* Fixed MacOS X portability issues
* Non-intrusive OS-fingerprinting (based on xprobe's techniques)
* DNS fingerprinting
* killall -1 nessusd does not restart the bpf server on BSD systems
* longer connect() timeout for TCP sockets
* Fixed hydra.nes
* WWW fingerprinting
* IP addresses are now sorted in EVERY reports
* Automagically rewrite banners to handle distributions which do
backporting of security fixes (ie: Debian)
This closes PR pkg/23159 by Adrian Portelli.
Changes since 2.0.7:
o The bpf sharing system now works fine on BSD systems, so Nessus
now only requires one /dev/bpf to work correctly, no matter how
many hosts are being tested
o A bug in tcp_ping() would make some probes have a source port set
to 0
o Minor bug fixes
o Added functions in libnasl (join_multicast_group(), unixtime(),
and more...)
o All SSL operations now use non-blocking sockets instead of the
alarm() trick to handle timeouts
o Minimize the number of pixmaps that need to be created in the
Nessus client by re-using them
Review the Changelog file to see a complete list of changes.
Based on pr pkg/22356 by Adrian Portelli.
Changes since 2.0.6a:
. changes by Renaud Deraison (deraison@cvs.nessus.org)
- Fixed bad performances issues when pinging dead hosts
- Fixed a bug which would prevent to store items larger than 2kb in the KB
- NFS and SMB file-related functions completed (open, read and cwd are
implemented)
- Plugins support for Windows 2003
- Network IPs can now be evenly sliced instead of being scanned
sequentially
- User-definable source-IP(s) for the checks (nessusd -S)
- Fixed a possible message corruption problem if a plugin was to send a too
long message back to nessusd
- Fixed a possible plugin corruption problem when the client overwrites
existing plugins
- Fixed various false positives and wording issues in several plugins
This also includes changes offered in pr pkg/18734 and pr pkg/20796
submitted by Adrian Portelli. Thanks & Sorry that it took that long to
pick them up.
2.0.6 :
. changes by Renaud Deraison (deraison@cvs.nessus.org)
- Support for the keyword 'default' as a port range in nmap_wrapper.nes
- Fixed a zombie issue in nmap_wrapper.nes
- Fixed various issues which could allow a NASL script to crash the
NASL interpretor
- Improved the process management in find_services.nes
2.0.5 :
. changes by Renaud Deraison (deraison@cvs.nessus.org)
- Fixed a rare race condition which may make the scan hang
- Fixed SMB related issues
- Entering "default" as the port range will make nessusd scan the ports
listed in the Nessus services file.
- Even more sigs in find_services.nes
. changes by Julien Bordet (zejames@greyhats.org)
- Added over 3,000 signatures to smtpscan.nasl (thanks to the data
provided by the Nessus team)
2.0.4 :
. changes by Renaud Deraison (deraison@cvs.nessus.org)
- fixed the SIGCHLD handler which would not work properly and leave zombies
on the system
- fixed a race condition when testing a great number of hosts which would
cause a testing process to slow down a whole audit or even hang it
totally
- When a great number of host names is passed to nessusd as a target, they
are resolved by chunks of 64 instead of trying to resolve everything then
starting the test
- RedHat 9 support (in spite of their attempt to make their distro incompatible
with everyone else)
. changes by Gabriel L. Somlo <somlo@acns.colostate.edu>
- The nessus can save the reports to stdout and read them from stdin
2.0.3 :
- fixed a compilation error which would prevent find_services from working
properly
2.0.2 :
. changes by Michel Arboi (arboi@alussinan.org)
- NASL port of smtpscan (original Perl program by Julien Bordet)
- Nasty bug made loop stop prematurely on rare cases
. changes by Renaud Deraison (deraison@cvs.nessus.org)
- Re-wrote webmirror.nasl from scratch. The new version has a real parser
built-in and is much faster
- Added checks for older Microsoft Advisories
- SMB plugins now use NTMLv1 authentication, ie: they don't send passwords
in clear text over the network any more
- Added new crypto functions, taken from samba, in libnasl/
- Repaired detached scans
- Fixed IP ranges notation (10.1.1-9.1-254 did not work any more)
- Minor bug fixes and enhancements : #234, #233, #230, #229, #228, #225, #222,
#220, #218, #217, #216, #215, #213, #212, #211, #207, #206, #205
- nessus-update-plugins properly calls chown under FreeBSD, no matter how
many plugins there are
- find_services.nes recognizes even more protocols
. changes by Xueyong Zhi <zhi@mail.eecis.udel.edu>
- Added NTLMv2 authentication
. changes by Frank Migge (frank.migge@oracle.com)
- nessus-mkcert-client creates the auth/rules file properly
2.0.1 :
. changes by Renaud Deraison (deraison@cvs.nessus.org)
- Minor bugfixes (bugs #180, #183, #185, #188, #189, #195, #197, #202, #203, #204)
- Fixed the "pink" graphical report issue
- Added http keep-alive support in the CGI related plugins
- Fixed a bug in the function get_kb_list() which would not always work
properly
- Fixed an issue where in some situations, some HTTP services would not
be tested for flaws if they have not been port-scanned first
- Added new signatures in find_services.nes
. changes by Stephen Friedl (steve@unixwiz.net)
- Fixed bugs and warnings in nessus-libraries
2.0.0 :
. changes by Michel Arboi (arboi@alussinan.org)
- NASL2 : Implement >!< "strings don't match" operator
- NASL2 : fixed a vicious case of freed memory copy.
