Nessus 5.0.1 Released
Tenable is pleased to announce the release of Nessus 5.0.1! This is a point release (moving from 5.0 to 5.0.1), containing enhancements and minor bug fixes. This release improves the stability on all platforms, and solves Windows-specific issues related to installation and packet forgery.
New features
From a user perspective, the only change is that it is now possible to specify a separate list of UDP and TCP ports to scan on all targets. This is set in the "Port scanner range" field when you create a new policy or modify an existing one (e.g. if you wanted to scan TCP ports 1-1024 and UDP ports 1-200 the syntax is: "T:1-1024,U:1-200"). Also, a build for FreeBSD version 9 is now available.
Enhancements & Bug Fixes
In addition, several enhancements and bug fixes are included:
- Resolved an issue whereas packet forgery was not working on some Windows setups
- Improved the Windows installer which would fail on some setups
- Fixed several thread synchronization issues leading to a crash in certain situations
- Imported v1 reports are more legible
- Nessus can now read a 64-bit database on a 32-bit system and vice-versa
- Identified and resolved a minor memory leak issue occurring on all platforms
- Scanning with a SSL certificate defined in the policy would sometimes cause a scanner crash
- Workaround for CVE-2011-3389
- Worked around a possible incompatibility with the Fedora 16 / Debian 6 memory allocator
- Restored the ability to log in via certificate authentication on port 1241 when "force_pubkey_auth = no"
- This version of Nessus now includes OpenSSL version 1.0.0h
New customers can download and evaluate Nessus for free by visiting the Nessus homepage. Current customers can download the new version from the Tenable Support Center.
Detailed instructions and notes on upgrading can be found in the Nessus Documentation. Please contact Tenable Support (support-at-tenable.com) with any questions regarding the upgrade to Nessus 5.0.1. You can also visit the Nessus Discussion portal for more information.
Related Articles
Study: Tenable Offers Fastest, Broadest Coverage of CISA's KEV Catalog
October 23, 2023Tenable ranked first in multiple vulnerability management categories, including the most comprehensive coverage and quickest detection of CISA's Known Exploited Vulnerabilities, according to a Miercom report commissioned by Tenable.
Tuning Network Assessments for Performance and Resource Usage
September 13, 2022Using the correct tool for the job and optimizing scanner placement will have a large impact on scan efficiency with Nessus, Tenable.io and Tenable.sc.
Terrascan Joins the Nessus Community, Enabling Nessus To Validate Modern Cloud Infrastructures
May 17, 2022The addition of Terrascan to the Nessus family of products helps users better secure cloud native infrastructure by identifying misconfigurations, security weaknesses, and policy violations by scanning Infrastructure as Code repositories.
Cybersecurity Snapshot: Latest MITRE ATT&CK Update Offers Security Insights on GenAI, Identity, Cloud and CI/CD
April 26, 2024Check out what’s new in Version 15 of the MITRE ATT&CK knowledge base of adversary tactics, techniques and procedures. Plus, learn the latest details about the Change Healthcare breach, including the massive scope of the data exfiltration. In addition, why AI cyberthreats aren’t impacting CISOs’ budgets. And much more!
CVE-2024-20353, CVE-2024-20359: Frequently Asked Questions About ArcaneDoor
April 25, 2024Frequently asked questions about CVE-2024-20353 and CVE-2024-20359, two vulnerabilities associated with “ArcaneDoor,” the espionage-related campaign targeting Cisco Adaptive Security Appliances.
CVE-2024-4040: CrushFTP Virtual File System (VFS) Sandbox Escape Vulnerability Exploited
April 23, 2024A zero-day vulnerability in CrushFTP was exploited in the wild against multiple U.S. entities prior to fixed versions becoming available as the vendor recommends customers upgrade as soon as possible.
- Nessus