Nessus 号称是”世界上最流行的漏洞扫描程序,全世界超过75,000个组织在使用它”.尽管这个扫描程序可以免费下载得到,但是要从Tenable Network Security更新到所有最新的威胁信息,每年的直接订购费用是$1,200.Linux, FreeBSD, Solaris, Mac OS X和Windows下都可以使用 Nessus.
日前 Nessus 发布了 5.0.1 维护版本,该版本主要是 bug 修复:
- Resolved an issue whereas packet forgery was not working on some Windows setups
- Improved the Windows installer which would fail on some setups
- Fixed several thread synchronization issues leading to a crash in certain situations
- Imported v1 reports are more legible
- Nessus can now read a 64-bit database on a 32-bit system and vice-versa
- Identified and resolved a minor memory leak issue occurring on all platforms
- Scanning with a SSL certificate defined in the policy would sometimes cause a scanner crash Workaround for CVE-2011-3389
- Worked around a possible incompatibility with the Fedora 16 / Debian 6 memory allocator
- Restored the ability to log in via certificate authentication on port 1241 when “force_pubkey_auth = no“
- This version of Nessus now includes OpenSSL version 1.0.0h