[no description] https://git.osdyson.ru/mirror/pkgsrc/atom?h=pkgsrc_2008Q1 2004-07-22T14:59:53Z 2004-07-22T14:59:53Z adam adam 2004-07-22T14:59:53Z urn:sha1:57f52a6405d036b711822bc15272d6d19a680650 * Fixed a bug in ./configure which would sometimes assume that GTK is not installed whereas it actually is * Fixed a race condition in nessus-adduser for users who do not configure their TMPDIR variable (thanks to Cyrille Barthelemy) * Fixed a bug in nessus-update-plugins which would not update the plugins properly on all systems (thanks to Keith Butler) * Fixed the installer to compile Nessus with GTK support if gtk-config OR pkg-config is installed. 2004-07-20T11:47:41Z adam adam 2004-07-20T11:47:41Z urn:sha1:6bfa3efe1ed647f2cc75a8684af245864edfd36e * Solaris support fix * HTML support fix * Supports GTK+ 2.x * Minor speed improvements in client-server communication 2004-05-19T16:22:58Z adam adam 2004-05-19T16:22:58Z urn:sha1:4b25e81a32550b44febb8629f20b385c781fb3b2 * Fixed MacOS X portability issues * Non-intrusive OS-fingerprinting (based on xprobe's techniques) * DNS fingerprinting * killall -1 nessusd does not restart the bpf server on BSD systems * longer connect() timeout for TCP sockets * Fixed hydra.nes * WWW fingerprinting * IP addresses are now sorted in EVERY reports * Automagically rewrite banners to handle distributions which do backporting of security fixes (ie: Debian) 2003-11-08T07:40:17Z xtraeme xtraeme 2003-11-08T07:40:17Z urn:sha1:6a51ba17f433902263181a9362112f7ad3bcc740 This closes PR pkg/23159 by Adrian Portelli. Changes since 2.0.7: o The bpf sharing system now works fine on BSD systems, so Nessus now only requires one /dev/bpf to work correctly, no matter how many hosts are being tested o A bug in tcp_ping() would make some probes have a source port set to 0 o Minor bug fixes o Added functions in libnasl (join_multicast_group(), unixtime(), and more...) o All SSL operations now use non-blocking sockets instead of the alarm() trick to handle timeouts o Minimize the number of pixmaps that need to be created in the Nessus client by re-using them Review the Changelog file to see a complete list of changes. 2003-09-02T09:29:47Z frueauf frueauf 2003-09-02T09:29:47Z urn:sha1:0312dffc508010048182818f706cfb0724bf43ca Based on pr pkg/22356 by Adrian Portelli. Changes since 2.0.6a: . changes by Renaud Deraison (deraison@cvs.nessus.org) - Fixed bad performances issues when pinging dead hosts - Fixed a bug which would prevent to store items larger than 2kb in the KB - NFS and SMB file-related functions completed (open, read and cwd are implemented) - Plugins support for Windows 2003 - Network IPs can now be evenly sliced instead of being scanned sequentially - User-definable source-IP(s) for the checks (nessusd -S) - Fixed a possible message corruption problem if a plugin was to send a too long message back to nessusd - Fixed a possible plugin corruption problem when the client overwrites existing plugins - Fixed various false positives and wording issues in several plugins 2003-06-09T17:01:24Z frueauf frueauf 2003-06-09T17:01:24Z urn:sha1:8e08a019dcaab4998639d5e6e62d3796fdcdc33c This also includes changes offered in pr pkg/18734 and pr pkg/20796 submitted by Adrian Portelli. Thanks & Sorry that it took that long to pick them up. 2.0.6 : . changes by Renaud Deraison (deraison@cvs.nessus.org) - Support for the keyword 'default' as a port range in nmap_wrapper.nes - Fixed a zombie issue in nmap_wrapper.nes - Fixed various issues which could allow a NASL script to crash the NASL interpretor - Improved the process management in find_services.nes 2.0.5 : . changes by Renaud Deraison (deraison@cvs.nessus.org) - Fixed a rare race condition which may make the scan hang - Fixed SMB related issues - Entering "default" as the port range will make nessusd scan the ports listed in the Nessus services file. - Even more sigs in find_services.nes . changes by Julien Bordet (zejames@greyhats.org) - Added over 3,000 signatures to smtpscan.nasl (thanks to the data provided by the Nessus team) 2.0.4 : . changes by Renaud Deraison (deraison@cvs.nessus.org) - fixed the SIGCHLD handler which would not work properly and leave zombies on the system - fixed a race condition when testing a great number of hosts which would cause a testing process to slow down a whole audit or even hang it totally - When a great number of host names is passed to nessusd as a target, they are resolved by chunks of 64 instead of trying to resolve everything