This closes PR pkg/23159 by Adrian Portelli.
Changes since 2.0.7:
o The bpf sharing system now works fine on BSD systems, so Nessus
now only requires one /dev/bpf to work correctly, no matter how
many hosts are being tested
o A bug in tcp_ping() would make some probes have a source port set
to 0
o Minor bug fixes
o Added functions in libnasl (join_multicast_group(), unixtime(),
and more...)
o All SSL operations now use non-blocking sockets instead of the
alarm() trick to handle timeouts
o Minimize the number of pixmaps that need to be created in the
Nessus client by re-using them
Review the Changelog file to see a complete list of changes.
Based on pr pkg/22356 by Adrian Portelli.
Changes since 2.0.6a:
. changes by Renaud Deraison (deraison@cvs.nessus.org)
- Fixed bad performances issues when pinging dead hosts
- Fixed a bug which would prevent to store items larger than 2kb in the KB
- NFS and SMB file-related functions completed (open, read and cwd are
implemented)
- Plugins support for Windows 2003
- Network IPs can now be evenly sliced instead of being scanned
sequentially
- User-definable source-IP(s) for the checks (nessusd -S)
- Fixed a possible message corruption problem if a plugin was to send a too
long message back to nessusd
- Fixed a possible plugin corruption problem when the client overwrites
existing plugins
- Fixed various false positives and wording issues in several plugins
This also includes changes offered in pr pkg/18734 and pr pkg/20796
submitted by Adrian Portelli. Thanks & Sorry that it took that long to
pick them up.
2.0.6 :
. changes by Renaud Deraison (deraison@cvs.nessus.org)
- Support for the keyword 'default' as a port range in nmap_wrapper.nes
- Fixed a zombie issue in nmap_wrapper.nes
- Fixed various issues which could allow a NASL script to crash the
NASL interpretor
- Improved the process management in find_services.nes
2.0.5 :
. changes by Renaud Deraison (deraison@cvs.nessus.org)
- Fixed a rare race condition which may make the scan hang
- Fixed SMB related issues
- Entering "default" as the port range will make nessusd scan the ports
listed in the Nessus services file.
- Even more sigs in find_services.nes
. changes by Julien Bordet (zejames@greyhats.org)
- Added over 3,000 signatures to smtpscan.nasl (thanks to the data
provided by the Nessus team)
2.0.4 :
. changes by Renaud Deraison (deraison@cvs.nessus.org)
- fixed the SIGCHLD handler which would not work properly and leave zombies
on the system
- fixed a race condition when testing a great number of hosts which would
cause a testing process to slow down a whole audit or even hang it
totally
- When a great number of host names is passed to nessusd as a target, they
are resolved by chunks of 64 instead of trying to resolve everything then
starting the test
- RedHat 9 support (in spite of their attempt to make their distro incompatible
with everyone else)
. changes by Gabriel L. Somlo <somlo@acns.colostate.edu>
- The nessus can save the reports to stdout and read them from stdin
2.0.3 :
- fixed a compilation error which would prevent find_services from working
properly
2.0.2 :
. changes by Michel Arboi (arboi@alussinan.org)
- NASL port of smtpscan (original Perl program by Julien Bordet)
- Nasty bug made loop stop prematurely on rare cases
. changes by Renaud Deraison (deraison@cvs.nessus.org)
- Re-wrote webmirror.nasl from scratch. The new version has a real parser
built-in and is much faster
- Added checks for older Microsoft Advisories
- SMB plugins now use NTMLv1 authentication, ie: they don't send passwords
in clear text over the network any more
- Added new crypto functions, taken from samba, in libnasl/
- Repaired detached scans
- Fixed IP ranges notation (10.1.1-9.1-254 did not work any more)
- Minor bug fixes and enhancements : #234, #233, #230, #229, #228, #225, #222,
#220, #218, #217, #216, #215, #213, #212, #211, #207, #206, #205
- nessus-update-plugins properly calls chown under FreeBSD, no matter how
many plugins there are
- find_services.nes recognizes even more protocols
. changes by Xueyong Zhi <zhi@mail.eecis.udel.edu>
- Added NTLMv2 authentication
. changes by Frank Migge (frank.migge@oracle.com)
