As always we are excited to announce a new release of the Nessus vulnerability scanner. This is a point release (moving from 4.2.1 to 4.2.2) and applies fixes to the scanning engine itself in addition to some of the utilities. The GUI has not been updated in this release, however GUI changes will be implemented and released independently from a point release.
The list below outlines the changes included in the 4.2.2 release:
- nessus-fetch binary:
- Proxy authentication now works on Windows
- Proxy authentication (NTLM) with a username and domain now works
- In some cases, the last nessus-fetch.rc statement might be ignored
- Fixed a memory leak in the NASL xmlparse() function
- Fixed IPv6 routing when talking to a remote host (FreeBSD, Mac OS X)
- Packet forgery was not always working on ES5 64 bits due to a gcc bug on this platform
- Fixed the Debian /etc/rc init script
- Upgraded OpenSSL to version 0.9.8n (Windows, Solaris)
- Stability improvements
- Fixed a possible crash when using a poorly written custom plugin
- Fixed a possible crash when running out of BPFs on Windows
New customers can download and evaluate Nessus for free by visiting the Nessus homepage. Current customers can download the new version from the Tenable Support Portal. Detailed instructions and notes on upgrading are located in the Nessus 4.2 Installation Guide. Please contact Tenable Support ([email protected]) with any questions regarding the upgrade to Nessus 4.2.2.