2 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'webmirror.nasl', which extracts the list of
CGIs used by a remote web server (and will do much more).
- fixed a problem in NASL due to the SSL patch that would cause
a fd leak with some plugins.
- added a new plugin category (ACT_DESTRUCTIVE_ATTACK) for plugins
that may harm the remote host.
- SSL certificates & key can be imported
- corrected a bug introduced in 1.1.0 that would make the client not display
the name of the plugin currently being run.
- sending signal SIGUSR1 to nessusd makes the grandfather process (the one
who listens on tcp ports) die without killing its children, thus
allowing a smooth upgrade of nessusd
- updated config.guess and config.sub
1.1.1 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed mem leaks in NASL
- fixed a bug introduced in 1.1.0 regarding recv_line()
- fixed a bug introduced in 1.1.0 in the process management of the plugins
(all the KB would not be filled, resulting in incomplete tests)
- smb_sid2user.nasl is twice as fast ;)
1.1.0 :
. changes by Devin Kowatch (devink at SDSC.EDU) :
- fixed communication problem between client and server
- user-defined timing policy in nmap
- nessus-update-plugins uses wget (or any user-supplied command at
compilation time) if available.
. changes by Michel Arboi (arboi at bigfoot.com) :
- support for the -T option of nmap
- SSL support
. changes by Zorgon (zorgon at antionline.org) :
- support for the --os_guess option of nmap
. changes by Renaud Deraison (deraison at nessus.org) :
- the user can upload files to plugins through the client (ie: it is possible
to upload nmap's results directly to the nmap plugin)
- tests can be run in parallel now
- each user is now granted a home by nessus-adduser
- added nessus-rmuser
- per users plugins
Of course several new plugins were added as well.
2002-05-10 15:18:44 +02:00
|
|
|
lib/nessus/plugins/upnp_xp.nasl
|
2001-06-17 15:25:54 +02:00
|
|
|
lib/nessus/plugins/ustorekeeper.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/uw_imap_overflow.nasl
|
|
|
|
lib/nessus/plugins/uw_imap_overflow_two.nasl
|
|
|
|
lib/nessus/plugins/vftpd_overflow.nasl
|
|
|
|
lib/nessus/plugins/view_source_cgi.nasl
|
|
|
|
lib/nessus/plugins/visadmin.nasl
|
2001-12-30 19:38:53 +01:00
|
|
|
lib/nessus/plugins/visualroute_server_detect.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/vnc.nasl
|
2001-12-30 19:38:53 +01:00
|
|
|
lib/nessus/plugins/vnc_http.nasl
|
2000-08-04 01:09:21 +02:00
|
|
|
lib/nessus/plugins/vpop_input_validation.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/vqServer_admin_detect.nasl
|
|
|
|
lib/nessus/plugins/vqServer_web_traversal.nasl
|
2001-06-17 15:25:54 +02:00
|
|
|
lib/nessus/plugins/vw_bof.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/w3msql_overflow.nasl
|
2001-06-17 15:25:54 +02:00
|
|
|
lib/nessus/plugins/wayboard.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/web_traversal.nasl
|
2000-08-04 01:09:21 +02:00
|
|
|
lib/nessus/plugins/webactive_log.nasl
|
2001-12-30 19:38:53 +01:00
|
|
|
lib/nessus/plugins/webalizer.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/webcart.nasl
|
2000-10-15 19:19:49 +02:00
|
|
|
lib/nessus/plugins/webdav.nasl
|
2000-11-12 05:32:02 +01:00
|
|
|
lib/nessus/plugins/webdav_iis.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/webdist.nasl
|
2001-01-28 19:52:32 +01:00
|
|
|
lib/nessus/plugins/webdriver.nasl
|
2000-08-04 01:09:21 +02:00
|
|
|
lib/nessus/plugins/webfind.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/webgais.nasl
|
2001-08-16 19:27:53 +02:00
|
|
|
lib/nessus/plugins/weblogic_dotdotdos.nasl
|
|
|
|
lib/nessus/plugins/weblogic_percent.nasl
|
2001-12-30 19:38:53 +01:00
|
|
|
lib/nessus/plugins/webmin.nasl
|
Update libnasl, nessus{-core,-libraries,-plugins} to 1.2.0.
1.1.15/1.2.0 :
. changes by Nicolas Dubee (ndubee@secway.com) :
- Better support for AF_UNIX sockets
. changes by Brian (bmc@snort.org) :
- CVE references
- several bugfixes in the plugins
. changes by Peter Gründl (pgrundl@kpmg.dk) and
Carsten Joergensen (carstenjoergensen@kpmg.dk) :
- Extensive review of the plugins and therefore numerous fixes
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- FD leak in save_kb.c fixed
. changes by Renaud Deraison (deraison at nessus.org)
- It is now possible to upload files to the server when using
the command line client
- lrand48() portability problems worked around
- fixed a bug in the report window that would make it crash
randomly
1.1.14 :
. changes by Renaud Deraison (deraison at nessus.org)
- SMB fixes (thanks to Michael Scheidell)
- When the safe checks option is enabled, dangerous tests with no
alternate code (ie: plugins of type ACT_DESTRUCTIVE_ATTACK and
ACT_DENIAL) are disabled
- Hosts can be designated by their MAC address of instead of their
IP address (mostly useful for DHCP networks)
- Fixed a bug in the report generation which would replace newlines (\n)
by semi-columns (;)
- Fixed a bug in the export of some types of reports, where open ports
with no data associated would not be saved
- Integrated THC's Hydra as a Nessus plugin
- Added new NT security checks (related to user management)
- Plugins of type ACT_SETTINGS can not be disabled
- Fixed a bug which would make nessusd hang when a scanner was reporting
too many open ports (as when a UDP scan reports all UDP ports as
being open)
. changes by Dion Stempfley (dion at riptech.com)
- The client can now filter on category
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- Fixed some plugins causing error messages in some circumstances
(dns_xfer.nasl, snmp_processes.nasl...)
- Stylish changes to prevent gcc -Wall from whining in some files
- XML NG output is now XML compliant
- Bug fixes
. changes by Jenni Scott (jenni.scott@guardent.com) and
Michael Slifcak (michael.slifcak@guardent.com) :
- Improved the reporting of the plugins (better consistency, better
wording)
1.1.13 :
. changes by Michel Arboi (arboi at algoriel.fr)
- New family ACT_SETTINGS dedicated to plugins which just let the user
enter some preferences
- Optional NIDS evasion techniques (url encoding, tcp slicing)
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug in the command line client which would make it ignore
some preferences
- SMB checks can now log into a Windows domain
- NIDS evasion techniques (data injection, short ttl)
- Fixed a bug which would randomly stall the scan
1.1.12 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workarounds on FreeBSD to prevent a kernel panic
(thanks to Michael Scheidell and Stefan Esser)
- nessus can export reports as other file formats again
1.1.11 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug regarding the saving of reports from the GUI
- Improved the backend in many ways (speed-wise, content-wise)
- Changes in the protocol
- More messages are sent between the server and the client (timestamps,
plugins version, ...)
- New .nbe file format, which looks like .nsr but has more information
in it
- Plugins now have versions numbers.
- The user can upload his plugins to the nessusd server from the client
- It is now possible to upload files to the server (ie: nmap's results) in
command-line mode
- Fixed false positives in SNMP plugins when launched against a non-configured
Solaris snmpd
. changes by Guillaume Valadon (guillaume at valadon.net)
- New XML output (the XML layout was defined by Lionel Cons [lionel.cons at cern.ch])
1.1.10 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug introduced in 1.1.9 which would sometimes prevent a user from
aborting an on-going test
- Fixed a bug in the client which would prevent the user from setting a port
range longer than 255 chars
- Fixed bugs in pcap_next() (thanks to Richard van den Berg). Also, pcap_next() is now more flexible.
- Fixed a bug in the command line client which would make it close the
communication too early when the client - server communication is not
ciphered
- Added an "auto-load dependencies at runtime" option
1.1.9 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fix in the GUI, when closing a saved report
- Fixed a bug in ftp_log_in() which would prevent nasl script from
logging into some FTP servers
- Solaris build problems fixed
- Darwin 1.4.1 build problems fixed
- MkLinux DR3 build problems fixed (is anyone using it anymore ?)
