Linux Malicious Process Detection

critical Nessus Plugin ID 71261

Version 1.505

Dec 18, 2024, 9:32 PM

  • Detection (Set a prompt of our own in 'nix shells to handle misconfigured scan user prompts)

Plugin Feed: 202412182132

Version 1.504

Dec 18, 2024, 7:05 AM

  • Detection (Fixed SSH authentication using the "none" method)

Plugin Feed: 202412180705

Version 1.503

Dec 6, 2024, 8:13 PM

  • Detection (Better debugging related to local checks evaluations)

Plugin Feed: 202412062013

Version 1.502

Dec 3, 2024, 6:56 PM

  • New

Plugin Feed: 202412031856

Version 1.501

Dec 3, 2024, 3:59 PM

  • Detection (Support Azure Linux for generated package plugins.)

Plugin Feed: 202412031559

Version 1.500

Nov 6, 2024, 2:41 PM

  • Detection (adding support for Forescout CounterACT)

Plugin Feed: 202411061441

Version 1.499

Oct 10, 2024, 4:58 AM

  • Detection (Change dir to $HOME before find commands to handle weird find behavior with escalation.)

Plugin Feed: 202410100458

Version 1.498

Sep 25, 2024, 3:12 PM

  • Detection (Adding support for user-supplied timeout value for the find command.)

Plugin Feed: 202409251512

Version 1.496

Sep 11, 2024, 5:35 PM

  • New (Detects QUIC servers running on the target. Implement a NASL QUIC library to support detection of HTTP/3 and possibly more)

Plugin Feed: 202409111735

Version 1.495

Sep 3, 2024, 11:47 PM

  • Logic Changes (additional data collection for runtime scanning. fixed logic bug causing potential false negatives. fixed logic bug causing potential false positives. fixed logic bug with potential to break cyberark logins)

Plugin Feed: 202409032347

Version 1.494

Sep 3, 2024, 5:26 PM

  • Detection (Support for Aruba CPPM SSH based local checks)

Plugin Feed: 202409031726

Version 1.493

Aug 14, 2024, 8:33 PM

  • Logic Changes (Endianness fix in Kerberos authentication for SCAP scanning)

Plugin Feed: 202408142033

Version 1.492

Aug 8, 2024, 4:43 PM

  • Logic Changes (Support OpenSSH private key formats for authentication.)

Plugin Feed: 202408081643

Version 1.491

Jul 24, 2024, 6:31 PM

  • Logic Changes (Modernize SSH usage to optimize behavior on Nessus Agents.. adding AI family)

Plugin Feed: 202407241831

Version 1.490

Jul 17, 2024, 11:02 PM

  • Logic Changes

Plugin Feed: 202407172302

Version 1.489

Jul 6, 2024, 12:22 AM

  • Detection (Changes to support Juniper Session Smart Router)

Plugin Feed: 202407060022

Version 1.488

Jul 5, 2024, 9:04 PM

  • Detection (Adding detection of Juniper SSR devices)

Plugin Feed: 202407052104

Version 1.487

Jun 27, 2024, 9:09 PM

  • New (Deploy nessus_utils binaries on the Nessus Agent)

Plugin Feed: 202406272109

Version 1.486

Jun 21, 2024, 6:31 PM

  • Detection (updated detection for SonicOS devices)

Plugin Feed: 202406211831

Version 1.485

Jun 21, 2024, 2:16 PM

  • Logic Changes

Plugin Feed: 202406211416

Version 1.484

May 20, 2024, 10:13 AM

  • Logic Changes

Plugin Feed: 202405201013

Version 1.483

Mar 19, 2024, 6:40 PM

  • Logic Changes (Improving logging to reduce disk space usage)

Plugin Feed: 202403191840

Version 1.478

Jan 16, 2024, 8:55 PM

  • Logic Changes (Improving debug logging)

Plugin Feed: 202401162055

Version 1.476

Jan 16, 2024, 5:39 PM

  • Detection (Add carrier grade NAT IPs to the IPv4 private address ranges.. Support privacy mode DCOM over Kerberos)
  • Logic Changes (Improving debug logging)

Plugin Feed: 202401161739

Version 1.473

Dec 11, 2023, 6:11 PM

  • Detection (Fix error handling for find_cmd. Remove bash error from the output of commands that timed out)

Plugin Feed: 202312111811

Version 1.472

Dec 6, 2023, 12:08 AM

  • Logic Changes (Fixes bug in special case shell handling logic.)