- nessus-mkcert-client creates the auth/rules file properly
2.0.1 :
. changes by Renaud Deraison (deraison@cvs.nessus.org)
- Minor bugfixes (bugs #180, #183, #185, #188, #189, #195, #197, #202, #203, #204)
- Fixed the "pink" graphical report issue
- Added http keep-alive support in the CGI related plugins
- Fixed a bug in the function get_kb_list() which would not always work
properly
- Fixed an issue where in some situations, some HTTP services would not
be tested for flaws if they have not been port-scanned first
- Added new signatures in find_services.nes
. changes by Stephen Friedl (steve@unixwiz.net)
- Fixed bugs and warnings in nessus-libraries
2.0.0 :
. changes by Michel Arboi (arboi@alussinan.org)
- NASL2 : Implement >!< "strings don't match" operator
- NASL2 : fixed a vicious case of freed memory copy.
. changes by Renaud Deraison (deraison@cvs.nessus.org)
- Fixed a small bug in the plugin scheduler
- Ported to IRIX
- Several small bugfixes
. changes by Xueyong Zhi <zhi@mail.eecis.udel.edu>
- Added nmap_osfingerprint
1.3.4 :
. changes by Renaud Deraison (deraison@cvs.nessus.org)
- Re-written the process manager for the hosts
- Lots of bugfixes in the plugins text store manager
- New port scanner "synscan" which uses the RTT of the packets to do
its job.
- Fixed several small issues in nasl and nessusd (bug fixes, code cleanup)
- Added cryptographic hashing functions in NASL
- Added the function get_kb_list() which returns the content of a KB
without forking the plugin
- Updated the manpages of nessusd and nasl
. changes by Michel Arboi (arboi@alussinan.org)
- Fixed scanner_get_port() when running in standalone mode
- Fixed possible uninitiliazed memory issues in libnasl
- Started to write the NASL2 reference guide (to be found in libnasl/doc/)
1.3.3 :
. changes by Michel Arboi (arboi@alussinan.org)
- Implement bit xor, logical & aithmetic right shift, power
- Fix operator precedence
- Added new NASL functions
. changes by Renaud Deraison (deraison@cvs.nessus.org)
- The plugin texts are not loaded in memory any more, thus reducing
the consumption of the nessus daemon of two megs. This also speeds up
the loading of nessusd.
- Fixed a bug in the plugins scheduler (if optimizations were enabled,
the scan would sometime hang)
- Added a new NASL function (int())
- Fixed strings substraction to handle null values properly
- find_services.nes runs in parallel mode, for improved speed
- new plugin (synscan) which should perform well against firewalled
hosts (computes the RTT before the scan)
1.3.2 :
. changes by Renaud Deraison (deraison@cvs.nessus.org)
- Added fixes so that nessus-core/nessusd/pluginscheduler.c compiles with
the latest version of GCC
- Fixed a bug in nessus-libraries/libnessus/bpf_share.c : a timer would not
be reset, causing plugins which call bpf_next() to sometimes crash
- Set the timer of bpf_share.c to a much lower value, thus making it work
much better
- Improved tcp_ping()
- Fixed two bugs in the plugins scheduler :
- If the option "enable dependencies at runtime" is set,
it would enable ALL the plugins which are depended on, instead
of only those we use ;
- In some cases, it may terminate too early, thus preventing a scan
from being complete
- DESTDIR support
1.3.1 :
. changes by Renaud Deraison (deraison@cvs.nessus.org)
- Rewrote the plugins scheduler (which determines the order in which
the plugins are to be launched). The new one is much more efficient
but as a result, it is not possible to accurately determine the
order in which the plugins will be ran, so the 'plugin name' in
the client is now totally bogus
- Fixed various issues with NASL scripts so that they work better
with NASL2
- Fixed bugs relative to the creation of icmp and udp packets in nasl
- Fixed some fatal bugs in the bpf sharer
- NASL scripts do not read /dev/urandom any more, and use time() as a
random seed instead. As a result, the loading and execution of nasl
scripts if faster on systems where /dev/urandom can be blocking
- Fixed the tcp NIDS evasion techniques on BSD systems
- Full support for Bugtraq IDs
- The HTML reports add links for URLs, and show the ID number of
the plugin that issues the report.