- GTK 1.0.x build problems fixed (the use of GTK 1.2 is recommended though)
- Fixed the "wrong call to getopt" problem which would make Nessus
segfault when built with cygwin, and which would prevent options
from working under Solaris & FreeBSD (thanks to Udo Schweigert)
- SMB checks speedup (thanks to Georges Dagousset's suggestion)
- Fixed a bug in the client - server communication that would make the
server close the communication when the client is idle
- Better support for AF_UNIX socket for client-server communication
(compile nessus-core with ./configure --enable-unix-socket)
- Plugins are disabled by default in batch mode
. changes by Michel Arboi (arboi at algoriel.fr)
- Client now properly checks the certificate of the server
. changes by Benoit Brodard (bbrodard at arkoon.net)
- fixed bugs in nasl/tcp.c (checksum, handling of unsigned int)
1.1.8 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workaround for systems with a low number of bpfs (OpenBSD, Darwin)
- Added some length checks for SMB checks
- No more zombies
- Fixed accounts.nes
- Fixed the reporting of the client (reports would be mixed)
- Client removes tempfiles when exiting
- Repaired ptyexecvp() which would not work on Solaris
- Slight bugfix in the NASL interpretor
. changes by Georges Dagousset (georges at alert4web.com)
- More optimizations
- Properly reloads KBs with the same value defined more than once
- Fixes in some plugins dependencies
. changes by Michael Slifcak <Michael.Slifcak at guardent.com>
- More nmap options
- Quiet mode in nessus-adduser
1.1.7 :
. changes by Renaud Deraison (deraison at nessus.org)
- Compiles on platforms without OpenSSL
- Better Solaris support
- Ported under Darwin (many thanks to Dieter Fiebelkorn
(dieter at fiebelkorn.net) who actually started the port and helped
me test this)
- Unscanned ports can now be considered as closed or open (instead of
just open), at user choice
- Upgraded to libtool 1.4.2
- fixed a bug in the client which would make it display the wrong report
when doing multiple scans
- enhanced the plugins filter (that appear when pressing 'l' in the GUI)
- fixed a serious problem in the SMB plugins which would prevent them to work
against Samba and which would make them slow against Windows (pointed out
by Georges Dagousset)
. changes by Iouri Pletnev (Iouri.Pletnec at xacta.com)
- Ported under Cygwin
. changes by Michel Arboi (arboi at algoriel.fr)
- Added nessus-mkrand for hosts with no /dev/random AND no EGD
running
1.1.6 :
. changes by Renaud Deraison (deraison at nessus.org)
- EGD support for OpenSSL (do ./configure --enable-egd=/path/to/egd/socket
in nessus-libraries)
- KB items are now stored with individual dates instead of a global
date for the whole KB file. Yes, this means you have to delete your
old KB files
- When an host could not be pinged, his KB is not altered (nor created)
- fixed memory leaks in nessusd
- nessus-mkcert checks that the certificates were really created
before congratulating the user
- fixed a security problem where anybody with a shell on the nessusd
host could log in
1.1.5 :
. changes by Georges Dagousset (georges.dagousset at alert4web.com) :
- new KB entries for further "optimizations"
- improved find_services.nes
. changes by Renaud Deraison (deraison at nessus.org) :
- cleaned up the KB
- added doc/kb_entries.txt
- bugfix in find_services regarding the pem password
- new reporting GUI
- fixed a problem which would leave some plugin run against a host
considered as dead
- the KB are now stored with properly escaped \n and \r chars
- greatly improved tcp_ping.nasl (and tcp_ping() in libnasl)
. changes by Michel Arboi (arboi at algoriel.fr) :
- replaced PEKS by OpenSSL in the client/server communication
. changes by H D Moore (hdm@secureaustin.com)
- fixed no404.nasl
1.1.4 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed find_services.nes
- plugins that are slow to finish are _really_ killed by the server
- the client better handles the scan of big networks
- nmap_wrapper now updates its progress bar
- nessus-update-plugins support proxies (with or without authentication)
- monitor_backend.c and data_mining.c allow any developer to plug
a database behind the client (by default flatfiles are used)
- bug fixed in nmap_wrapper which would make it kill its parent
process randomly
- minor fix in the tcp_ping() function of NASL (ack would be set
to non-zero for a syn packet)
- fixed Alexis's ftp_write_dirs.nes & ftp_bounce_scan.nes
. changes by Michel Arboi (arboi at noos.fr) :
- find_services accepts password-protected .pem files
- patches in the way files were transmitted between the client
and the server (which could end up in a deadlock)
. changes by Alexis de Bernis <alexisb at tpfh.org) :
- fixed ftp_write_dirs.nes
1.1.3 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'torturecgis.nasl' which supplies bogus args to
the remote CGIs, in order to find the most blantantly broken
ones
- webmirror.nasl now retrieves the list of arguments of each
CGI.
- added filter support in the client. Use the key 'l' to filter
out plugins you don't want to see.
- added the 'safe checks' option which allow the user to not disturb
the network (but which weakens the Nessus tests)
- disabled backward support for port 3001 - the official port
is 1241 now.
1.1.2 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'webmirror.nasl', which extracts the list of
CGIs used by a remote web server (and will do much more).
- fixed a problem in NASL due to the SSL patch that would cause
a fd leak with some plugins.
- added a new plugin category (ACT_DESTRUCTIVE_ATTACK) for plugins
that may harm the remote host.
- SSL certificates & key can be imported
- corrected a bug introduced in 1.1.0 that would make the client not display
the name of the plugin currently being run.
- sending signal SIGUSR1 to nessusd makes the grandfather process (the one
who listens on tcp ports) die without killing its children, thus
allowing a smooth upgrade of nessusd
- updated config.guess and config.sub
1.1.1 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed mem leaks in NASL
- fixed a bug introduced in 1.1.0 regarding recv_line()
- fixed a bug introduced in 1.1.0 in the process management of the plugins
(all the KB would not be filled, resulting in incomplete tests)
- smb_sid2user.nasl is twice as fast ;)
1.1.0 :
. changes by Devin Kowatch (devink at SDSC.EDU) :
- fixed communication problem between client and server
- user-defined timing policy in nmap
- nessus-update-plugins uses wget (or any user-supplied command at
compilation time) if available.
. changes by Michel Arboi (arboi at bigfoot.com) :
- support for the -T option of nmap
- SSL support
. changes by Zorgon (zorgon at antionline.org) :
- support for the --os_guess option of nmap
. changes by Renaud Deraison (deraison at nessus.org) :
- the user can upload files to plugins through the client (ie: it is possible
to upload nmap's results directly to the nmap plugin)
- tests can be run in parallel now
- each user is now granted a home by nessus-adduser
- added nessus-rmuser
- per users plugins
Of course several new plugins were added as well.
2002-05-10 15:18:44 +02:00
|
|
|
lib/nessus/plugins/webmirror.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/webplus.nasl
|
|
|
|
lib/nessus/plugins/webplus_version.nasl
|
|
|
|
lib/nessus/plugins/websendmail.nasl
|
|
|
|
lib/nessus/plugins/webserver_robot.nasl
|
2001-01-28 19:52:32 +01:00
|
|
|
lib/nessus/plugins/webshield.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/website_pro.nasl
|
2000-08-04 01:09:21 +02:00
|
|
|
lib/nessus/plugins/websitepro_overflow.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/webspeed.nasl
|
2001-06-17 15:25:54 +02:00
|
|
|
lib/nessus/plugins/webspirs_cgi.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/wftp.nasl
|
2000-10-15 19:19:49 +02:00
|
|
|
lib/nessus/plugins/wftp_241_dos.nasl
|
2000-08-04 01:09:21 +02:00
|
|
|
lib/nessus/plugins/wftp_dos.nasl
|
Update libnasl, nessus{-core,-libraries,-plugins} to 1.2.0.
1.1.15/1.2.0 :
. changes by Nicolas Dubee (ndubee@secway.com) :
- Better support for AF_UNIX sockets
. changes by Brian (bmc@snort.org) :
- CVE references
- several bugfixes in the plugins
. changes by Peter Gründl (pgrundl@kpmg.dk) and
Carsten Joergensen (carstenjoergensen@kpmg.dk) :
- Extensive review of the plugins and therefore numerous fixes
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- FD leak in save_kb.c fixed
. changes by Renaud Deraison (deraison at nessus.org)
- It is now possible to upload files to the server when using
the command line client
- lrand48() portability problems worked around
- fixed a bug in the report window that would make it crash
randomly
1.1.14 :
. changes by Renaud Deraison (deraison at nessus.org)
- SMB fixes (thanks to Michael Scheidell)
- When the safe checks option is enabled, dangerous tests with no
alternate code (ie: plugins of type ACT_DESTRUCTIVE_ATTACK and
ACT_DENIAL) are disabled
- Hosts can be designated by their MAC address of instead of their
IP address (mostly useful for DHCP networks)
- Fixed a bug in the report generation which would replace newlines (\n)
by semi-columns (;)
- Fixed a bug in the export of some types of reports, where open ports
with no data associated would not be saved
- Integrated THC's Hydra as a Nessus plugin
- Added new NT security checks (related to user management)
- Plugins of type ACT_SETTINGS can not be disabled
- Fixed a bug which would make nessusd hang when a scanner was reporting
too many open ports (as when a UDP scan reports all UDP ports as
being open)
. changes by Dion Stempfley (dion at riptech.com)
- The client can now filter on category
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- Fixed some plugins causing error messages in some circumstances
(dns_xfer.nasl, snmp_processes.nasl...)
- Stylish changes to prevent gcc -Wall from whining in some files
- XML NG output is now XML compliant
- Bug fixes
. changes by Jenni Scott (jenni.scott@guardent.com) and
Michael Slifcak (michael.slifcak@guardent.com) :
- Improved the reporting of the plugins (better consistency, better
wording)
1.1.13 :
. changes by Michel Arboi (arboi at algoriel.fr)
- New family ACT_SETTINGS dedicated to plugins which just let the user
enter some preferences
- Optional NIDS evasion techniques (url encoding, tcp slicing)
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug in the command line client which would make it ignore
some preferences
- SMB checks can now log into a Windows domain
- NIDS evasion techniques (data injection, short ttl)
- Fixed a bug which would randomly stall the scan
1.1.12 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workarounds on FreeBSD to prevent a kernel panic
(thanks to Michael Scheidell and Stefan Esser)
- nessus can export reports as other file formats again
1.1.11 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug regarding the saving of reports from the GUI
- Improved the backend in many ways (speed-wise, content-wise)
- Changes in the protocol
- More messages are sent between the server and the client (timestamps,
plugins version, ...)