Plugin Feed: 202312060008

Version 1.471

Dec 5, 2023, 9:49 PM

  • Logic Changes (Fixes bug in special case shell handling logic.)

Plugin Feed: 202312052149

Version 1.469

Nov 28, 2023, 11:17 AM

  • Detection (Fixing detection of Cisco Firepower devices)

Plugin Feed: 202311281117

Version 1.468

Nov 27, 2023, 6:11 PM

  • Detection (No longer fall back to the legacy SSH library. Only use the old library explicitly.)

Plugin Feed: 202311271811

Version 1.467

Nov 14, 2023, 4:21 PM

  • Detection (Support SHA2 based encryption for Kerberos)

Plugin Feed: 202311141621

Version 1.467

Nov 27, 2023, 4:16 PM

  • Detection (No longer fall back to the legacy SSH library. Only use the old library explicitly.)

Plugin Feed: 202311271616

Version 1.465

Oct 30, 2023, 1:08 PM

  • Detection (Fixed detection of JUNOS)

Plugin Feed: 202310301308

Version 1.464

Oct 25, 2023, 5:17 PM

  • Detection (Handle SSH exec hang and pagination ctrl codes for PanOS)

Plugin Feed: 202310251717

Version 1.457

Oct 4, 2023, 11:07 PM

  • Detection (Fixed Cisco Firepower detection)

Plugin Feed: 202310042307

Version 1.456

Sep 26, 2023, 8:16 PM

  • Logic Changes

Plugin Feed: 202309262016

Version 1.453

Jul 24, 2023, 7:10 PM

  • Logic Changes (added debugging)

Plugin Feed: 202307241910

Version 1.451

Jul 17, 2023, 5:15 PM

  • Logic Changes (Make torture_cgi library PCP clean and consolidate utf16_to_ascii(). Permit CIDR entries in target priority list)

Plugin Feed: 202307171715

Version 1.449

Jul 10, 2023, 7:11 PM

  • Logic Changes (Restrict ClientHello ciphersuites by encapsulation)

Plugin Feed: 202307101911

Version 1.448

Jul 5, 2023, 9:03 PM

  • Logic Changes (added ingestion and ability of target priority lists for SSH credentials)

Plugin Feed: 202307052103

Version 1.447

Jun 20, 2023, 9:07 PM

  • Logic Changes (Temporarily limit debug logging)

Plugin Feed: 202306202107

Version 1.442

Jun 1, 2023, 5:27 AM

  • Logic Changes (Better logging)

Plugin Feed: 202306010527

Version 1.441

May 18, 2023, 1:08 AM

  • Detection (Port Alcatel-Lucent OmniSwitch support from ssh_get_info.nasl to ssh_lib as a rate limited device.)

Plugin Feed: 202305180108

Version 1.439

May 16, 2023, 7:02 PM

  • Detection (Authenticate WMI/DCOM using Kerberos credentials.)

Plugin Feed: 202305161902

Version 1.436

May 1, 2023, 9:07 PM

  • Detection (Make and use compatibility wrapper for running commands on scanner localhost to handle deprecation of pread().)

Plugin Feed: 202305012107

Version 1.433

Apr 6, 2023, 6:58 PM

  • Detection (Add Kerberos debug logging)

Plugin Feed: 202304061858

Version 1.431

Mar 8, 2023, 1:05 AM

  • Logic Changes

Plugin Feed: 202303080105

* Changelogs are generally available for changes made after Nov 1, 2022