- Speed up the calls to arg_get_value() by using a hash of the name
being searched for.
- Changed the licence of NASL2 to the GPLv2 (with the consent of Michel Arboi)
. changes by Michel Arboi (arboi@alussinan.org)
- Better handling of the arrays in NASL2
. changes by Erik Anderson (eanders@carmichaelsecurity.com)
- CVE and bugtraq cross references
. changes by Jay (jay@kinetic.org)
- Fixed multiple typos in the plugins
. changes by Javier Fernandez-Sanguino (jfernandez@germinus.com)
- Nessus now ships Hydra 2.2
- Fixed various compilation scritps (see bug#63)
1.3.0 :
. changes by Michel Arboi (arboi@alussinan.org)
- Use our own nessus-services file (re-generated at first start to include
/etc/services and nmap-services)
- Added new families of plugins (ACT_KILL_HOST and ACT_END)
- Rewrote libnasl
. changes by Renaud Deraison (deraison@cvs.nessus.org)
- The 'cancel' button of several file selection dialogs is now working
- Optimized several plugins :
- Web-related checks now use http_recv() instead of recv()
- open_priv_sock_tcp() has a lower timeout
- RPC related checks now use get_rpc_port(), a function equivalent
to libc's getrpcport() but with a much smaller timeout
- Decreased the default value of checks_read_timeout from 15 to 5
- Fixed a bug in the plugin selection GUI which would not refresh
the list of plugins of a given family properly (bug#3)
- Fixed memory leaks in NASL
- Fixed a bug in nessusd which would make it leak memory when receiving a SIGHUP
(bug#10)
- Fixed a compatibility problem with Nmap 3.10ALPHA (bug#11)
- Nessus now accepts nmap's U: and T: notation for the port range (bug#5)
- Helped Michel Arboi to give the last touches to the new libnasl
. changes by Erik Anderson (eanders@pobox.com)
- Added CVE and BID links, added urls and removed dead links from the plugins
. changes by Michel Scheidell (scheidell@secnap.net)
- Improved several SMB-related checks
. changes by Rodolfo Baader (rbaader@activesec.biz)
- Quotes and apostrophes are properly escaped in the XML output report
Based on pr pkg/19438 by Adrian Portelli.
