Nessus 8.11.0 Release Notes - 2020-07-14

Changed Functionality and Performance Enhancements

  • Improved the performance of scans configured with large Tenable.io exclusion lists.

  • Nessus builds are now significantly smaller (around half the size) due to the removal of deprecated audit content.

  • Added log rotation for the nessusd.dump log file, including user-configurable settings to control rotation. See Advanced Settings and Manage Logs in the Nessus 8.11.x User Guide.

  • Password credentials are now hashed using PBKDF with SHA512 and a 512-bit key length.

  • Allow silent installation and uninstallation of Nessus on Windows, for easier automation.

  • The advanced settings ssl_mode and ssl_cipher_list are now enforced for communication from Nessus scanners to other systems. Previously, these settings were only used for inbound connections. This does not impact scanning behavior.

For more information about the features and functionality supported in this release, see the Nessus 8.11.x User Guide.

Bug Fixes

Bug Fix Defect ID Applies to
Fixed an issue where the scanner setting multi_scan_same_host was not being honored consistently. 00998706 All Nessus versions
Fixed a memory leak with encoding conversions that could cause scanners to abort. 01022081 All Nessus versions
Improved the processing of scan policies with large numbers of disabled plugins to prevent timeouts during scan initialization. 00966532 Tenable.io-linked scanners
Fixed an issue where Tenable.io exclusion lists were not being honored if the request to Tenable.io timed out. 01029956 Tenable.io-linked scanners
Fixed an issue with migrating scan policy data to Tenable.io with "audit trail verbosity" setting not recognized by Tenable.io. 01000615 Tenable.io-linked scanners
Added the ability for the parent node in a Nessus Manager cluster to reload running scans after restarting, to prevent scan aborts on plugin updates or other restarts. 01016242 Nessus Manager
Fixed an issue with the list of plugins that appear when creating a scan with a user-defined policy. 00990367 Nessus Professional
Fixed an XSS vulnerability in the Nessus user interface. - Nessus Professional

Upgrade Notes

  • Due to the removal of some deprecated content, this version of Nessus is noticeably smaller than earlier versions.

  • A fix has been made to correctly use the default setting for "multi_scan_same_host", which prevents multiple hostnames that coalesce to a single IP from being scanned in parallel. While this enforces the expected behavior, it may have the effect of slowing down scans in some cases. Customers can change this default behavior on their on-premise scanners by setting "multi_scan_same_host" to "yes".
  • You can upgrade to the latest version of Nessus from any previously supported version.
  • If your upgrade path skips versions of Nessus, Tenable recommends reviewing the release notes for all skipped versions to learn about new features and bug fixes.
  • Tenable.io-linked scanners receive the latest software update starting one week after the Nessus general availability (GA) date.

    • If you want your scanners to automatically update to the newest version prior to that date, set your Nessus Update Plan to Opt in to Early Access releases.
    • If you want to manually update your scanners to the latest version prior to that date, disable automatic updates so the scanner does not automatically downgrade to the previous version.
  • For Nessus 8.8.0 and later running on Windows, you must install Visual C++ Redistributable for Visual Studio 2015 on the host operating system. The following Windows versions require a minimum Service Pack to be installed:

    • Windows 7 SP1
    • Windows Server 2008 SP2
    • Windows Server 2008 R2 SP1