. changes by Renaud Deraison (deraison@cvs.nessus.org)
- Fixed a small bug in the plugin scheduler
- Ported to IRIX
- Several small bugfixes
. changes by Xueyong Zhi <zhi@mail.eecis.udel.edu>
- Added nmap_osfingerprint
1.3.4 :
. changes by Renaud Deraison (deraison@cvs.nessus.org)
- Re-written the process manager for the hosts
- Lots of bugfixes in the plugins text store manager
- New port scanner "synscan" which uses the RTT of the packets to do
its job.
- Fixed several small issues in nasl and nessusd (bug fixes, code cleanup)
- Added cryptographic hashing functions in NASL
- Added the function get_kb_list() which returns the content of a KB
without forking the plugin
- Updated the manpages of nessusd and nasl
. changes by Michel Arboi (arboi@alussinan.org)
- Fixed scanner_get_port() when running in standalone mode
- Fixed possible uninitiliazed memory issues in libnasl
- Started to write the NASL2 reference guide (to be found in libnasl/doc/)
1.3.3 :
. changes by Michel Arboi (arboi@alussinan.org)
- Implement bit xor, logical & aithmetic right shift, power
- Fix operator precedence
- Added new NASL functions
. changes by Renaud Deraison (deraison@cvs.nessus.org)
- The plugin texts are not loaded in memory any more, thus reducing
the consumption of the nessus daemon of two megs. This also speeds up
the loading of nessusd.
- Fixed a bug in the plugins scheduler (if optimizations were enabled,
the scan would sometime hang)
- Added a new NASL function (int())
- Fixed strings substraction to handle null values properly
- find_services.nes runs in parallel mode, for improved speed
- new plugin (synscan) which should perform well against firewalled
hosts (computes the RTT before the scan)
1.3.2 :
. changes by Renaud Deraison (deraison@cvs.nessus.org)
- Added fixes so that nessus-core/nessusd/pluginscheduler.c compiles with
the latest version of GCC
- Fixed a bug in nessus-libraries/libnessus/bpf_share.c : a timer would not
be reset, causing plugins which call bpf_next() to sometimes crash
- Set the timer of bpf_share.c to a much lower value, thus making it work
much better
- Improved tcp_ping()
- Fixed two bugs in the plugins scheduler :
- If the option "enable dependencies at runtime" is set,
it would enable ALL the plugins which are depended on, instead
of only those we use ;
- In some cases, it may terminate too early, thus preventing a scan
from being complete
- DESTDIR support
1.3.1 :
. changes by Renaud Deraison (deraison@cvs.nessus.org)
- Rewrote the plugins scheduler (which determines the order in which
the plugins are to be launched). The new one is much more efficient
but as a result, it is not possible to accurately determine the
order in which the plugins will be ran, so the 'plugin name' in
the client is now totally bogus
- Fixed various issues with NASL scripts so that they work better
with NASL2
- Fixed bugs relative to the creation of icmp and udp packets in nasl
- Fixed some fatal bugs in the bpf sharer
- NASL scripts do not read /dev/urandom any more, and use time() as a
random seed instead. As a result, the loading and execution of nasl
scripts if faster on systems where /dev/urandom can be blocking
- Fixed the tcp NIDS evasion techniques on BSD systems
- Full support for Bugtraq IDs
- The HTML reports add links for URLs, and show the ID number of
the plugin that issues the report.