Changes since 1.2.6:
. changes by Renaud Deraison (deraison@cvs.nessus.org)
- The 'cancel' button of several file selection dialogs is now working
- Optimized several plugins :
- Web-related checks now use http_recv() instead of recv()
- open_priv_sock_tcp() has a lower timeout
- RPC related checks now use get_rpc_port(), a function equivalent
to libc's getrpcport() but with a much smaller timeout
- Decreased the default value of checks_read_timeout from 15 to 5
- Fixed a bug in the plugin selection GUI which would not refresh
the list of plugins of a given family properly (bug#3)
- Fixed memory leaks in NASL
- Fixed a bug in nessusd which would make it leak memory when receiving a SIGHUP
(bug#10)
- Fixed a compatibility problem with Nmap 3.10ALPHA (bug#11)
- Nessus now accepts nmap's U: and T: notation for the port range (bug#5)
. changes by Erik Anderson (eanders@pobox.com)
- Added CVE and BID links, added urls and removed dead links from the plugins
. changes by Michel Scheidell (scheidell@secnap.net)
- Improved several SMB-related checks
. changes by Rodolfo Baader (rbaader@activesec.biz)
- Quotes and apostrophes are properly escaped in the XML output report
Changes since 1.2.0:
1.2.6 :
. changes by Michael Slifcak (Michael.Slifcak@guardent.com)
- Added Bugtraq cross reference in the plugins
- Added support for BID in nessusd (this has yet to be done on the
client side)
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- fixed the xml and html outputs
- fixed array issues in a couple of plugins
. changes by Michel Arboi (arboi@bigfoot.com)
- find_service now detects services protected by TCP wrappers or ACL
- find_service detects gnuserv
- ptyexecvp() replaced by nessus_popen() (*)
. changes by Renaud Deraison (deraison@cvs.nessus.org)
- Fixed a bug which may make nasl interpret backquoted strings
(\n and \r) received from the network (problem noted by Pavel Kankovsky)
- nmap_wrapper.nes calls _exit() instead of exit() (*)
- Solved the lack of bpf's on Free/Open/NetBSD and MacOSX by
sharing _one_ among all the Nessus processes. As a result, Nessus's
ping is much more effective on these platforms
- bugfix in plug_set_key() which would eventually make some scripts
take too long when writing in the KB
- Plugins of family ACT_SETTINGS are run *after* plugins of family
ACT_SCANNERS
- replaced the implementation of md5 which was used when OpenSSL is disabled
by the one from RSA (the old one would not work on a big-endian host)
- Fixed plugins build issues on MacOS X
- The nessus client compiles and links against GTK+-2.0. Of course, it will
be horrible and instable, as the GTK team does not care about backward
compatibility
(*) These two modifications solve the problems of nmap hanging under FreeBSD
1.2.5 :
. changes by Michel Arboi (arboi@bigfoot.com)
- find_service now displays unknown services that run on assigned ports
- read_stream_connection smarter (smaller timeout)
- find_service sometimes declared IDENT as "unknown"
. changes by Renaud Deraison (deraison@cvs.nessus.org)
- Fixed a deadlock that would prevent some plugins from completing
- Fixed a possible (although rare) corruption issue in the reports
(the script IDs could under some circumstances be random)
- Fixed a potential segfault in the execution of nasl scripts
1.2.4 :
. changes by Renaud Deraison (deraison@cvs.nessus.org)
- Reverted back to autoconf 2.13.
- Bug fix in nessus-core/nessusd/pluginlaunch.c - under some circumstances,
data might have be lost in the reports
- Fixed a bug in several plugins for web checks (under some circumstances,
a plugin would do N x N checks against the remote web servers (where
N equals to the number of web servers running on the remote host)
1.2.3 :
. changes by Isaac Dawson (idawson@securitymanagementpartners.com)
- New html output layout.
. changes by Pasi Eronen (pasi.eronen@nixu.com)
- fix in nmap_wrapper
. changes by Renaud Deraison (deraison@cvs.nessus.org)
- Fixed a bug which could make, under some circumstances, make nessusd
crash the host it is running on.
- If the option log_whole_attack is set to "no", then only the begining
and the end of the attack is logged (and not the time each plugin takes)
- Improved no404.nasl to further reduce false positives
- Bug fix in nessusd - under some rare circumstances, report data could
be lost (if many many plugins were enabled at the same time and were
sending data at the same time).