then starting the test - RedHat 9 support (in spite of their attempt to make their distro incompatible with everyone else) . changes by Gabriel L. Somlo <somlo@acns.colostate.edu> - The nessus can save the reports to stdout and read them from stdin 2.0.3 : - fixed a compilation error which would prevent find_services from working properly 2.0.2 : . changes by Michel Arboi (arboi@alussinan.org) - NASL port of smtpscan (original Perl program by Julien Bordet) - Nasty bug made loop stop prematurely on rare cases . changes by Renaud Deraison (deraison@cvs.nessus.org) - Re-wrote webmirror.nasl from scratch. The new version has a real parser built-in and is much faster - Added checks for older Microsoft Advisories - SMB plugins now use NTMLv1 authentication, ie: they don't send passwords in clear text over the network any more - Added new crypto functions, taken from samba, in libnasl/ - Repaired detached scans - Fixed IP ranges notation (10.1.1-9.1-254 did not work any more) - Minor bug fixes and enhancements : #234, #233, #230, #229, #228, #225, #222, #220, #218, #217, #216, #215, #213, #212, #211, #207, #206, #205 - nessus-update-plugins properly calls chown under FreeBSD, no matter how many plugins there are - find_services.nes recognizes even more protocols . changes by Xueyong Zhi <zhi@mail.eecis.udel.edu> - Added NTLMv2 authentication . changes by Frank Migge (frank.migge@oracle.com) - nessus-mkcert-client creates the auth/rules file properly 2.0.1 : . changes by Renaud Deraison (deraison@cvs.nessus.org) - Minor bugfixes (bugs #180, #183, #185, #188, #189, #195, #197, #202, #203, #204) - Fixed the "pink" graphical report issue - Added http keep-alive support in the CGI related plugins - Fixed a bug in the function get_kb_list() which would not always work properly - Fixed an issue where in some situations, some HTTP services would not be tested for flaws if they have not been port-scanned first - Added new signatures in find_services.nes . changes by Stephen Friedl (steve@unixwiz.net) - Fixed bugs and warnings in nessus-libraries 2.0.0 : . changes by Michel Arboi (arboi@alussinan.org) - NASL2 : Implement >!< "strings don't match" operator - NASL2 : fixed a vicious case of freed memory copy. . changes by Renaud Deraison (deraison@cvs.nessus.org) - Fixed a small bug in the plugin scheduler - Ported to IRIX - Several small bugfixes . changes by Xueyong Zhi <zhi@mail.eecis.udel.edu> - Added nmap_osfingerprint 1.3.4 : . changes by Renaud Deraison (deraison@cvs.nessus.org) - Re-written the process manager for the hosts - Lots of bugfixes in the plugins text store manager - New port scanner "synscan" which uses the RTT of the packets to do its job. - Fixed several small issues in nasl and nessusd (bug fixes, code cleanup) - Added cryptographic hashing functions in NASL - Added the function get_kb_list() which returns the content of a KB without forking the plugin - Updated the manpages of nessusd and nasl . changes by Michel Arboi (arboi@alussinan.org) - Fixed scanner_get_port() when running in standalone mode - Fixed possible uninitiliazed memory issues in libnasl - Started to write the NASL2 reference guide (to be found in libnasl/doc/) 1.3.3 : . changes by Michel Arboi (arboi@alussinan.org) - Implement bit xor, logical & aithmetic right shift, power - Fix operator precedence - Added new NASL functions . changes by Renaud Deraison (deraison@cvs.nessus.org) - The plugin texts are not loaded in memory any more, thus reducing the consumption of the nessus daemon of two megs. This also speeds up the loading of nessusd. - Fixed a bug in the plugins scheduler (if optimizations were enabled, the scan would sometime hang) - Added a new NASL function (int()) - Fixed strings substraction to handle null values properly - find_services.nes runs in parallel mode, for improved speed - new plugin (synscan) which should perform well against firewalled hosts (computes the RTT before the scan) 1.3.2 : . changes by Renaud Deraison (deraison@cvs.nessus.org) - Added fixes so that nessus-core/nessusd/pluginscheduler.c compiles with the latest version of GCC - Fixed a bug in nessus-libraries/libnessus/bpf_share.c : a timer would not be reset, causing plugins which call bpf_next() to sometimes crash - Set the timer of bpf_share.c to a much lower value, thus making it work much better - Improved tcp_ping() - Fixed two bugs in the plugins scheduler : - If the option "enable dependencies at runtime" is set, it would enable ALL the plugins which