- Speed up the calls to arg_get_value() by using a hash of the name
being searched for.
- Changed the licence of NASL2 to the GPLv2 (with the consent of Michel Arboi)
. changes by Michel Arboi (arboi@alussinan.org)
- Better handling of the arrays in NASL2
. changes by Erik Anderson (eanders@carmichaelsecurity.com)
- CVE and bugtraq cross references
. changes by Jay (jay@kinetic.org)
- Fixed multiple typos in the plugins
. changes by Javier Fernandez-Sanguino (jfernandez@germinus.com)
- Nessus now ships Hydra 2.2
- Fixed various compilation scritps (see bug#63)
1.3.0 :
. changes by Michel Arboi (arboi@alussinan.org)
- Use our own nessus-services file (re-generated at first start to include
/etc/services and nmap-services)
- Added new families of plugins (ACT_KILL_HOST and ACT_END)
- Rewrote libnasl
. changes by Renaud Deraison (deraison@cvs.nessus.org)
- The 'cancel' button of several file selection dialogs is now working
- Optimized several plugins :
- Web-related checks now use http_recv() instead of recv()
- open_priv_sock_tcp() has a lower timeout
- RPC related checks now use get_rpc_port(), a function equivalent
to libc's getrpcport() but with a much smaller timeout
- Decreased the default value of checks_read_timeout from 15 to 5
- Fixed a bug in the plugin selection GUI which would not refresh
the list of plugins of a given family properly (bug#3)
- Fixed memory leaks in NASL
- Fixed a bug in nessusd which would make it leak memory when receiving a SIGHUP
(bug#10)
- Fixed a compatibility problem with Nmap 3.10ALPHA (bug#11)
- Nessus now accepts nmap's U: and T: notation for the port range (bug#5)
- Helped Michel Arboi to give the last touches to the new libnasl
. changes by Erik Anderson (eanders@pobox.com)
- Added CVE and BID links, added urls and removed dead links from the plugins
. changes by Michel Scheidell (scheidell@secnap.net)
- Improved several SMB-related checks
. changes by Rodolfo Baader (rbaader@activesec.biz)
- Quotes and apostrophes are properly escaped in the XML output report
Based on pr pkg/19438 by Adrian Portelli.
Changes since 1.2.6:
. changes by Renaud Deraison (deraison@cvs.nessus.org)
- The 'cancel' button of several file selection dialogs is now working
- Optimized several plugins :
- Web-related checks now use http_recv() instead of recv()
- open_priv_sock_tcp() has a lower timeout
- RPC related checks now use get_rpc_port(), a function equivalent
to libc's getrpcport() but with a much smaller timeout
- Decreased the default value of checks_read_timeout from 15 to 5
- Fixed a bug in the plugin selection GUI which would not refresh
the list of plugins of a given family properly (bug#3)
- Fixed memory leaks in NASL
- Fixed a bug in nessusd which would make it leak memory when receiving a SIGHUP
(bug#10)
- Fixed a compatibility problem with Nmap 3.10ALPHA (bug#11)
- Nessus now accepts nmap's U: and T: notation for the port range (bug#5)
. changes by Erik Anderson (eanders@pobox.com)
- Added CVE and BID links, added urls and removed dead links from the plugins
. changes by Michel Scheidell (scheidell@secnap.net)
- Improved several SMB-related checks
. changes by Rodolfo Baader (rbaader@activesec.biz)
- Quotes and apostrophes are properly escaped in the XML output report
Changes since 1.2.0:
1.2.6 :
. changes by Michael Slifcak (Michael.Slifcak@guardent.com)
- Added Bugtraq cross reference in the plugins
- Added support for BID in nessusd (this has yet to be done on the
client side)
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- fixed the xml and html outputs
- fixed array issues in a couple of plugins
. changes by Michel Arboi (arboi@bigfoot.com)
- find_service now detects services protected by TCP wrappers or ACL
- find_service detects gnuserv
- ptyexecvp() replaced by nessus_popen() (*)
. changes by Renaud Deraison (deraison@cvs.nessus.org)
- Fixed a bug which may make nasl interpret backquoted strings
(\n and \r) received from the network (problem noted by Pavel Kankovsky)
- nmap_wrapper.nes calls _exit() instead of exit() (*)
- Solved the lack of bpf's on Free/Open/NetBSD and MacOSX by
sharing _one_ among all the Nessus processes. As a result, Nessus's
ping is much more effective on these platforms
- bugfix in plug_set_key() which would eventually make some scripts
take too long when writing in the KB
- Plugins of family ACT_SETTINGS are run *after* plugins of family
ACT_SCANNERS
- replaced the implementation of md5 which was used when OpenSSL is disabled
by the one from RSA (the old one would not work on a big-endian host)
- Fixed plugins build issues on MacOS X