- UDP packets are resent while we wait for a reply (avoids to loose packets
en route)
- Fixed the option "auto_enable_dependencies" which would not always work
- Sending a SIGTERM to the nessus client during a command line scan
forces it to save its result to the current test file
- Non-printables characters are not shown in the report any more
1.2.2 :
. changes by Renaud Deraison (deraison@cvs.nessus.org)
- In the GUI, while running a scan, plugins names are only updated once
in a while (saves CPU)
- Bugfix in the client : some host names would make the client crash
- Repaired the '-P' switch in the client
1.2.1 :
. changes by Simon Law (sfllaw@engmail.uwaterloo.ca)
- Made a manpage for nessus-mkcert-client(1) and have it installed by
the Makefile
- Revised most other manpages for missing information and to increase
clarity
1.1.15/1.2.0 :
. changes by Nicolas Dubee (ndubee@secway.com) :
- Better support for AF_UNIX sockets
. changes by Brian (bmc@snort.org) :
- CVE references
- several bugfixes in the plugins
. changes by Peter Gründl (pgrundl@kpmg.dk) and
Carsten Joergensen (carstenjoergensen@kpmg.dk) :
- Extensive review of the plugins and therefore numerous fixes
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- FD leak in save_kb.c fixed
. changes by Renaud Deraison (deraison at nessus.org)
- It is now possible to upload files to the server when using
the command line client
- lrand48() portability problems worked around
- fixed a bug in the report window that would make it crash
randomly
1.1.14 :
. changes by Renaud Deraison (deraison at nessus.org)
- SMB fixes (thanks to Michael Scheidell)
- When the safe checks option is enabled, dangerous tests with no
alternate code (ie: plugins of type ACT_DESTRUCTIVE_ATTACK and
ACT_DENIAL) are disabled
- Hosts can be designated by their MAC address of instead of their
IP address (mostly useful for DHCP networks)
- Fixed a bug in the report generation which would replace newlines (\n)
by semi-columns (;)
- Fixed a bug in the export of some types of reports, where open ports
with no data associated would not be saved
- Integrated THC's Hydra as a Nessus plugin
- Added new NT security checks (related to user management)
- Plugins of type ACT_SETTINGS can not be disabled
- Fixed a bug which would make nessusd hang when a scanner was reporting
too many open ports (as when a UDP scan reports all UDP ports as
being open)
. changes by Dion Stempfley (dion at riptech.com)
- The client can now filter on category
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- Fixed some plugins causing error messages in some circumstances
(dns_xfer.nasl, snmp_processes.nasl...)
- Stylish changes to prevent gcc -Wall from whining in some files
- XML NG output is now XML compliant
- Bug fixes
. changes by Jenni Scott (jenni.scott@guardent.com) and
Michael Slifcak (michael.slifcak@guardent.com) :
- Improved the reporting of the plugins (better consistency, better
wording)
1.1.13 :
. changes by Michel Arboi (arboi at algoriel.fr)
- New family ACT_SETTINGS dedicated to plugins which just let the user
enter some preferences
- Optional NIDS evasion techniques (url encoding, tcp slicing)
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug in the command line client which would make it ignore
some preferences
- SMB checks can now log into a Windows domain
- NIDS evasion techniques (data injection, short ttl)
- Fixed a bug which would randomly stall the scan
1.1.12 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workarounds on FreeBSD to prevent a kernel panic
(thanks to Michael Scheidell and Stefan Esser)
- nessus can export reports as other file formats again
1.1.11 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug regarding the saving of reports from the GUI
- Improved the backend in many ways (speed-wise, content-wise)
- Changes in the protocol
- More messages are sent between the server and the client (timestamps,
plugins version, ...)
- New .nbe file format, which looks like .nsr but has more information
in it
- Plugins now have versions numbers.
- The user can upload his plugins to the nessusd server from the client
- It is now possible to upload files to the server (ie: nmap's results) in
command-line mode
- Fixed false positives in SNMP plugins when launched against a non-configured
Solaris snmpd
. changes by Guillaume Valadon (guillaume at valadon.net)
- New XML output (the XML layout was defined by Lionel Cons [lionel.cons at cern.ch])
1.1.10 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug introduced in 1.1.9 which would sometimes prevent a user from
aborting an on-going test
- Fixed a bug in the client which would prevent the user from setting a port
range longer than 255 chars
- Fixed bugs in pcap_next() (thanks to Richard van den Berg). Also, pcap_next() is now more flexible.