- New .nbe file format, which looks like .nsr but has more information
in it
- Plugins now have versions numbers.
- The user can upload his plugins to the nessusd server from the client
- It is now possible to upload files to the server (ie: nmap's results) in
command-line mode
- Fixed false positives in SNMP plugins when launched against a non-configured
Solaris snmpd
. changes by Guillaume Valadon (guillaume at valadon.net)
- New XML output (the XML layout was defined by Lionel Cons [lionel.cons at cern.ch])
1.1.10 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug introduced in 1.1.9 which would sometimes prevent a user from
aborting an on-going test
- Fixed a bug in the client which would prevent the user from setting a port
range longer than 255 chars
- Fixed bugs in pcap_next() (thanks to Richard van den Berg). Also, pcap_next() is now more flexible.
- Fixed a bug in the command line client which would make it close the
communication too early when the client - server communication is not
ciphered
- Added an "auto-load dependencies at runtime" option
1.1.9 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fix in the GUI, when closing a saved report
- Fixed a bug in ftp_log_in() which would prevent nasl script from
logging into some FTP servers
- Solaris build problems fixed
- Darwin 1.4.1 build problems fixed
- MkLinux DR3 build problems fixed (is anyone using it anymore ?)
- GTK 1.0.x build problems fixed (the use of GTK 1.2 is recommended though)
- Fixed the "wrong call to getopt" problem which would make Nessus
segfault when built with cygwin, and which would prevent options
from working under Solaris & FreeBSD (thanks to Udo Schweigert)
- SMB checks speedup (thanks to Georges Dagousset's suggestion)
- Fixed a bug in the client - server communication that would make the
server close the communication when the client is idle
- Better support for AF_UNIX socket for client-server communication
(compile nessus-core with ./configure --enable-unix-socket)
- Plugins are disabled by default in batch mode
. changes by Michel Arboi (arboi at algoriel.fr)
- Client now properly checks the certificate of the server
. changes by Benoit Brodard (bbrodard at arkoon.net)
- fixed bugs in nasl/tcp.c (checksum, handling of unsigned int)
1.1.8 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workaround for systems with a low number of bpfs (OpenBSD, Darwin)
- Added some length checks for SMB checks
- No more zombies
- Fixed accounts.nes
- Fixed the reporting of the client (reports would be mixed)
- Client removes tempfiles when exiting
- Repaired ptyexecvp() which would not work on Solaris
- Slight bugfix in the NASL interpretor
. changes by Georges Dagousset (georges at alert4web.com)
- More optimizations
- Properly reloads KBs with the same value defined more than once
- Fixes in some plugins dependencies
. changes by Michael Slifcak <Michael.Slifcak at guardent.com>
- More nmap options
- Quiet mode in nessus-adduser
1.1.7 :
. changes by Renaud Deraison (deraison at nessus.org)
- Compiles on platforms without OpenSSL
- Better Solaris support
- Ported under Darwin (many thanks to Dieter Fiebelkorn
(dieter at fiebelkorn.net) who actually started the port and helped
me test this)
- Unscanned ports can now be considered as closed or open (instead of
just open), at user choice
- Upgraded to libtool 1.4.2
- fixed a bug in the client which would make it display the wrong report
when doing multiple scans
- enhanced the plugins filter (that appear when pressing 'l' in the GUI)
- fixed a serious problem in the SMB plugins which would prevent them to work
against Samba and which would make them slow against Windows (pointed out
by Georges Dagousset)
. changes by Iouri Pletnev (Iouri.Pletnec at xacta.com)
- Ported under Cygwin
. changes by Michel Arboi (arboi at algoriel.fr)
- Added nessus-mkrand for hosts with no /dev/random AND no EGD
running
1.1.6 :
. changes by Renaud Deraison (deraison at nessus.org)
- EGD support for OpenSSL (do ./configure --enable-egd=/path/to/egd/socket
in nessus-libraries)
- KB items are now stored with individual dates instead of a global
date for the whole KB file. Yes, this means you have to delete your
old KB files
- When an host could not be pinged, his KB is not altered (nor created)
- fixed memory leaks in nessusd
- nessus-mkcert checks that the certificates were really created
before congratulating the user
- fixed a security problem where anybody with a shell on the nessusd
host could log in
1.1.5 :
. changes by Georges Dagousset (georges.dagousset at alert4web.com) :
- new KB entries for further "optimizations"
- improved find_services.nes
. changes by Renaud Deraison (deraison at nessus.org) :
- cleaned up the KB
- added doc/kb_entries.txt
- bugfix in find_services regarding the pem password
- new reporting GUI
- fixed a problem which would leave some plugin run against a host
considered as dead
- the KB are now stored with properly escaped \n and \r chars
- greatly improved tcp_ping.nasl (and tcp_ping() in libnasl)
. changes by Michel Arboi (arboi at algoriel.fr) :
- replaced PEKS by OpenSSL in the client/server communication
. changes by H D Moore (hdm@secureaustin.com)
- fixed no404.nasl
1.1.4 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed find_services.nes
- plugins that are slow to finish are _really_ killed by the server
- the client better handles the scan of big networks
- nmap_wrapper now updates its progress bar
- nessus-update-plugins support proxies (with or without authentication)
- monitor_backend.c and data_mining.c allow any developer to plug
a database behind the client (by default flatfiles are used)
- bug fixed in nmap_wrapper which would make it kill its parent
process randomly
- minor fix in the tcp_ping() function of NASL (ack would be set
to non-zero for a syn packet)
- fixed Alexis's ftp_write_dirs.nes & ftp_bounce_scan.nes
. changes by Michel Arboi (arboi at noos.fr) :
- find_services accepts password-protected .pem files
- patches in the way files were transmitted between the client
and the server (which could end up in a deadlock)
. changes by Alexis de Bernis <alexisb at tpfh.org) :
- fixed ftp_write_dirs.nes
1.1.3 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'torturecgis.nasl' which supplies bogus args to
the remote CGIs, in order to find the most blantantly broken
ones
- webmirror.nasl now retrieves the list of arguments of each
CGI.
- added filter support in the client. Use the key 'l' to filter
out plugins you don't want to see.
- added the 'safe checks' option which allow the user to not disturb
the network (but which weakens the Nessus tests)
- disabled backward support for port 3001 - the official port
is 1241 now.
1.1.2 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'webmirror.nasl', which extracts the list of
CGIs used by a remote web server (and will do much more).
- fixed a problem in NASL due to the SSL patch that would cause
a fd leak with some plugins.
- added a new plugin category (ACT_DESTRUCTIVE_ATTACK) for plugins
that may harm the remote host.
- SSL certificates & key can be imported
- corrected a bug introduced in 1.1.0 that would make the client not display
the name of the plugin currently being run.
- sending signal SIGUSR1 to nessusd makes the grandfather process (the one
who listens on tcp ports) die without killing its children, thus
allowing a smooth upgrade of nessusd
- updated config.guess and config.sub
1.1.1 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed mem leaks in NASL
- fixed a bug introduced in 1.1.0 regarding recv_line()
- fixed a bug introduced in 1.1.0 in the process management of the plugins
(all the KB would not be filled, resulting in incomplete tests)
- smb_sid2user.nasl is twice as fast ;)
1.1.0 :
. changes by Devin Kowatch (devink at SDSC.EDU) :
- fixed communication problem between client and server
- user-defined timing policy in nmap
- nessus-update-plugins uses wget (or any user-supplied command at
compilation time) if available.
. changes by Michel Arboi (arboi at bigfoot.com) :
- support for the -T option of nmap
- SSL support
. changes by Zorgon (zorgon at antionline.org) :
- support for the --os_guess option of nmap
. changes by Renaud Deraison (deraison at nessus.org) :
- the user can upload files to plugins through the client (ie: it is possible
to upload nmap's results directly to the nmap plugin)
- tests can be run in parallel now
- each user is now granted a home by nessus-adduser
- added nessus-rmuser
- per users plugins
Of course several new plugins were added as well.
2002-05-10 15:18:44 +02:00
|
|
|
lib/nessus/plugins/whisker_wrapper.nes
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/whois_raw.nasl
|
|
|
|
lib/nessus/plugins/win_trinoo.nasl
|
|
|
|
lib/nessus/plugins/windmail.nasl
|
|
|
|
lib/nessus/plugins/wingate.nasl
|
|
|
|
lib/nessus/plugins/wingate_denial.nasl
|
|
|
|
lib/nessus/plugins/wingate_user.nasl
|
|
|
|
lib/nessus/plugins/winnt_dns_flood.nasl
|
|
|
|
lib/nessus/plugins/winnt_pptp_dos.nasl
|
|
|
|
lib/nessus/plugins/winnuke.nasl
|
|
|
|
lib/nessus/plugins/wins_udp_flood.nasl
|
|
|
|
lib/nessus/plugins/winsatan.nasl
|
2001-12-30 19:38:53 +01:00
|
|
|
lib/nessus/plugins/worldclient_server_detection.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/wrap.nasl
|
|
|
|
lib/nessus/plugins/wu_ftpd_overflow.nasl
|
|
|
|
lib/nessus/plugins/wu_ftpd_site_exec.nasl
|
|
|
|
lib/nessus/plugins/wu_ftpd_site_newer.nasl
|
2000-10-15 19:19:49 +02:00
|
|
|
lib/nessus/plugins/www_too_long_auth.nasl
|
2001-08-16 19:27:53 +02:00
|
|
|
lib/nessus/plugins/www_too_long_post.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/www_too_long_url.nasl
|
|
|
|
lib/nessus/plugins/wwwboardpwd.nasl
|
2001-01-28 19:52:32 +01:00
|
|
|
lib/nessus/plugins/wwwwais.nasl
|
Update libnasl, nessus{-core,-libraries,-plugins} to 1.2.0.
