Earlier we have discussed several times about Nessus, a proprietary comprehensive vulnerability scanning tool. After almost six months, yet again Tenable Network Security officially announced the availability ofNessus 5.0.2. According to surveys done by sectools.org, Nessus is the world's most popular vulnerability scanner, taking first place in the 2000, 2003, and 2006 security tools survey. Tenable estimates that it is used by over 75,000 organizations worldwide. This update is largely a bugfix release, however a new build for Solaris 10 is now available. The major issues addressed in 5.0.2 include enhanced support for UTF8 encoding problems in reports and the detection of network congestion errors during scans more conservatively.
Official Change Log for Nessus 5.0.2:
- UTF8 encoding problems would sometimes cause the generation of reports to fail
- Fixed a case where generating some compliance checks reports would cause the scanner to hang, using 100% of the CPU
- Resolved a resource leak issue occurring when a large number of different users are connected at the same time
- Network congestion errors are now detected more conservatively
- Upgraded libxml2, libxslt, openssl to their newest versions
- Some nessusd.rules directives were not honored by the port scanners
- Solaris 10 build
- Smarter max_hosts and global.max_hosts defaults
- Added support for named virtual hosts for IPv6
- Fixed a memory leak when mixing IPv4 and IPv6 targets
- Fixed the systemd control script (Fedora 16)
- Fixed a crash in nessus-mkcert on the command-line (Win32)
- Fixed a crash in localtime(), when passed an invalid argument (Win32)
- Fixed scratchpad_query() to allow NULL arguments
- PSSDK fix (Win32)
0 komentar:
Posting Komentar