Nessus 5.0.1 Released
Tenable is pleased to announce the release of Nessus 5.0.1! This is a point release (moving from 5.0 to 5.0.1), containing enhancements and minor bug fixes. This release improves the stability on all platforms, and solves Windows-specific issues related to installation and packet forgery.
New features
From a user perspective, the only change is that it is now possible to specify a separate list of UDP and TCP ports to scan on all targets. This is set in the "Port scanner range" field when you create a new policy or modify an existing one (e.g. if you wanted to scan TCP ports 1-1024 and UDP ports 1-200 the syntax is: "T:1-1024,U:1-200"). Also, a build for FreeBSD version 9 is now available.
Enhancements & Bug Fixes
In addition, several enhancements and bug fixes are included:
- Resolved an issue whereas packet forgery was not working on some Windows setups
- Improved the Windows installer which would fail on some setups
- Fixed several thread synchronization issues leading to a crash in certain situations
- Imported v1 reports are more legible
- Nessus can now read a 64-bit database on a 32-bit system and vice-versa
- Identified and resolved a minor memory leak issue occurring on all platforms
- Scanning with a SSL certificate defined in the policy would sometimes cause a scanner crash
- Workaround for CVE-2011-3389
- Worked around a possible incompatibility with the Fedora 16 / Debian 6 memory allocator
- Restored the ability to log in via certificate authentication on port 1241 when "force_pubkey_auth = no"
- This version of Nessus now includes OpenSSL version 1.0.0h
New customers can download and evaluate Nessus for free by visiting the Nessus homepage. Current customers can download the new version from the Tenable Support Center.
Detailed instructions and notes on upgrading can be found in the Nessus Documentation. Please contact Tenable Support (support-at-tenable.com) with any questions regarding the upgrade to Nessus 5.0.1. You can also visit the Nessus Discussion portal for more information.
Related Articles
Study: Tenable Offers Fastest, Broadest Coverage of CISA's KEV Catalog
October 23, 2023Tenable ranked first in multiple vulnerability management categories, including the most comprehensive coverage and quickest detection of CISA's Known Exploited Vulnerabilities, according to a Miercom report commissioned by Tenable.
Tuning Network Assessments for Performance and Resource Usage
September 13, 2022Using the correct tool for the job and optimizing scanner placement will have a large impact on scan efficiency with Nessus, Tenable.io and Tenable.sc.
Terrascan Joins the Nessus Community, Enabling Nessus To Validate Modern Cloud Infrastructures
May 17, 2022The addition of Terrascan to the Nessus family of products helps users better secure cloud native infrastructure by identifying misconfigurations, security weaknesses, and policy violations by scanning Infrastructure as Code repositories.
CVE-2024-7593: Ivanti Virtual Traffic Manager Authentication Bypass Vulnerability
August 14, 2024Ivanti released a patch for a critical severity authentication bypass vulnerability and a warning that exploit code is publicly available
Microsoft’s August 2024 Patch Tuesday Addresses 88 CVEs
August 13, 2024Microsoft addresses 88 CVEs with seven critical vulnerabilities and 10 zero-day vulnerabilities, six of which were exploited in the wild.
Compromising Microsoft's AI Healthcare Chatbot Service
August 13, 2024Tenable Research discovered multiple privilege-escalation issues in the Azure Health Bot Service via a server-side request forgery (SSRF), which allowed researchers access to cross-tenant resources.
- Nessus