1.1.15/1.2.0 :
. changes by Nicolas Dubee (ndubee@secway.com) :
- Better support for AF_UNIX sockets
. changes by Brian (bmc@snort.org) :
- CVE references
- several bugfixes in the plugins
. changes by Peter Gründl (pgrundl@kpmg.dk) and
Carsten Joergensen (carstenjoergensen@kpmg.dk) :
- Extensive review of the plugins and therefore numerous fixes
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- FD leak in save_kb.c fixed
. changes by Renaud Deraison (deraison at nessus.org)
- It is now possible to upload files to the server when using
the command line client
- lrand48() portability problems worked around
- fixed a bug in the report window that would make it crash
randomly
1.1.14 :
. changes by Renaud Deraison (deraison at nessus.org)
- SMB fixes (thanks to Michael Scheidell)
- When the safe checks option is enabled, dangerous tests with no
alternate code (ie: plugins of type ACT_DESTRUCTIVE_ATTACK and
ACT_DENIAL) are disabled
- Hosts can be designated by their MAC address of instead of their
IP address (mostly useful for DHCP networks)
- Fixed a bug in the report generation which would replace newlines (\n)
by semi-columns (;)
- Fixed a bug in the export of some types of reports, where open ports
with no data associated would not be saved
- Integrated THC's Hydra as a Nessus plugin
- Added new NT security checks (related to user management)
- Plugins of type ACT_SETTINGS can not be disabled
- Fixed a bug which would make nessusd hang when a scanner was reporting
too many open ports (as when a UDP scan reports all UDP ports as
being open)
. changes by Dion Stempfley (dion at riptech.com)
- The client can now filter on category
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- Fixed some plugins causing error messages in some circumstances
(dns_xfer.nasl, snmp_processes.nasl...)
- Stylish changes to prevent gcc -Wall from whining in some files
- XML NG output is now XML compliant
- Bug fixes
. changes by Jenni Scott (jenni.scott@guardent.com) and
Michael Slifcak (michael.slifcak@guardent.com) :
- Improved the reporting of the plugins (better consistency, better
wording)
1.1.13 :
. changes by Michel Arboi (arboi at algoriel.fr)
- New family ACT_SETTINGS dedicated to plugins which just let the user
enter some preferences
- Optional NIDS evasion techniques (url encoding, tcp slicing)
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug in the command line client which would make it ignore
some preferences
- SMB checks can now log into a Windows domain
- NIDS evasion techniques (data injection, short ttl)
- Fixed a bug which would randomly stall the scan
1.1.12 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workarounds on FreeBSD to prevent a kernel panic
(thanks to Michael Scheidell and Stefan Esser)
- nessus can export reports as other file formats again
1.1.11 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug regarding the saving of reports from the GUI
- Improved the backend in many ways (speed-wise, content-wise)
- Changes in the protocol
- More messages are sent between the server and the client (timestamps,
plugins version, ...)
- New .nbe file format, which looks like .nsr but has more information
in it
- Plugins now have versions numbers.
- The user can upload his plugins to the nessusd server from the client
- It is now possible to upload files to the server (ie: nmap's results) in
command-line mode
- Fixed false positives in SNMP plugins when launched against a non-configured
Solaris snmpd
. changes by Guillaume Valadon (guillaume at valadon.net)
- New XML output (the XML layout was defined by Lionel Cons [lionel.cons at cern.ch])
1.1.10 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug introduced in 1.1.9 which would sometimes prevent a user from
aborting an on-going test
- Fixed a bug in the client which would prevent the user from setting a port
range longer than 255 chars
- Fixed bugs in pcap_next() (thanks to Richard van den Berg). Also, pcap_next() is now more flexible.
- Fixed a bug in the command line client which would make it close the
communication too early when the client - server communication is not
ciphered
- Added an "auto-load dependencies at runtime" option
1.1.9 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fix in the GUI, when closing a saved report
- Fixed a bug in ftp_log_in() which would prevent nasl script from
logging into some FTP servers
- Solaris build problems fixed
- Darwin 1.4.1 build problems fixed
- MkLinux DR3 build problems fixed (is anyone using it anymore ?)
- GTK 1.0.x build problems fixed (the use of GTK 1.2 is recommended though)
- Fixed the "wrong call to getopt" problem which would make Nessus
segfault when built with cygwin, and which would prevent options
from working under Solaris & FreeBSD (thanks to Udo Schweigert)
- SMB checks speedup (thanks to Georges Dagousset's suggestion)
- Fixed a bug in the client - server communication that would make the
server close the communication when the client is idle
- Better support for AF_UNIX socket for client-server communication
(compile nessus-core with ./configure --enable-unix-socket)
- Plugins are disabled by default in batch mode
. changes by Michel Arboi (arboi at algoriel.fr)
- Client now properly checks the certificate of the server
. changes by Benoit Brodard (bbrodard at arkoon.net)
- fixed bugs in nasl/tcp.c (checksum, handling of unsigned int)
1.1.8 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workaround for systems with a low number of bpfs (OpenBSD, Darwin)
- Added some length checks for SMB checks
- No more zombies
- Fixed accounts.nes
- Fixed the reporting of the client (reports would be mixed)
- Client removes tempfiles when exiting
- Repaired ptyexecvp() which would not work on Solaris
- Slight bugfix in the NASL interpretor
. changes by Georges Dagousset (georges at alert4web.com)
- More optimizations
- Properly reloads KBs with the same value defined more than once
- Fixes in some plugins dependencies
. changes by Michael Slifcak <Michael.Slifcak at guardent.com>
- More nmap options
- Quiet mode in nessus-adduser
1.1.7 :
. changes by Renaud Deraison (deraison at nessus.org)
- Compiles on platforms without OpenSSL
- Better Solaris support
- Ported under Darwin (many thanks to Dieter Fiebelkorn
(dieter at fiebelkorn.net) who actually started the port and helped
me test this)
- Unscanned ports can now be considered as closed or open (instead of
just open), at user choice
- Upgraded to libtool 1.4.2
- fixed a bug in the client which would make it display the wrong report
when doing multiple scans
- enhanced the plugins filter (that appear when pressing 'l' in the GUI)
- fixed a serious problem in the SMB plugins which would prevent them to work
against Samba and which would make them slow against Windows (pointed out
by Georges Dagousset)
. changes by Iouri Pletnev (Iouri.Pletnec at xacta.com)
- Ported under Cygwin
. changes by Michel Arboi (arboi at algoriel.fr)
- Added nessus-mkrand for hosts with no /dev/random AND no EGD
running
1.1.6 :
. changes by Renaud Deraison (deraison at nessus.org)
- EGD support for OpenSSL (do ./configure --enable-egd=/path/to/egd/socket
in nessus-libraries)
- KB items are now stored with individual dates instead of a global
date for the whole KB file. Yes, this means you have to delete your
old KB files
- When an host could not be pinged, his KB is not altered (nor created)
- fixed memory leaks in nessusd
- nessus-mkcert checks that the certificates were really created
before congratulating the user
- fixed a security problem where anybody with a shell on the nessusd
host could log in
1.1.5 :
. changes by Georges Dagousset (georges.dagousset at alert4web.com) :
- new KB entries for further "optimizations"
- improved find_services.nes
. changes by Renaud Deraison (deraison at nessus.org) :
- cleaned up the KB
- added doc/kb_entries.txt
- bugfix in find_services regarding the pem password
- new reporting GUI
- fixed a problem which would leave some plugin run against a host
considered as dead
- the KB are now stored with properly escaped \n and \r chars
- greatly improved tcp_ping.nasl (and tcp_ping() in libnasl)
. changes by Michel Arboi (arboi at algoriel.fr) :
- replaced PEKS by OpenSSL in the client/server communication
. changes by H D Moore (hdm@secureaustin.com)
- fixed no404.nasl
1.1.4 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed find_services.nes
- plugins that are slow to finish are _really_ killed by the server
- the client better handles the scan of big networks
- nmap_wrapper now updates its progress bar
- nessus-update-plugins support proxies (with or without authentication)
- monitor_backend.c and data_mining.c allow any developer to plug
a database behind the client (by default flatfiles are used)
- bug fixed in nmap_wrapper which would make it kill its parent
process randomly
- minor fix in the tcp_ping() function of NASL (ack would be set
to non-zero for a syn packet)
- fixed Alexis's ftp_write_dirs.nes & ftp_bounce_scan.nes
. changes by Michel Arboi (arboi at noos.fr) :
- find_services accepts password-protected .pem files
- patches in the way files were transmitted between the client
and the server (which could end up in a deadlock)
. changes by Alexis de Bernis <alexisb at tpfh.org) :
- fixed ftp_write_dirs.nes
1.1.3 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'torturecgis.nasl' which supplies bogus args to
the remote CGIs, in order to find the most blantantly broken
ones
- webmirror.nasl now retrieves the list of arguments of each
CGI.