- The nessus client compiles and links against GTK+-2.0. Of course, it will
be horrible and instable, as the GTK team does not care about backward
compatibility
(*) These two modifications solve the problems of nmap hanging under FreeBSD
1.2.5 :
. changes by Michel Arboi (arboi@bigfoot.com)
- find_service now displays unknown services that run on assigned ports
- read_stream_connection smarter (smaller timeout)
- find_service sometimes declared IDENT as "unknown"
. changes by Renaud Deraison (deraison@cvs.nessus.org)
- Fixed a deadlock that would prevent some plugins from completing
- Fixed a possible (although rare) corruption issue in the reports
(the script IDs could under some circumstances be random)
- Fixed a potential segfault in the execution of nasl scripts
1.2.4 :
. changes by Renaud Deraison (deraison@cvs.nessus.org)
- Reverted back to autoconf 2.13.
- Bug fix in nessus-core/nessusd/pluginlaunch.c - under some circumstances,
data might have be lost in the reports
- Fixed a bug in several plugins for web checks (under some circumstances,
a plugin would do N x N checks against the remote web servers (where
N equals to the number of web servers running on the remote host)
1.2.3 :
. changes by Isaac Dawson (idawson@securitymanagementpartners.com)
- New html output layout.
. changes by Pasi Eronen (pasi.eronen@nixu.com)
- fix in nmap_wrapper
. changes by Renaud Deraison (deraison@cvs.nessus.org)
- Fixed a bug which could make, under some circumstances, make nessusd
crash the host it is running on.
- If the option log_whole_attack is set to "no", then only the begining
and the end of the attack is logged (and not the time each plugin takes)
- Improved no404.nasl to further reduce false positives
- Bug fix in nessusd - under some rare circumstances, report data could
be lost (if many many plugins were enabled at the same time and were
sending data at the same time).
- UDP packets are resent while we wait for a reply (avoids to loose packets
en route)
- Fixed the option "auto_enable_dependencies" which would not always work
- Sending a SIGTERM to the nessus client during a command line scan
forces it to save its result to the current test file
- Non-printables characters are not shown in the report any more
1.2.2 :
. changes by Renaud Deraison (deraison@cvs.nessus.org)
- In the GUI, while running a scan, plugins names are only updated once
in a while (saves CPU)
- Bugfix in the client : some host names would make the client crash
- Repaired the '-P' switch in the client
1.2.1 :
. changes by Simon Law (sfllaw@engmail.uwaterloo.ca)
- Made a manpage for nessus-mkcert-client(1) and have it installed by
the Makefile
- Revised most other manpages for missing information and to increase
clarity
1.1.15/1.2.0 :
. changes by Nicolas Dubee (ndubee@secway.com) :
- Better support for AF_UNIX sockets
. changes by Brian (bmc@snort.org) :
- CVE references
- several bugfixes in the plugins
. changes by Peter Gründl (pgrundl@kpmg.dk) and
Carsten Joergensen (carstenjoergensen@kpmg.dk) :
- Extensive review of the plugins and therefore numerous fixes
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- FD leak in save_kb.c fixed
. changes by Renaud Deraison (deraison at nessus.org)
- It is now possible to upload files to the server when using
the command line client
- lrand48() portability problems worked around
- fixed a bug in the report window that would make it crash
randomly
1.1.14 :
. changes by Renaud Deraison (deraison at nessus.org)
- SMB fixes (thanks to Michael Scheidell)
- When the safe checks option is enabled, dangerous tests with no
alternate code (ie: plugins of type ACT_DESTRUCTIVE_ATTACK and
ACT_DENIAL) are disabled
- Hosts can be designated by their MAC address of instead of their
IP address (mostly useful for DHCP networks)
- Fixed a bug in the report generation which would replace newlines (\n)
by semi-columns (;)
- Fixed a bug in the export of some types of reports, where open ports
with no data associated would not be saved
- Integrated THC's Hydra as a Nessus plugin
- Added new NT security checks (related to user management)
- Plugins of type ACT_SETTINGS can not be disabled
- Fixed a bug which would make nessusd hang when a scanner was reporting
too many open ports (as when a UDP scan reports all UDP ports as
being open)
. changes by Dion Stempfley (dion at riptech.com)
- The client can now filter on category
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- Fixed some plugins causing error messages in some circumstances
(dns_xfer.nasl, snmp_processes.nasl...)
