Software Update: Nessus 8.15.0

Nessus is a security scanner that can scan a network for known exploits and open services. Results can then be displayed in various reports to be displayed. The software can also integrated with other packages, such as CyberArk for credential management and emm solutions from Microsoft, Apple, BlackBerry, MobileIron and VMware. Nessus comes in three different flavors: the free-to-use Home edition, and the paid Professional and Manager editions. Tenable has released Nessus 8.15.0 with the following changes:

Security Updates

The following are security updates included in Nessus 8.15.0:

• This release includes a fix for a potential vulnerability. For more information, see the Tenable Product Security Advisory.
• A vulnerability where after an installation occurs and the user runs a repair on the installation, the repair option allows any user to execute the action without admin privileges has been fixed.
• Two third-party libraries (SQLitesqlite)were identified as vulnerable and have been updated.

New Features

The following are the new features included in Nessus 8.15.0:

• Nessus CLI now supports a new command, nessuscli import-certs, to add certificates, validate that they are matching, and place them in the correct directory. For more information, see Nessuscli in the Nessus User Guide.

Changed Functionality and Performance Enhancements

The following additional enhancements are included in Nessus 8.15.0:

• Nessus now uses Npcap as a Windows packet capture library, instead of WinPcap, which was discontinued.
  Note: The upgrade to 8.15.0 installs Npcap but does not remove WinPcap in case your system runs other software dependent on WinPcap. If you manually uninstall WinPcap, Nessus cannot automatically downgrade from 8.15.0 to a prior release. If you remove WinPcap from your system but want to install a version of Nessus earlier than 8.15.0, you must manually install earlier versions via the download package. Similarly, a new installation of Nessus 8.15.0 cannot automatically downgrade to earlier versions; you must manually install earlier versions via a download package.
• The Windows 2008 OS is no longer supported.
• Implemented multiple improvements for logging:
  • A new log file, nessuscli.log, logs all Nessus CLI operations.
  • Improved logging to show successful and failed scan uploads.
  • Improved logging for www_server.log to show start, end, and elapsed times for each access to the Nessus web server.
  • Nessus scanner type added to the log.
  • pre_sig.txt & post_sig.txt have been combined into other_logs.txt.
  • Nessus now uses milliseconds timestamps in backend.log.
  • Added to logs when a scan fails due to missing files instead of ignoring.
  • Advanced settings of agent scan for “Audit Trail Verbosity” and “Include the KB”, settings override the server advanced settings called “agent_merge_audit_trail” and “agent_merge_kb” if disabled to ensure proper function.
• A new Advanced Setting, merge_plugin_results, was added to support merging plugin results for plugins that generate multiple findings with the same host, port, and protocol. This setting is recommended to be enabled for scanners linked to Tenable.sc. For more information about the features and functionality supported in this release, see the Nessus 8.15 User Guide.

Bug Fixes

• Fixed an issue where agents would not link after transitioning from Nessus Manager to Tenable.io.
• Fixed an issue where scheduled scans in Nessus Manager would fail
• Fixed an issue where there is a discrepancy in CSV file generated from compliance scan export vs what is shown in the UI
• Fixed an issue where an IPv6 target scan would fail.
• Fixed an issue where Nessus would ignore certain rules.