Nessus 4.0.1 released

Tenable Network Security has released version 4.0.1 of the Nessus vulnerability scanner. This point release includes a variety of minor bug fixes as well as support for additional authentication schemes.

Here’s a summary of some of the fixes and improvements:

Generic

• Fixed memory & register leaks in NASL
• nessus-fetch now supports Basic, Digest, and NTLM proxy authentication schemes
• The timeout for NessusClient TCP socket was too low and has been increased
• The ‘nessus’ cmd line tool would sometimes leave temporary files on the filesystem
• Improved performance for reverse DNS lookups
• Knowledge Base files would sometimes not be created for targets where the user specified a hostname
• Pinging a remote host would sometimes fail if the ARP address of the gateway was not in the local cache

Windows

• On some configurations registration would not complete
• ‘Manage users’ would not change the users passwords
• NessusClient would sometimes close a modified report without asking to save first
• The Nessus server now runs on Windows 7. However, Windows 7 is not officially supported at this time. Features such as packet forgery are not yet functioning.

Mac OS X

• In some cases Nessus would not work on Mac OS X 10.4
• NessusClient would display the IP addresses of the target in reverse order on Mac OS X PPC.

Linux

• On Linux 64-bit versions, Nessus would generate error messages in dmesg.