- Stylish changes to prevent gcc -Wall from whining in some files
- XML NG output is now XML compliant
- Bug fixes
. changes by Jenni Scott (jenni.scott@guardent.com) and
Michael Slifcak (michael.slifcak@guardent.com) :
- Improved the reporting of the plugins (better consistency, better
wording)
1.1.13 :
. changes by Michel Arboi (arboi at algoriel.fr)
- New family ACT_SETTINGS dedicated to plugins which just let the user
enter some preferences
- Optional NIDS evasion techniques (url encoding, tcp slicing)
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug in the command line client which would make it ignore
some preferences
- SMB checks can now log into a Windows domain
- NIDS evasion techniques (data injection, short ttl)
- Fixed a bug which would randomly stall the scan
1.1.12 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workarounds on FreeBSD to prevent a kernel panic
(thanks to Michael Scheidell and Stefan Esser)
- nessus can export reports as other file formats again
1.1.11 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug regarding the saving of reports from the GUI
- Improved the backend in many ways (speed-wise, content-wise)
- Changes in the protocol
- More messages are sent between the server and the client (timestamps,
plugins version, ...)
- New .nbe file format, which looks like .nsr but has more information
in it
- Plugins now have versions numbers.
- The user can upload his plugins to the nessusd server from the client
- It is now possible to upload files to the server (ie: nmap's results) in
command-line mode
- Fixed false positives in SNMP plugins when launched against a non-configured
Solaris snmpd
. changes by Guillaume Valadon (guillaume at valadon.net)
- New XML output (the XML layout was defined by Lionel Cons [lionel.cons at cern.ch])
1.1.10 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug introduced in 1.1.9 which would sometimes prevent a user from
aborting an on-going test
- Fixed a bug in the client which would prevent the user from setting a port
range longer than 255 chars
- Fixed bugs in pcap_next() (thanks to Richard van den Berg). Also, pcap_next() is now more flexible.
- Fixed a bug in the command line client which would make it close the
communication too early when the client - server communication is not
ciphered
- Added an "auto-load dependencies at runtime" option
1.1.9 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fix in the GUI, when closing a saved report
- Fixed a bug in ftp_log_in() which would prevent nasl script from
logging into some FTP servers
- Solaris build problems fixed
- Darwin 1.4.1 build problems fixed
- MkLinux DR3 build problems fixed (is anyone using it anymore ?)