are depended on, instead of only those we use ; - In some cases, it may terminate too early, thus preventing a scan from being complete - DESTDIR support 1.3.1 : . changes by Renaud Deraison (deraison@cvs.nessus.org) - Rewrote the plugins scheduler (which determines the order in which the plugins are to be launched). The new one is much more efficient but as a result, it is not possible to accurately determine the order in which the plugins will be ran, so the 'plugin name' in the client is now totally bogus - Fixed various issues with NASL scripts so that they work better with NASL2 - Fixed bugs relative to the creation of icmp and udp packets in nasl - Fixed some fatal bugs in the bpf sharer - NASL scripts do not read /dev/urandom any more, and use time() as a random seed instead. As a result, the loading and execution of nasl scripts if faster on systems where /dev/urandom can be blocking - Fixed the tcp NIDS evasion techniques on BSD systems - Full support for Bugtraq IDs - The HTML reports add links for URLs, and show the ID number of the plugin that issues the report. - Speed up the calls to arg_get_value() by using a hash of the name being searched for. - Changed the licence of NASL2 to the GPLv2 (with the consent of Michel Arboi) . changes by Michel Arboi (arboi@alussinan.org) - Better handling of the arrays in NASL2 . changes by Erik Anderson (eanders@carmichaelsecurity.com) - CVE and bugtraq cross references . changes by Jay (jay@kinetic.org) - Fixed multiple typos in the plugins . changes by Javier Fernandez-Sanguino (jfernandez@germinus.com) - Nessus now ships Hydra 2.2 - Fixed various compilation scritps (see bug#63) 1.3.0 : . changes by Michel Arboi (arboi@alussinan.org) - Use our own nessus-services file (re-generated at first start to include /etc/services and nmap-services) - Added new families of plugins (ACT_KILL_HOST and ACT_END) - Rewrote libnasl . changes by Renaud Deraison (deraison@cvs.nessus.org) - The 'cancel' button of several file selection dialogs is now working - Optimized several plugins : - Web-related checks now use http_recv() instead of recv() - open_priv_sock_tcp() has a lower timeout - RPC related checks now use get_rpc_port(), a function equivalent to libc's getrpcport() but with a much smaller timeout - Decreased the default value of checks_read_timeout from 15 to 5 - Fixed a bug in the plugin selection GUI which would not refresh the list of plugins of a given family properly (bug#3) - Fixed memory leaks in NASL - Fixed a bug in nessusd which would make it leak memory when receiving a SIGHUP (bug#10) - Fixed a compatibility problem with Nmap 3.10ALPHA (bug#11) - Nessus now accepts nmap's U: and T: notation for the port range (bug#5) - Helped Michel Arboi to give the last touches to the new libnasl . changes by Erik Anderson (eanders@pobox.com) - Added CVE and BID links, added urls and removed dead links from the plugins . changes by Michel Scheidell (scheidell@secnap.net) - Improved several SMB-related checks . changes by Rodolfo Baader (rbaader@activesec.biz) - Quotes and apostrophes are properly escaped in the XML output report 2002-12-30T12:13:33Z frueauf frueauf 2002-12-30T12:13:33Z urn:sha1:92aba75b4cafbce7c396dd6b976908b052a348c3 in private mail. 2002-12-19T18:30:12Z frueauf frueauf 2002-12-19T18:30:12Z urn:sha1:e00a8fd914520c4852c743b9605790d4daf0147b Based on pr pkg/19438 by Adrian Portelli. Changes since 1.2.6: . changes by Renaud Deraison (deraison@cvs.nessus.org) - The 'cancel' button of several file selection dialogs is now working - Optimized several plugins : - Web-related checks now use http_recv() instead of recv() - open_priv_sock_tcp() has a lower timeout - RPC related checks now use get_rpc_port(), a function equivalent to libc's getrpcport() but with a much smaller timeout - Decreased the default value of checks_read_timeout from 15 to 5 - Fixed a bug in the plugin selection GUI which would not refresh the list of plugins of a given family properly (bug#3) - Fixed memory leaks in NASL - Fixed a bug in nessusd which would make it leak memory when receiving a SIGHUP (bug#10) - Fixed a compatibility problem with Nmap 3.10ALPHA (bug#11) - Nessus now accepts nmap's U: and T: notation for the port range (bug#5) . changes by Erik Anderson (eanders@pobox.com) - Added CVE and BID links, added urls and removed dead links from the plugins . changes by Michel Scheidell (scheidell@secnap.net) - Improved several SMB-related checks . changes by Rodolfo Baader (rbaader@activesec.biz) - Quotes and apostrophes are properly escaped in the XML output report 2002-10-13T09:11:51Z frueauf frueauf 2002-10-13T09:11:51Z urn:sha1:3c32f23c62f67c40a370adb391ce3587d7cf86c3 Changes since 1.2.0: 1.2.6 : . changes by Michael Slifcak (Michael.Slifcak@guardent.com) - Added Bugtraq cross reference in the plugins - Added support for BID in nessusd (this has yet to be done on the client side) . changes by Axel Nennker (Axel.Nennker@t-systems.com) - fixed the xml and html outputs - fixed array issues in a couple of plugins . changes by Michel Arboi (arboi@bigfoot.com) - find_service now detects services protected by TCP wrappers or ACL - find_service detects gnuserv - ptyexecvp() replaced by nessus_popen() (*) . changes by Renaud Deraison (deraison@cvs.nessus.org) - Fixed a bug which may make nasl interpret backquoted strings (\n and \r) received from the network (problem noted by Pavel Kankovsky) - nmap_wrapper.nes calls _exit() instead of exit() (*) - Solved the lack of bpf's on Free/Open/NetBSD and MacOSX by sharing _one_ among all the Nessus processes. As a result, Nessus's ping is much more effective on these platforms - bugfix in plug_set_key() which would eventually make some scripts take too long when writing in the KB - Plugins of family ACT_SETTINGS are run *after* plugins of family ACT_SCANNERS - replaced the implementation of md5 which was used when OpenSSL is disabled by the one from RSA (the old one would not work on a big-endian host) - Fixed plugins build issues on MacOS X - The nessus client compiles and links against GTK+-2.0. Of course, it will be horrible and instable, as the GTK team does not care about backward compatibility (*) These two modifications solve the problems of nmap hanging under FreeBSD 1.2.5 : . changes by Michel Arboi (arboi@bigfoot.com) - find_service now displays unknown services that run on assigned ports - read_stream_connection smarter (smaller timeout) - find_service sometimes declared IDENT as "unknown" . changes by Renaud Deraison (deraison@cvs.nessus.org) - Fixed a deadlock that would prevent some plugins from completing - Fixed a possible (although rare) corruption issue in the reports (the script IDs could under some circumstances be random) - Fixed a potential segfault in the execution of nasl scripts 1.2.4 : . changes by Renaud Deraison (deraison@cvs.nessus.org) - Reverted back to autoconf 2.13. - Bug fix in nessus-core/nessusd/pluginlaunch.c - under some circumstances, data might have be lost in the reports - Fixed a bug in several plugins for web checks (under some circumstances, a plugin would do N x N checks against the remote web servers (where N equals to the number of web servers running on the remote host) 1.2.3 : . changes by Isaac Dawson (idawson@securitymanagementpartners.com) - New html output layout. . changes by Pasi Eronen (pasi.eronen@nixu.com) - fix in nmap_wrapper . changes by Renaud Deraison (deraison@cvs.nessus.org) - Fixed a bug which could make, under some circumstances, make nessusd crash the host it is running on. - If the option log_whole_attack is set to "no", then only the begining and the end of the attack is logged (and not the time each plugin takes) - Improved no404.nasl to further reduce false positives - Bug fix in nessusd - under some rare circumstances, report data could be lost (if many many plugins were enabled at the same time and were sending data at the same time). - UDP packets are resent while we wait for a reply (avoids to loose packets en route) - Fixed the option "auto_enable_dependencies" which would not always work - Sending a SIGTERM to the nessus client during a command line scan forces it to save its result to the current test file - Non-printables characters are not shown in the report any more 1.2.2 : . changes by Renaud Deraison (deraison@cvs.nessus.org) - In the GUI, while running a scan, plugins names are only updated once in a while (saves CPU) - Bugfix in the client : some host names would make the client crash - Repaired the '-P' switch in the client 1.2.1 : . changes by Simon Law (sfllaw@engmail.uwaterloo.ca) - Made a manpage for nessus-mkcert-client(1) and have it installed by the Makefile - Revised most other manpages for missing information and to increase clarity 2002-08-04T08:02:38Z veego veego 2002-08-04T08:02:38Z urn:sha1:eb648062ab350fb5a717950ed6765d429b1bcf69 later correctly used with the @dirrm prefix to be removed, but having a second one here cause some problems while removing the package.