- added filter support in the client. Use the key 'l' to filter
out plugins you don't want to see.
- added the 'safe checks' option which allow the user to not disturb
the network (but which weakens the Nessus tests)
- disabled backward support for port 3001 - the official port
is 1241 now.
1.1.2 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'webmirror.nasl', which extracts the list of
CGIs used by a remote web server (and will do much more).
- fixed a problem in NASL due to the SSL patch that would cause
a fd leak with some plugins.
- added a new plugin category (ACT_DESTRUCTIVE_ATTACK) for plugins
that may harm the remote host.
- SSL certificates & key can be imported
- corrected a bug introduced in 1.1.0 that would make the client not display
the name of the plugin currently being run.
- sending signal SIGUSR1 to nessusd makes the grandfather process (the one
who listens on tcp ports) die without killing its children, thus
allowing a smooth upgrade of nessusd
- updated config.guess and config.sub
1.1.1 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed mem leaks in NASL
- fixed a bug introduced in 1.1.0 regarding recv_line()
- fixed a bug introduced in 1.1.0 in the process management of the plugins
(all the KB would not be filled, resulting in incomplete tests)
- smb_sid2user.nasl is twice as fast ;)
1.1.0 :
. changes by Devin Kowatch (devink at SDSC.EDU) :
- fixed communication problem between client and server
- user-defined timing policy in nmap
- nessus-update-plugins uses wget (or any user-supplied command at
compilation time) if available.
. changes by Michel Arboi (arboi at bigfoot.com) :
- support for the -T option of nmap
- SSL support
. changes by Zorgon (zorgon at antionline.org) :
- support for the --os_guess option of nmap
. changes by Renaud Deraison (deraison at nessus.org) :
- the user can upload files to plugins through the client (ie: it is possible
to upload nmap's results directly to the nmap plugin)
- tests can be run in parallel now
- each user is now granted a home by nessus-adduser
- added nessus-rmuser
- per users plugins
Of course several new plugins were added as well.
2002-05-10 15:18:44 +02:00
|
|
|
lib/nessus/plugins/xdmcp.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/xitami_overflow.nasl
|
2001-01-28 19:52:32 +01:00
|
|
|
lib/nessus/plugins/xmail_overflow.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/xtramail_control.nasl
|
|
|
|
lib/nessus/plugins/xtramail_helo.nasl
|
|
|
|
lib/nessus/plugins/xtramail_pop_overflow.nasl
|
2000-10-15 19:19:49 +02:00
|
|
|
lib/nessus/plugins/yabb.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/yahoo_dos.nasl
|
2001-08-16 19:27:53 +02:00
|
|
|
lib/nessus/plugins/yppasswdd.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/zeus.nasl
|
Update libnasl, nessus{-core,-libraries,-plugins} to 1.2.0.
1.1.15/1.2.0 :
. changes by Nicolas Dubee (ndubee@secway.com) :
- Better support for AF_UNIX sockets
. changes by Brian (bmc@snort.org) :
- CVE references
- several bugfixes in the plugins
. changes by Peter Gründl (pgrundl@kpmg.dk) and
Carsten Joergensen (carstenjoergensen@kpmg.dk) :
- Extensive review of the plugins and therefore numerous fixes
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- FD leak in save_kb.c fixed
. changes by Renaud Deraison (deraison at nessus.org)
- It is now possible to upload files to the server when using
the command line client
- lrand48() portability problems worked around
- fixed a bug in the report window that would make it crash
randomly
1.1.14 :
. changes by Renaud Deraison (deraison at nessus.org)
- SMB fixes (thanks to Michael Scheidell)
- When the safe checks option is enabled, dangerous tests with no
alternate code (ie: plugins of type ACT_DESTRUCTIVE_ATTACK and
ACT_DENIAL) are disabled
- Hosts can be designated by their MAC address of instead of their
IP address (mostly useful for DHCP networks)
- Fixed a bug in the report generation which would replace newlines (\n)
by semi-columns (;)
- Fixed a bug in the export of some types of reports, where open ports
with no data associated would not be saved
- Integrated THC's Hydra as a Nessus plugin
- Added new NT security checks (related to user management)
- Plugins of type ACT_SETTINGS can not be disabled
- Fixed a bug which would make nessusd hang when a scanner was reporting
too many open ports (as when a UDP scan reports all UDP ports as
being open)
. changes by Dion Stempfley (dion at riptech.com)
- The client can now filter on category
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- Fixed some plugins causing error messages in some circumstances
(dns_xfer.nasl, snmp_processes.nasl...)
- Stylish changes to prevent gcc -Wall from whining in some files
- XML NG output is now XML compliant
- Bug fixes
. changes by Jenni Scott (jenni.scott@guardent.com) and
Michael Slifcak (michael.slifcak@guardent.com) :
- Improved the reporting of the plugins (better consistency, better
wording)
1.1.13 :
. changes by Michel Arboi (arboi at algoriel.fr)
- New family ACT_SETTINGS dedicated to plugins which just let the user
enter some preferences
- Optional NIDS evasion techniques (url encoding, tcp slicing)
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug in the command line client which would make it ignore
some preferences
- SMB checks can now log into a Windows domain
- NIDS evasion techniques (data injection, short ttl)
- Fixed a bug which would randomly stall the scan
1.1.12 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workarounds on FreeBSD to prevent a kernel panic
(thanks to Michael Scheidell and Stefan Esser)
- nessus can export reports as other file formats again
1.1.11 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug regarding the saving of reports from the GUI
- Improved the backend in many ways (speed-wise, content-wise)
- Changes in the protocol
- More messages are sent between the server and the client (timestamps,
plugins version, ...)
- New .nbe file format, which looks like .nsr but has more information
in it
- Plugins now have versions numbers.
- The user can upload his plugins to the nessusd server from the client
- It is now possible to upload files to the server (ie: nmap's results) in
command-line mode
- Fixed false positives in SNMP plugins when launched against a non-configured
Solaris snmpd
. changes by Guillaume Valadon (guillaume at valadon.net)
- New XML output (the XML layout was defined by Lionel Cons [lionel.cons at cern.ch])
1.1.10 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug introduced in 1.1.9 which would sometimes prevent a user from
aborting an on-going test
- Fixed a bug in the client which would prevent the user from setting a port
range longer than 255 chars
- Fixed bugs in pcap_next() (thanks to Richard van den Berg). Also, pcap_next() is now more flexible.
- Fixed a bug in the command line client which would make it close the
communication too early when the client - server communication is not
ciphered
- Added an "auto-load dependencies at runtime" option
1.1.9 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fix in the GUI, when closing a saved report
- Fixed a bug in ftp_log_in() which would prevent nasl script from
logging into some FTP servers
- Solaris build problems fixed
- Darwin 1.4.1 build problems fixed
- MkLinux DR3 build problems fixed (is anyone using it anymore ?)