- GTK 1.0.x build problems fixed (the use of GTK 1.2 is recommended though)
- Fixed the "wrong call to getopt" problem which would make Nessus
segfault when built with cygwin, and which would prevent options
from working under Solaris & FreeBSD (thanks to Udo Schweigert)
- SMB checks speedup (thanks to Georges Dagousset's suggestion)
- Fixed a bug in the client - server communication that would make the
server close the communication when the client is idle
- Better support for AF_UNIX socket for client-server communication
(compile nessus-core with ./configure --enable-unix-socket)
- Plugins are disabled by default in batch mode
. changes by Michel Arboi (arboi at algoriel.fr)
- Client now properly checks the certificate of the server
. changes by Benoit Brodard (bbrodard at arkoon.net)
- fixed bugs in nasl/tcp.c (checksum, handling of unsigned int)
1.1.8 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workaround for systems with a low number of bpfs (OpenBSD, Darwin)
- Added some length checks for SMB checks
- No more zombies
- Fixed accounts.nes
- Fixed the reporting of the client (reports would be mixed)
- Client removes tempfiles when exiting
- Repaired ptyexecvp() which would not work on Solaris
- Slight bugfix in the NASL interpretor
. changes by Georges Dagousset (georges at alert4web.com)
- More optimizations
- Properly reloads KBs with the same value defined more than once
- Fixes in some plugins dependencies
. changes by Michael Slifcak <Michael.Slifcak at guardent.com>
- More nmap options
- Quiet mode in nessus-adduser
1.1.7 :
. changes by Renaud Deraison (deraison at nessus.org)
- Compiles on platforms without OpenSSL
- Better Solaris support
- Ported under Darwin (many thanks to Dieter Fiebelkorn
(dieter at fiebelkorn.net) who actually started the port and helped
me test this)
- Unscanned ports can now be considered as closed or open (instead of
just open), at user choice
- Upgraded to libtool 1.4.2
- fixed a bug in the client which would make it display the wrong report
when doing multiple scans
- enhanced the plugins filter (that appear when pressing 'l' in the GUI)
- fixed a serious problem in the SMB plugins which would prevent them to work
against Samba and which would make them slow against Windows (pointed out
by Georges Dagousset)
. changes by Iouri Pletnev (Iouri.Pletnec at xacta.com)
- Ported under Cygwin
. changes by Michel Arboi (arboi at algoriel.fr)
- Added nessus-mkrand for hosts with no /dev/random AND no EGD
running
1.1.6 :
. changes by Renaud Deraison (deraison at nessus.org)
- EGD support for OpenSSL (do ./configure --enable-egd=/path/to/egd/socket
in nessus-libraries)
- KB items are now stored with individual dates instead of a global
date for the whole KB file. Yes, this means you have to delete your
old KB files
- When an host could not be pinged, his KB is not altered (nor created)
- fixed memory leaks in nessusd
- nessus-mkcert checks that the certificates were really created
before congratulating the user
- fixed a security problem where anybody with a shell on the nessusd
host could log in
1.1.5 :
. changes by Georges Dagousset (georges.dagousset at alert4web.com) :
- new KB entries for further "optimizations"
- improved find_services.nes
. changes by Renaud Deraison (deraison at nessus.org) :
- cleaned up the KB
- added doc/kb_entries.txt
- bugfix in find_services regarding the pem password
- new reporting GUI
- fixed a problem which would leave some plugin run against a host
considered as dead
- the KB are now stored with properly escaped \n and \r chars
- greatly improved tcp_ping.nasl (and tcp_ping() in libnasl)
. changes by Michel Arboi (arboi at algoriel.fr) :
- replaced PEKS by OpenSSL in the client/server communication
. changes by H D Moore (hdm@secureaustin.com)
- fixed no404.nasl
1.1.4 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed find_services.nes
- plugins that are slow to finish are _really_ killed by the server
- the client better handles the scan of big networks
- nmap_wrapper now updates its progress bar
- nessus-update-plugins support proxies (with or without authentication)
- monitor_backend.c and data_mining.c allow any developer to plug
a database behind the client (by default flatfiles are used)
- bug fixed in nmap_wrapper which would make it kill its parent
process randomly
- minor fix in the tcp_ping() function of NASL (ack would be set
to non-zero for a syn packet)
- fixed Alexis's ftp_write_dirs.nes & ftp_bounce_scan.nes
. changes by Michel Arboi (arboi at noos.fr) :
- find_services accepts password-protected .pem files
- patches in the way files were transmitted between the client
and the server (which could end up in a deadlock)
. changes by Alexis de Bernis <alexisb at tpfh.org) :
- fixed ftp_write_dirs.nes
1.1.3 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'torturecgis.nasl' which supplies bogus args to
the remote CGIs, in order to find the most blantantly broken
ones
- webmirror.nasl now retrieves the list of arguments of each
CGI.
- added filter support in the client. Use the key 'l' to filter
out plugins you don't want to see.
- added the 'safe checks' option which allow the user to not disturb
the network (but which weakens the Nessus tests)
- disabled backward support for port 3001 - the official port
is 1241 now.
