Tenable Announces the Release of Nessus 3.0.2

Tenable is happy to announce the availability of Nessus 3.0.2. Nessus 3.0.2 provides further improvements over the previous release, and also fixes several bugs. Here is the list of changes since 3.0.1 :

nessusd:

• Fixed a problem causing the scan to hang if max_checks was set to a value which is way too high
• Plugged a small memory leak occurring when re-using the same connection to perform an additional scan
• Plugged a small memory leak in the plugins scheduler
• Fixed bug#1426 (crash on startup when processing a malformed nessusd.conf file)
• Improved the 'default' list of ports to scans with a new file 'nessus-services'

nessus:

• 'nessus -V' (verbose) works again

nasl:

• A new function, inject_packet(), can write directly to layer 2
• The function 'end_denial()' would not work when used in command-line mode
• Fixed a potential bus error occurring on memory exhaustion
• Fixed an integer overflow causing a segfault when processing some kind of malformed script

libnessus:

• Fixed a bug in the SSL transport layer which may cause find_services.nes to hang longer than expected on SSL_read()
• Fixed the function in charge of getting the list of network interfaces which would get a wrong netmask when dealing with an interface alias

plugins:

• Fixed several bugs in find_services.c which would not properly set the key Transport/SSL or which may read some data beyond its buffer
• Fixed a bad #if/#endif clause in nessus_tcp_scanner.c which prevented it from recomputting the RTT, hence negatively impacting the performance
• nmap.nasl has been removed from the main distribution (to use nmap from within Nessus, read this page)

•   More