- GTK 1.0.x build problems fixed (the use of GTK 1.2 is recommended though)
- Fixed the "wrong call to getopt" problem which would make Nessus
segfault when built with cygwin, and which would prevent options
from working under Solaris & FreeBSD (thanks to Udo Schweigert)
- SMB checks speedup (thanks to Georges Dagousset's suggestion)
- Fixed a bug in the client - server communication that would make the
server close the communication when the client is idle
- Better support for AF_UNIX socket for client-server communication
(compile nessus-core with ./configure --enable-unix-socket)
- Plugins are disabled by default in batch mode
. changes by Michel Arboi (arboi at algoriel.fr)
- Client now properly checks the certificate of the server
. changes by Benoit Brodard (bbrodard at arkoon.net)
- fixed bugs in nasl/tcp.c (checksum, handling of unsigned int)
1.1.8 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workaround for systems with a low number of bpfs (OpenBSD, Darwin)
- Added some length checks for SMB checks
- No more zombies
- Fixed accounts.nes
- Fixed the reporting of the client (reports would be mixed)
- Client removes tempfiles when exiting
- Repaired ptyexecvp() which would not work on Solaris
- Slight bugfix in the NASL interpretor
. changes by Georges Dagousset (georges at alert4web.com)
- More optimizations
- Properly reloads KBs with the same value defined more than once
- Fixes in some plugins dependencies
. changes by Michael Slifcak <Michael.Slifcak at guardent.com>
- More nmap options
- Quiet mode in nessus-adduser
1.1.7 :
. changes by Renaud Deraison (deraison at nessus.org)
- Compiles on platforms without OpenSSL
- Better Solaris support
- Ported under Darwin (many thanks to Dieter Fiebelkorn
(dieter at fiebelkorn.net) who actually started the port and helped
me test this)
- Unscanned ports can now be considered as closed or open (instead of
just open), at user choice
- Upgraded to libtool 1.4.2
- fixed a bug in the client which would make it display the wrong report
when doing multiple scans
- enhanced the plugins filter (that appear when pressing 'l' in the GUI)
- fixed a serious problem in the SMB plugins which would prevent them to work
against Samba and which would make them slow against Windows (pointed out
by Georges Dagousset)
. changes by Iouri Pletnev (Iouri.Pletnec at xacta.com)
- Ported under Cygwin
. changes by Michel Arboi (arboi at algoriel.fr)
- Added nessus-mkrand for hosts with no /dev/random AND no EGD
running
1.1.6 :
. changes by Renaud Deraison (deraison at nessus.org)
- EGD support for OpenSSL (do ./configure --enable-egd=/path/to/egd/socket
in nessus-libraries)
- KB items are now stored with individual dates instead of a global
date for the whole KB file. Yes, this means you have to delete your
old KB files
- When an host could not be pinged, his KB is not altered (nor created)
- fixed memory leaks in nessusd
- nessus-mkcert checks that the certificates were really created
before congratulating the user
- fixed a security problem where anybody with a shell on the nessusd
host could log in
1.1.5 :
. changes by Georges Dagousset (georges.dagousset at alert4web.com) :
- new KB entries for further "optimizations"
- improved find_services.nes
. changes by Renaud Deraison (deraison at nessus.org) :
- cleaned up the KB
- added doc/kb_entries.txt
- bugfix in find_services regarding the pem password
- new reporting GUI
- fixed a problem which would leave some plugin run against a host
considered as dead
- the KB are now stored with properly escaped \n and \r chars
- greatly improved tcp_ping.nasl (and tcp_ping() in libnasl)
. changes by Michel Arboi (arboi at algoriel.fr) :
- replaced PEKS by OpenSSL in the client/server communication
. changes by H D Moore (hdm@secureaustin.com)
- fixed no404.nasl
1.1.4 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed find_services.nes
- plugins that are slow to finish are _really_ killed by the server
- the client better handles the scan of big networks
- nmap_wrapper now updates its progress bar
- nessus-update-plugins support proxies (with or without authentication)
- monitor_backend.c and data_mining.c allow any developer to plug
a database behind the client (by default flatfiles are used)
- bug fixed in nmap_wrapper which would make it kill its parent
process randomly
- minor fix in the tcp_ping() function of NASL (ack would be set
to non-zero for a syn packet)
- fixed Alexis's ftp_write_dirs.nes & ftp_bounce_scan.nes
. changes by Michel Arboi (arboi at noos.fr) :
- find_services accepts password-protected .pem files
- patches in the way files were transmitted between the client
and the server (which could end up in a deadlock)
. changes by Alexis de Bernis <alexisb at tpfh.org) :
- fixed ftp_write_dirs.nes
1.1.3 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'torturecgis.nasl' which supplies bogus args to
the remote CGIs, in order to find the most blantantly broken
ones
- webmirror.nasl now retrieves the list of arguments of each
CGI.
- added filter support in the client. Use the key 'l' to filter
out plugins you don't want to see.
- added the 'safe checks' option which allow the user to not disturb
the network (but which weakens the Nessus tests)
- disabled backward support for port 3001 - the official port
is 1241 now.
1.1.2 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'webmirror.nasl', which extracts the list of
CGIs used by a remote web server (and will do much more).
- fixed a problem in NASL due to the SSL patch that would cause
a fd leak with some plugins.
- added a new plugin category (ACT_DESTRUCTIVE_ATTACK) for plugins
that may harm the remote host.
- SSL certificates & key can be imported
- corrected a bug introduced in 1.1.0 that would make the client not display
the name of the plugin currently being run.
- sending signal SIGUSR1 to nessusd makes the grandfather process (the one
who listens on tcp ports) die without killing its children, thus
allowing a smooth upgrade of nessusd
- updated config.guess and config.sub
1.1.1 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed mem leaks in NASL
- fixed a bug introduced in 1.1.0 regarding recv_line()
- fixed a bug introduced in 1.1.0 in the process management of the plugins
(all the KB would not be filled, resulting in incomplete tests)
- smb_sid2user.nasl is twice as fast ;)
1.1.0 :
. changes by Devin Kowatch (devink at SDSC.EDU) :
- fixed communication problem between client and server
- user-defined timing policy in nmap
- nessus-update-plugins uses wget (or any user-supplied command at
compilation time) if available.
. changes by Michel Arboi (arboi at bigfoot.com) :
- support for the -T option of nmap
- SSL support
. changes by Zorgon (zorgon at antionline.org) :
- support for the --os_guess option of nmap
. changes by Renaud Deraison (deraison at nessus.org) :
- the user can upload files to plugins through the client (ie: it is possible
to upload nmap's results directly to the nmap plugin)
- tests can be run in parallel now
- each user is now granted a home by nessus-adduser
- added nessus-rmuser
- per users plugins
Of course several new plugins were added as well.
2002-05-10 15:18:44 +02:00
|
|
|
lib/nessus/plugins/zml_cgi_traversal.nasl
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins/zope.nasl
|
2001-12-30 19:38:53 +01:00
|
|
|
lib/nessus/plugins/zope_dos.nasl
|
2001-01-28 19:52:32 +01:00
|
|
|
lib/nessus/plugins/zope_img_updating.nasl
|
2001-12-30 19:38:53 +01:00
|
|
|
lib/nessus/plugins/zope_zclass.nasl
|
|
|
|
lib/nessus/plugins/zyxel_pwd.nasl
|
Update libnasl, nessus{-core,-libraries,-plugins} to 1.2.0.
1.1.15/1.2.0 :
. changes by Nicolas Dubee (ndubee@secway.com) :
- Better support for AF_UNIX sockets
. changes by Brian (bmc@snort.org) :
- CVE references
- several bugfixes in the plugins
. changes by Peter Gründl (pgrundl@kpmg.dk) and
Carsten Joergensen (carstenjoergensen@kpmg.dk) :
- Extensive review of the plugins and therefore numerous fixes
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- FD leak in save_kb.c fixed
. changes by Renaud Deraison (deraison at nessus.org)
- It is now possible to upload files to the server when using
the command line client
- lrand48() portability problems worked around
- fixed a bug in the report window that would make it crash
randomly
1.1.14 :
. changes by Renaud Deraison (deraison at nessus.org)
- SMB fixes (thanks to Michael Scheidell)
- When the safe checks option is enabled, dangerous tests with no
alternate code (ie: plugins of type ACT_DESTRUCTIVE_ATTACK and
ACT_DENIAL) are disabled
- Hosts can be designated by their MAC address of instead of their
IP address (mostly useful for DHCP networks)
- Fixed a bug in the report generation which would replace newlines (\n)
by semi-columns (;)
- Fixed a bug in the export of some types of reports, where open ports
with no data associated would not be saved
- Integrated THC's Hydra as a Nessus plugin
- Added new NT security checks (related to user management)
- Plugins of type ACT_SETTINGS can not be disabled
- Fixed a bug which would make nessusd hang when a scanner was reporting
too many open ports (as when a UDP scan reports all UDP ports as
being open)
. changes by Dion Stempfley (dion at riptech.com)
- The client can now filter on category
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- Fixed some plugins causing error messages in some circumstances
(dns_xfer.nasl, snmp_processes.nasl...)
- Stylish changes to prevent gcc -Wall from whining in some files
- XML NG output is now XML compliant
- Bug fixes
. changes by Jenni Scott (jenni.scott@guardent.com) and
Michael Slifcak (michael.slifcak@guardent.com) :
- Improved the reporting of the plugins (better consistency, better
wording)
1.1.13 :
. changes by Michel Arboi (arboi at algoriel.fr)
- New family ACT_SETTINGS dedicated to plugins which just let the user
enter some preferences
- Optional NIDS evasion techniques (url encoding, tcp slicing)
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug in the command line client which would make it ignore
some preferences
- SMB checks can now log into a Windows domain
- NIDS evasion techniques (data injection, short ttl)
- Fixed a bug which would randomly stall the scan
1.1.12 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workarounds on FreeBSD to prevent a kernel panic
(thanks to Michael Scheidell and Stefan Esser)
- nessus can export reports as other file formats again
1.1.11 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug regarding the saving of reports from the GUI
- Improved the backend in many ways (speed-wise, content-wise)
- Changes in the protocol
- More messages are sent between the server and the client (timestamps,
plugins version, ...)
- New .nbe file format, which looks like .nsr but has more information
in it
- Plugins now have versions numbers.
- The user can upload his plugins to the nessusd server from the client
- It is now possible to upload files to the server (ie: nmap's results) in
command-line mode
- Fixed false positives in SNMP plugins when launched against a non-configured
Solaris snmpd
. changes by Guillaume Valadon (guillaume at valadon.net)
- New XML output (the XML layout was defined by Lionel Cons [lionel.cons at cern.ch])
1.1.10 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug introduced in 1.1.9 which would sometimes prevent a user from
aborting an on-going test
- Fixed a bug in the client which would prevent the user from setting a port
range longer than 255 chars
- Fixed bugs in pcap_next() (thanks to Richard van den Berg). Also, pcap_next() is now more flexible.
- Fixed a bug in the command line client which would make it close the
communication too early when the client - server communication is not
ciphered
- Added an "auto-load dependencies at runtime" option
1.1.9 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fix in the GUI, when closing a saved report
- Fixed a bug in ftp_log_in() which would prevent nasl script from
logging into some FTP servers
- Solaris build problems fixed
- Darwin 1.4.1 build problems fixed
- MkLinux DR3 build problems fixed (is anyone using it anymore ?)