1.1.2 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'webmirror.nasl', which extracts the list of
CGIs used by a remote web server (and will do much more).
- fixed a problem in NASL due to the SSL patch that would cause
a fd leak with some plugins.
- added a new plugin category (ACT_DESTRUCTIVE_ATTACK) for plugins
that may harm the remote host.
- SSL certificates & key can be imported
- corrected a bug introduced in 1.1.0 that would make the client not display
the name of the plugin currently being run.
- sending signal SIGUSR1 to nessusd makes the grandfather process (the one
who listens on tcp ports) die without killing its children, thus
allowing a smooth upgrade of nessusd
- updated config.guess and config.sub
1.1.1 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed mem leaks in NASL
- fixed a bug introduced in 1.1.0 regarding recv_line()
- fixed a bug introduced in 1.1.0 in the process management of the plugins
(all the KB would not be filled, resulting in incomplete tests)
- smb_sid2user.nasl is twice as fast ;)
1.1.0 :
. changes by Devin Kowatch (devink at SDSC.EDU) :
- fixed communication problem between client and server
- user-defined timing policy in nmap
- nessus-update-plugins uses wget (or any user-supplied command at
compilation time) if available.
. changes by Michel Arboi (arboi at bigfoot.com) :
- support for the -T option of nmap
- SSL support
. changes by Zorgon (zorgon at antionline.org) :
- support for the --os_guess option of nmap
. changes by Renaud Deraison (deraison at nessus.org) :
- the user can upload files to plugins through the client (ie: it is possible
to upload nmap's results directly to the nmap plugin)
- tests can be run in parallel now
- each user is now granted a home by nessus-adduser
- added nessus-rmuser
- per users plugins
Of course several new plugins were added as well.
1.0.10 :
Changes by Michael Scheidell <scheidell@fdma.com> :
- Backported Nessus 1.1.x plugins changes in nessus-plugins
Changes by Renaud Deraison <deraison@nessus.org> :
- Minor fixes
- increased login timeout
- fixed a possible deadlock in libpeks
- fixed a bug which would cause the client to crash when sending a too
long plugin list
- fixed the 'too many plugins selected' bug that would make the
client crash
- workaround for a Linux bug^H^H^Hfeature that makes recv()
behave completely differently than the rest of the world
(thanks to Andreas Steinmetz)
- fixed http://install.nessus.org to better work on Solaris
- various minor issues
- several new plugins
- various bugfixes
- fixed fd leak in KB and session saving
- possibly fixed connections problems between the client and
the server
- updated config.guess and config.sub
- many new plugins
Besides several new plugins, the following changed since 1.0.6:
. changes by Jordan Hrycaj (jordan at nessus.org) :
- added support for iana port 1241 while 3001 open at the
same time, nin-compat mode (disabling 3001) as sn experimantal
configure option
- nessus-adduser allows to create local users with immediate
key exchange (no passphrase procedure needed)
- nessusd allows to speciphy user logins with netmasks (as with
the public key tags and passwords) in the nessusd.users file
- some options added to nessus, and nessusd
- you can force the compilation/installation of the getopt_long()
function(s) by a configure option
. changes by Renaud Deraison (deraison at nessus.org) :
- http virtual hosts can now be tested
- user-modifiable per-plugin timeout
- detached scans can now be stopped from the client
- fixed issues in detached scan
- implemented plugins_reload() which loads new plugins in memory
- get_host_name() returns the name of host, as entered by the user
(and not a resolve(ip(name_of_host)))
- added the function cgibin() in NASL, which returns the paths
to use to get to the CGIs (default : /cgi-bin)
. changes by Loren Bandiera (lorenb at shelluser.net) :
- XML output improved
out of date - it was based on a.out OBJECT_FMT, and added entries in the
generated PLISTs to reflect the symlinks that ELF packages uses. It also
tried to be clever, and removed and recreated any symbolic links that were
created, which has resulted in some fun, especially with packages which
use dlopen(3) to load modules. Some recent changes to our ld.so to bring
it more into line with other Operating Systems also exposed some cracks.
+ Modify bsd.pkg.mk and its shared object handling, so that PLISTs now contain
the ELF symlinks.