- Fixed a bug in the command line client which would make it close the
communication too early when the client - server communication is not
ciphered
- Added an "auto-load dependencies at runtime" option
1.1.9 :
. changes by Renaud Deraison (deraison at nessus.org)
- Fix in the GUI, when closing a saved report
- Fixed a bug in ftp_log_in() which would prevent nasl script from
logging into some FTP servers
- Solaris build problems fixed
- Darwin 1.4.1 build problems fixed
- MkLinux DR3 build problems fixed (is anyone using it anymore ?)
- GTK 1.0.x build problems fixed (the use of GTK 1.2 is recommended though)
- Fixed the "wrong call to getopt" problem which would make Nessus
segfault when built with cygwin, and which would prevent options
from working under Solaris & FreeBSD (thanks to Udo Schweigert)
- SMB checks speedup (thanks to Georges Dagousset's suggestion)
- Fixed a bug in the client - server communication that would make the
server close the communication when the client is idle
- Better support for AF_UNIX socket for client-server communication
(compile nessus-core with ./configure --enable-unix-socket)
- Plugins are disabled by default in batch mode
. changes by Michel Arboi (arboi at algoriel.fr)
- Client now properly checks the certificate of the server
. changes by Benoit Brodard (bbrodard at arkoon.net)
- fixed bugs in nasl/tcp.c (checksum, handling of unsigned int)
1.1.8 :
. changes by Renaud Deraison (deraison at nessus.org)
- Workaround for systems with a low number of bpfs (OpenBSD, Darwin)
- Added some length checks for SMB checks
- No more zombies
- Fixed accounts.nes
- Fixed the reporting of the client (reports would be mixed)
- Client removes tempfiles when exiting
- Repaired ptyexecvp() which would not work on Solaris
- Slight bugfix in the NASL interpretor
. changes by Georges Dagousset (georges at alert4web.com)
- More optimizations
- Properly reloads KBs with the same value defined more than once
- Fixes in some plugins dependencies
. changes by Michael Slifcak <Michael.Slifcak at guardent.com>
- More nmap options
- Quiet mode in nessus-adduser
1.1.7 :
. changes by Renaud Deraison (deraison at nessus.org)
- Compiles on platforms without OpenSSL
- Better Solaris support
- Ported under Darwin (many thanks to Dieter Fiebelkorn
(dieter at fiebelkorn.net) who actually started the port and helped
me test this)
- Unscanned ports can now be considered as closed or open (instead of
just open), at user choice
- Upgraded to libtool 1.4.2
- fixed a bug in the client which would make it display the wrong report
when doing multiple scans
- enhanced the plugins filter (that appear when pressing 'l' in the GUI)
- fixed a serious problem in the SMB plugins which would prevent them to work
against Samba and which would make them slow against Windows (pointed out
by Georges Dagousset)
. changes by Iouri Pletnev (Iouri.Pletnec at xacta.com)
- Ported under Cygwin
. changes by Michel Arboi (arboi at algoriel.fr)
- Added nessus-mkrand for hosts with no /dev/random AND no EGD
running
1.1.6 :
. changes by Renaud Deraison (deraison at nessus.org)
- EGD support for OpenSSL (do ./configure --enable-egd=/path/to/egd/socket
in nessus-libraries)
- KB items are now stored with individual dates instead of a global
date for the whole KB file. Yes, this means you have to delete your
old KB files
- When an host could not be pinged, his KB is not altered (nor created)
- fixed memory leaks in nessusd
- nessus-mkcert checks that the certificates were really created
before congratulating the user
- fixed a security problem where anybody with a shell on the nessusd
host could log in
1.1.5 :
. changes by Georges Dagousset (georges.dagousset at alert4web.com) :
- new KB entries for further "optimizations"
- improved find_services.nes
. changes by Renaud Deraison (deraison at nessus.org) :
- cleaned up the KB
- added doc/kb_entries.txt
- bugfix in find_services regarding the pem password
- new reporting GUI