- GTK 1.0.x build problems fixed (the use of GTK 1.2 is recommended though)
- Fixed the "wrong call to getopt" problem which would make Nessus
segfault when built with cygwin, and which would prevent options
from working under Solaris & FreeBSD (thanks to Udo Schweigert)
- SMB checks speedup (thanks to Georges Dagousset's suggestion)
- Fixed a bug in the client - server communication that would make the
server close the communication when the client is idle
- Better support for AF_UNIX socket for client-server communication
(compile nessus-core with ./configure --enable-unix-socket)
- Plugins are disabled by default in batch mode
. changes by Michel Arboi (arboi at algoriel.fr)
- Client now properly checks the certificate of the server
. changes by Benoit Brodard (bbrodard at arkoon.net)
- fixed bugs in nasl/tcp.c (checksum, handling of unsigned int)
1.1.8 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workaround for systems with a low number of bpfs (OpenBSD, Darwin)
- Added some length checks for SMB checks
- No more zombies
- Fixed accounts.nes
- Fixed the reporting of the client (reports would be mixed)
- Client removes tempfiles when exiting
- Repaired ptyexecvp() which would not work on Solaris
- Slight bugfix in the NASL interpretor
. changes by Georges Dagousset (georges at alert4web.com)
- More optimizations
- Properly reloads KBs with the same value defined more than once
- Fixes in some plugins dependencies
. changes by Michael Slifcak <Michael.Slifcak at guardent.com>
- More nmap options
- Quiet mode in nessus-adduser
1.1.7 :
. changes by Renaud Deraison (deraison at nessus.org)
- Compiles on platforms without OpenSSL
- Better Solaris support
- Ported under Darwin (many thanks to Dieter Fiebelkorn
(dieter at fiebelkorn.net) who actually started the port and helped
me test this)
- Unscanned ports can now be considered as closed or open (instead of
just open), at user choice
- Upgraded to libtool 1.4.2
- fixed a bug in the client which would make it display the wrong report
when doing multiple scans
- enhanced the plugins filter (that appear when pressing 'l' in the GUI)
- fixed a serious problem in the SMB plugins which would prevent them to work
against Samba and which would make them slow against Windows (pointed out
by Georges Dagousset)
. changes by Iouri Pletnev (Iouri.Pletnec at xacta.com)
- Ported under Cygwin
. changes by Michel Arboi (arboi at algoriel.fr)
- Added nessus-mkrand for hosts with no /dev/random AND no EGD
running
1.1.6 :
. changes by Renaud Deraison (deraison at nessus.org)
- EGD support for OpenSSL (do ./configure --enable-egd=/path/to/egd/socket
in nessus-libraries)
- KB items are now stored with individual dates instead of a global
date for the whole KB file. Yes, this means you have to delete your
old KB files
- When an host could not be pinged, his KB is not altered (nor created)
- fixed memory leaks in nessusd
- nessus-mkcert checks that the certificates were really created
before congratulating the user
- fixed a security problem where anybody with a shell on the nessusd
host could log in
1.1.5 :
. changes by Georges Dagousset (georges.dagousset at alert4web.com) :
- new KB entries for further "optimizations"
- improved find_services.nes
. changes by Renaud Deraison (deraison at nessus.org) :
- cleaned up the KB
- added doc/kb_entries.txt
- bugfix in find_services regarding the pem password
- new reporting GUI
- fixed a problem which would leave some plugin run against a host
considered as dead
- the KB are now stored with properly escaped \n and \r chars
- greatly improved tcp_ping.nasl (and tcp_ping() in libnasl)
. changes by Michel Arboi (arboi at algoriel.fr) :
- replaced PEKS by OpenSSL in the client/server communication
. changes by H D Moore (hdm@secureaustin.com)
- fixed no404.nasl
1.1.4 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed find_services.nes
- plugins that are slow to finish are _really_ killed by the server
- the client better handles the scan of big networks
- nmap_wrapper now updates its progress bar
- nessus-update-plugins support proxies (with or without authentication)
- monitor_backend.c and data_mining.c allow any developer to plug
a database behind the client (by default flatfiles are used)
- bug fixed in nmap_wrapper which would make it kill its parent
process randomly
- minor fix in the tcp_ping() function of NASL (ack would be set
to non-zero for a syn packet)
- fixed Alexis's ftp_write_dirs.nes & ftp_bounce_scan.nes
. changes by Michel Arboi (arboi at noos.fr) :
- find_services accepts password-protected .pem files
- patches in the way files were transmitted between the client
and the server (which could end up in a deadlock)
. changes by Alexis de Bernis <alexisb at tpfh.org) :
- fixed ftp_write_dirs.nes
1.1.3 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'torturecgis.nasl' which supplies bogus args to
the remote CGIs, in order to find the most blantantly broken
ones
- webmirror.nasl now retrieves the list of arguments of each
CGI.
- added filter support in the client. Use the key 'l' to filter
out plugins you don't want to see.
- added the 'safe checks' option which allow the user to not disturb
the network (but which weakens the Nessus tests)
- disabled backward support for port 3001 - the official port
is 1241 now.
1.1.2 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'webmirror.nasl', which extracts the list of
CGIs used by a remote web server (and will do much more).
- fixed a problem in NASL due to the SSL patch that would cause
a fd leak with some plugins.
- added a new plugin category (ACT_DESTRUCTIVE_ATTACK) for plugins
that may harm the remote host.
- SSL certificates & key can be imported
- corrected a bug introduced in 1.1.0 that would make the client not display
the name of the plugin currently being run.
- sending signal SIGUSR1 to nessusd makes the grandfather process (the one
who listens on tcp ports) die without killing its children, thus
allowing a smooth upgrade of nessusd
- updated config.guess and config.sub
1.1.1 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed mem leaks in NASL
- fixed a bug introduced in 1.1.0 regarding recv_line()
- fixed a bug introduced in 1.1.0 in the process management of the plugins
(all the KB would not be filled, resulting in incomplete tests)
- smb_sid2user.nasl is twice as fast ;)
1.1.0 :
. changes by Devin Kowatch (devink at SDSC.EDU) :
- fixed communication problem between client and server
- user-defined timing policy in nmap
- nessus-update-plugins uses wget (or any user-supplied command at
compilation time) if available.
. changes by Michel Arboi (arboi at bigfoot.com) :
- support for the -T option of nmap
- SSL support
. changes by Zorgon (zorgon at antionline.org) :
- support for the --os_guess option of nmap
. changes by Renaud Deraison (deraison at nessus.org) :
- the user can upload files to plugins through the client (ie: it is possible
to upload nmap's results directly to the nmap plugin)
- tests can be run in parallel now
- each user is now granted a home by nessus-adduser
- added nessus-rmuser
- per users plugins
Of course several new plugins were added as well.
2002-05-10 15:18:44 +02:00
|
|
|
lib/nessus/plugins_factory
|
2000-07-30 13:16:15 +02:00
|
|
|
lib/nessus/plugins_factory/Makefile
|
|
|
|
lib/nessus/plugins_factory/libtool
|
|
|
|
lib/nessus/plugins_factory/nessus.tmpl
|
|
|
|
man/man1/nessus-build.1
|
Update libnasl, nessus{-core,-libraries,-plugins} to 1.2.0.
1.1.15/1.2.0 :
. changes by Nicolas Dubee (ndubee@secway.com) :
- Better support for AF_UNIX sockets
. changes by Brian (bmc@snort.org) :
- CVE references
- several bugfixes in the plugins
. changes by Peter Gründl (pgrundl@kpmg.dk) and
Carsten Joergensen (carstenjoergensen@kpmg.dk) :
- Extensive review of the plugins and therefore numerous fixes
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- FD leak in save_kb.c fixed
. changes by Renaud Deraison (deraison at nessus.org)
- It is now possible to upload files to the server when using
the command line client
- lrand48() portability problems worked around
- fixed a bug in the report window that would make it crash
randomly
1.1.14 :
. changes by Renaud Deraison (deraison at nessus.org)
- SMB fixes (thanks to Michael Scheidell)
- When the safe checks option is enabled, dangerous tests with no
alternate code (ie: plugins of type ACT_DESTRUCTIVE_ATTACK and
ACT_DENIAL) are disabled
- Hosts can be designated by their MAC address of instead of their
IP address (mostly useful for DHCP networks)
- Fixed a bug in the report generation which would replace newlines (\n)
by semi-columns (;)
- Fixed a bug in the export of some types of reports, where open ports
with no data associated would not be saved
- Integrated THC's Hydra as a Nessus plugin
- Added new NT security checks (related to user management)
- Plugins of type ACT_SETTINGS can not be disabled
- Fixed a bug which would make nessusd hang when a scanner was reporting
too many open ports (as when a UDP scan reports all UDP ports as
being open)
. changes by Dion Stempfley (dion at riptech.com)
- The client can now filter on category
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- Fixed some plugins causing error messages in some circumstances
(dns_xfer.nasl, snmp_processes.nasl...)