+ Don't mess about with file system entries when handling shared objects in
bsd.pkg.mk, since it's likely that libtool and the BSD *.mk processing will
have got it right, and have a much better idea than we do.
+ Modify PLISTs to contain "ELF symlinks"
+ On a.out platforms, delete any "ELF symlinks" from the generated PLISTs
+ On ELF platforms, no extra processing needs to be done in bsd.pkg.mk
+ Modify print-PLIST target in bsd.pkg.mk to add dummy symlink entries on
a.out platforms
+ Update the documentation in Packages.txt
With many thanks to Thomas Klausner for keeping me honest with this.
. changes by Renaud Deraison (deraison at nessus.org) :
- detached scans can send their result to a given email address (experimental,
see http://www.nessus.org/doc/detached_scan.html)
- diff scan (experimental - see http://www.nessus.org/doc/diff_scan.html)
- probably fixed a bug which would prevent, under rare circumstances, a
scan to finish
- NASL plugins can have no timeout
- minor change in the LaTeX report
- Support for Sun Workshop 5 compiler
- IRIX 6.2 support
- HP/UX 10.20 support
- Fixed a problem in report saving (saving as HTML would produce an XML
file) - thanks to Scott Nichols (Scott.Nichols at globalintegrity.com)
. changes by Jordan Hrycaj (jordan@mjh.teddy-net.com)
- Fixed a problem in the random number generator
. changes by Renaud Deraison (deraison at nessus.org) :
- added experimental KB saving, to prevent the audit to restart
from scratch between two tests. See http://www.nessus.org/doc/kb_saving.html
for details
- added experimental detached scans.
See http://www.nessus.org/doc/detached_scan.html for details
- bug in the test of DoS attacks fixed (thanks to Christophe Grenier,
Christophe.Grenier@esiea.fr)
- minor changes in nessus-adduser
- scripts that open a UDP socket read the result of a UDP scan first
- when it receives a SIGHUP, nessusd first frees memory. It also closes
and re-opens the nessusd.messages file
- the plugin timeout is now user definable, in nessusd.conf
- 64 bit compatible (nessusd would produce warnings when running
on some 64 bit architectures). Thanks to the SuSE (http://www.suse.de) team
for having given me access to an IA-64 to compile and try Nessus.
. Changes by Jordan Hrycaj <jordan@mjh.teddy-net.com>
- faster cipher layer
. Other changes :
- a GTK error would sometime be produced when the client is run in
batch mode (Cyril Leclerc <cleclerc at boreal-com.fr>)
What is new in Nessus 1.0.4 :
changes by Christoph Puppe (pluto at defcom-sec.com) :
added "Sort by Port" to the report window.
Reports are sorted first by holes, then by warnings, then by notes.
Previous version only sorted by holes.
changes by Renaud Deraison (renaud at nessus.org) :
ftp related checks : the user can now supply a login/password for the ftp
checks, and relies on the ftp banner if nessusd can't log into
the ftp server (requested by Jens.Oeser at connector.de).
libnessus : ftp_log_in() would sometime fail against some ftp servers
better handling of large reports on the client side
tests are saved on the server side and can be restored. Note that this is
experimental and disabled by default. Do
./configure --enable-save-sessions
to enable this feature, and read doc/session_saving.txt for details.
better handling of targets with multiple web servers running
continue to launch the DoS if the state of the remote host can not be
determined
fixed a bug in smb_login_as_users.nasl, and improved
smb_accessible_shares.nasl
added checks for unpassworded MySQLs and PostgreSQL databases
nessusd uses less memory
changes by Pavel Kankovsky (peak at argo.troja.mff.cuni.cz) :
fixed a possible deadlock in the nessusd internal communication
fixed a problem in the client that would make it crash if it received
a malformed message from the server
the client would not detect the death of the server when run in batch
mode
possible header confusion (with regex.h) fixed
possible signal deadlock when exiting fixed
Other changes :
fixed a problem in the function is_cgi_installed() that may sometime
not work against odd clients (Thomas Reinke (reinke at
e-softinc.com))
fixed a bug in snmp_default_communities.nasl (Lionel Cons
(lionel.cons at cern.ch))
fixed showmount.nasl (Paul Ewing Jr. (ewing at ima.umn.edu))
typo in showmount.nasl would prevent it to work over udp (ctor at
krixor.xy.org)