- fixed a problem which would leave some plugin run against a host
considered as dead
- the KB are now stored with properly escaped \n and \r chars
- greatly improved tcp_ping.nasl (and tcp_ping() in libnasl)
. changes by Michel Arboi (arboi at algoriel.fr) :
- replaced PEKS by OpenSSL in the client/server communication
. changes by H D Moore (hdm@secureaustin.com)
- fixed no404.nasl
1.1.4 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed find_services.nes
- plugins that are slow to finish are _really_ killed by the server
- the client better handles the scan of big networks
- nmap_wrapper now updates its progress bar
- nessus-update-plugins support proxies (with or without authentication)
- monitor_backend.c and data_mining.c allow any developer to plug
a database behind the client (by default flatfiles are used)
- bug fixed in nmap_wrapper which would make it kill its parent
process randomly
- minor fix in the tcp_ping() function of NASL (ack would be set
to non-zero for a syn packet)
- fixed Alexis's ftp_write_dirs.nes & ftp_bounce_scan.nes
. changes by Michel Arboi (arboi at noos.fr) :
- find_services accepts password-protected .pem files
- patches in the way files were transmitted between the client
and the server (which could end up in a deadlock)
. changes by Alexis de Bernis <alexisb at tpfh.org) :
- fixed ftp_write_dirs.nes
1.1.3 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'torturecgis.nasl' which supplies bogus args to
the remote CGIs, in order to find the most blantantly broken
ones
- webmirror.nasl now retrieves the list of arguments of each
CGI.
- added filter support in the client. Use the key 'l' to filter
out plugins you don't want to see.
- added the 'safe checks' option which allow the user to not disturb
the network (but which weakens the Nessus tests)
- disabled backward support for port 3001 - the official port
is 1241 now.
1.1.2 :
. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'webmirror.nasl', which extracts the list of
CGIs used by a remote web server (and will do much more).
- fixed a problem in NASL due to the SSL patch that would cause
a fd leak with some plugins.
- added a new plugin category (ACT_DESTRUCTIVE_ATTACK) for plugins
that may harm the remote host.
- SSL certificates & key can be imported
- corrected a bug introduced in 1.1.0 that would make the client not display
the name of the plugin currently being run.
- sending signal SIGUSR1 to nessusd makes the grandfather process (the one
who listens on tcp ports) die without killing its children, thus
allowing a smooth upgrade of nessusd
- updated config.guess and config.sub
1.1.1 :
. changes by Renaud Deraison (deraison at nessus.org) :
- fixed mem leaks in NASL
- fixed a bug introduced in 1.1.0 regarding recv_line()
- fixed a bug introduced in 1.1.0 in the process management of the plugins
(all the KB would not be filled, resulting in incomplete tests)
- smb_sid2user.nasl is twice as fast ;)
1.1.0 :
. changes by Devin Kowatch (devink at SDSC.EDU) :
- fixed communication problem between client and server
- user-defined timing policy in nmap
- nessus-update-plugins uses wget (or any user-supplied command at
compilation time) if available.
. changes by Michel Arboi (arboi at bigfoot.com) :
- support for the -T option of nmap
- SSL support
. changes by Zorgon (zorgon at antionline.org) :
- support for the --os_guess option of nmap
. changes by Renaud Deraison (deraison at nessus.org) :
- the user can upload files to plugins through the client (ie: it is possible
to upload nmap's results directly to the nmap plugin)
- tests can be run in parallel now
- each user is now granted a home by nessus-adduser
- added nessus-rmuser
- per users plugins
Of course several new plugins were added as well.
1.0.10 :
Changes by Michael Scheidell <scheidell@fdma.com> :
- Backported Nessus 1.1.x plugins changes in nessus-plugins
Changes by Renaud Deraison <deraison@nessus.org> :
- Minor fixes
xtraeme
frueauf
veego
zuntum