- Stylish changes to prevent gcc -Wall from whining in some files
- XML NG output is now XML compliant
- Bug fixes
. changes by Jenni Scott (jenni.scott@guardent.com) and
Michael Slifcak (michael.slifcak@guardent.com) :
- Improved the reporting of the plugins (better consistency, better
wording)
1.1.13 :
. changes by Michel Arboi (arboi at algoriel.fr)
- New family ACT_SETTINGS dedicated to plugins which just let the user
enter some preferences
- Optional NIDS evasion techniques (url encoding, tcp slicing)
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug in the command line client which would make it ignore
some preferences
- SMB checks can now log into a Windows domain
- NIDS evasion techniques (data injection, short ttl)
- Fixed a bug which would randomly stall the scan
1.1.12 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workarounds on FreeBSD to prevent a kernel panic
(thanks to Michael Scheidell and Stefan Esser)
- nessus can export reports as other file formats again
1.1.11 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug regarding the saving of reports from the GUI
- Improved the backend in many ways (speed-wise, content-wise)
- Changes in the protocol
- More messages are sent between the server and the client (timestamps,
plugins version, ...)
- New .nbe file format, which looks like .nsr but has more information
in it
- Plugins now have versions numbers.
- The user can upload his plugins to the nessusd server from the client
- It is now possible to upload files to the server (ie: nmap's results) in
command-line mode
- Fixed false positives in SNMP plugins when launched against a non-configured
Solaris snmpd
. changes by Guillaume Valadon (guillaume at valadon.net)
- New XML output (the XML layout was defined by Lionel Cons [lionel.cons at cern.ch])
1.1.10 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug introduced in 1.1.9 which would sometimes prevent a user from
aborting an on-going test
- Fixed a bug in the client which would prevent the user from setting a port
range longer than 255 chars
- Fixed bugs in pcap_next() (thanks to Richard van den Berg). Also, pcap_next() is now more flexible.
- Fixed a bug in the command line client which would make it close the
communication too early when the client - server communication is not
ciphered
- Added an "auto-load dependencies at runtime" option
1.1.9 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fix in the GUI, when closing a saved report
- Fixed a bug in ftp_log_in() which would prevent nasl script from
logging into some FTP servers
- Solaris build problems fixed
- Darwin 1.4.1 build problems fixed
- MkLinux DR3 build problems fixed (is anyone using it anymore ?)
- GTK 1.0.x build problems fixed (the use of GTK 1.2 is recommended though)
- Fixed the "wrong call to getopt" problem which would make Nessus
segfault when built with cygwin, and which would prevent options
from working under Solaris & FreeBSD (thanks to Udo Schweigert)
- SMB checks speedup (thanks to Georges Dagousset's suggestion)
- Fixed a bug in the client - server communication that would make the
server close the communication when the client is idle
- Better support for AF_UNIX socket for client-server communication
(compile nessus-core with ./configure --enable-unix-socket)
- Plugins are disabled by default in batch mode
. changes by Michel Arboi (arboi at algoriel.fr)
- Client now properly checks the certificate of the server
. changes by Benoit Brodard (bbrodard at arkoon.net)
- fixed bugs in nasl/tcp.c (checksum, handling of unsigned int)
1.1.8 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workaround for systems with a low number of bpfs (OpenBSD, Darwin)
- Added some length checks for SMB checks
- No more zombies
- Fixed accounts.nes
- Fixed the reporting of the client (reports would be mixed)
- Client removes tempfiles when exiting
- Repaired ptyexecvp() which would not work on Solaris
- Slight bugfix in the NASL interpretor
. changes by Georges Dagousset (georges at alert4web.com)
- More optimizations
- Properly reloads KBs with the same value defined more than once
- Fixes in some plugins dependencies
. changes by Michael Slifcak <Michael.Slifcak at guardent.com>
- More nmap options
- Quiet mode in nessus-adduser
1.1.7 :
. changes by Renaud Deraison (deraison at nessus.org)
- Compiles on platforms without OpenSSL
- Better Solaris support
- Ported under Darwin (many thanks to Dieter Fiebelkorn
(dieter at fiebelkorn.net) who actually started the port and helped
me test this)
- Unscanned ports can now be considered as closed or open (instead of
just open), at user choice
- Upgraded to libtool 1.4.2
- fixed a bug in the client which would make it display the wrong report
when doing multiple scans
- enhanced the plugins filter (that appear when pressing 'l' in the GUI)
- fixed a serious problem in the SMB plugins which would prevent them to work
against Samba and which would make them slow against Windows (pointed out
by Georges Dagousset)
. changes by Iouri Pletnev (Iouri.Pletnec at xacta.com)
- Ported under Cygwin
. changes by Michel Arboi (arboi at algoriel.fr)
- Added nessus-mkrand for hosts with no /dev/random AND no EGD
running
1.1.6 :
. changes by Renaud Deraison (deraison at nessus.org)
- EGD support for OpenSSL (do ./configure --enable-egd=/path/to/egd/socket
in nessus-libraries)
- KB items are now stored with individual dates instead of a global
date for the whole KB file. Yes, this means you have to delete your
old KB files
- When an host could not be pinged, his KB is not altered (nor created)
- fixed memory leaks in nessusd
- nessus-mkcert checks that the certificates were really created
before congratulating the user
- fixed a security problem where anybody with a shell on the nessusd
host could log in
1.1.5 :
. changes by Georges Dagousset (georges.dagousset at alert4web.com) :
- new KB entries for further "optimizations"
- improved find_services.nes
. changes by Renaud Deraison (deraison at nessus.org) :
- cleaned up the KB
- added doc/kb_entries.txt
- bugfix in find_services regarding the pem password
- new reporting GUI
- fixed a problem which would leave some plugin run against a host
considered as dead
- the KB are now stored with properly escaped \n and \r chars
- greatly improved tcp_ping.nasl (and tcp_ping() in libnasl)
. changes by Michel Arboi (arboi at algoriel.fr) :
- replaced PEKS by OpenSSL in the client/server communication
. changes by H D Moore (hdm@secureaustin.com)
- fixed no404.nasl
1.1.4 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed find_services.nes
- plugins that are slow to finish are _really_ killed by the server
- the client better handles the scan of big networks
- nmap_wrapper now updates its progress bar
- nessus-update-plugins support proxies (with or without authentication)
- monitor_backend.c and data_mining.c allow any developer to plug
a database behind the client (by default flatfiles are used)
- bug fixed in nmap_wrapper which would make it kill its parent
process randomly
- minor fix in the tcp_ping() function of NASL (ack would be set
to non-zero for a syn packet)
- fixed Alexis's ftp_write_dirs.nes & ftp_bounce_scan.nes
. changes by Michel Arboi (arboi at noos.fr) :
- find_services accepts password-protected .pem files
- patches in the way files were transmitted between the client
and the server (which could end up in a deadlock)
. changes by Alexis de Bernis <alexisb at tpfh.org) :
- fixed ftp_write_dirs.nes
1.1.3 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'torturecgis.nasl' which supplies bogus args to
the remote CGIs, in order to find the most blantantly broken
ones
- webmirror.nasl now retrieves the list of arguments of each
CGI.
- added filter support in the client. Use the key 'l' to filter
out plugins you don't want to see.
- added the 'safe checks' option which allow the user to not disturb
the network (but which weakens the Nessus tests)
- disabled backward support for port 3001 - the official port
is 1241 now.
1.1.2 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'webmirror.nasl', which extracts the list of
CGIs used by a remote web server (and will do much more).
- fixed a problem in NASL due to the SSL patch that would cause
a fd leak with some plugins.
- added a new plugin category (ACT_DESTRUCTIVE_ATTACK) for plugins
that may harm the remote host.
- SSL certificates & key can be imported
- corrected a bug introduced in 1.1.0 that would make the client not display
the name of the plugin currently being run.
- sending signal SIGUSR1 to nessusd makes the grandfather process (the one
who listens on tcp ports) die without killing its children, thus
allowing a smooth upgrade of nessusd
- updated config.guess and config.sub
1.1.1 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed mem leaks in NASL
- fixed a bug introduced in 1.1.0 regarding recv_line()
- fixed a bug introduced in 1.1.0 in the process management of the plugins
(all the KB would not be filled, resulting in incomplete tests)
- smb_sid2user.nasl is twice as fast ;)
1.1.0 :
. changes by Devin Kowatch (devink at SDSC.EDU) :
- fixed communication problem between client and server
- user-defined timing policy in nmap
- nessus-update-plugins uses wget (or any user-supplied command at
compilation time) if available.
. changes by Michel Arboi (arboi at bigfoot.com) :
- support for the -T option of nmap
- SSL support
. changes by Zorgon (zorgon at antionline.org) :
- support for the --os_guess option of nmap
. changes by Renaud Deraison (deraison at nessus.org) :
- the user can upload files to plugins through the client (ie: it is possible
to upload nmap's results directly to the nmap plugin)
- tests can be run in parallel now
- each user is now granted a home by nessus-adduser
- added nessus-rmuser
- per users plugins
Of course several new plugins were added as well.
2002-05-10 15:18:44 +02:00
|
|
|
man/man8/nessus-update-plugins.8
|
|
|
|
sbin/nessus-update-plugins
|
2000-07-30 13:16:15 +02:00
|
|
|
@dirrm lib/nessus/plugins_factory
|
|
|
|
@dirrm lib/nessus/plugins
|