Stack Overflow
Stack Overflow

Questions tagged [nessus]

Nessus is a commercial vulnerability scanner offered by Tenable Security

Nessus is a commercial vulnerability scanner offered by Tenable Security.

Nessus features high-speed discovery, configuration auditing, asset profiling, sensitive data discovery and vulnerability analysis of your security posture. Nessus scanners can be distributed throughout an entire enterprise, inside DMZs and across physically separate networks

98 questions
0
votes
1 answer

Changing default Apache version on Mac OS

A security sweep of my network (using Nessus) revealed that my mac is running a version of Apache (2.4.46) with a few critical vulnerabilities. I've been told I need to upgrade to at least 2.4.47. I'm having issues getting MacOS to use the upgraded…
AJ Hurst
  • 358
  • 4
  • 11
0
votes
0 answers

Introducing vulnerability for testing purposes

I am testing some scripts to compare our Tenable.io reports. I need to compare today's report with yesterday's report on the same Linux target. I need to put some deliberate/test vulnerabilities to show the scripts actually work. Is there any short…
ran1n
  • 157
  • 6
0
votes
0 answers

Tenable Nessus to approve PCI DSS: Microsoft ASP.NET MS-DOS Device Name DoS (PCI-DSS check)

RequestFiltering not working for MS-DOS device name paths I have the same question but I have one app service in Azure. This was scanned by Tenable Nessus to approve PCI DSS CVE: CVE-2007-2897 BID: 51527 EDB-ID: 3965 Medium 64589 Microsoft ASP.NET…
Ismael Paredes
  • 1
0
votes
1 answer

Using expect to create the Nessus user

How can I do the same thing as done here using ansible expect to create nessus user (nessuscli) without using Ansible ? I am trying following with no luck: #!/usr/bin/expect -f set timeout -5 spawn /opt/nessus/sbin/nessuscli adduser expect…
Sans
  • 1
  • 1
0
votes
0 answers

How to perform JSON based authentication with Nessus?

I'm trying to configure credentials to do a authenticated scan of a web application on the HTTP Login Form. The application use json parameters to send the credentials, i'm using the "HTTP login form" but the login ends up failing all the time. The…
Venom2901
  • 19
  • 1
  • 4
0
votes
1 answer

fail to create a connection with nessus server

I am trying to get a connection with the Nessus server with the bellow command in python but it failed with an error message can you tell me what can be the cause. I have checked my network connection it is fine. requests.post(…
anandyita sinha
  • 35
  • 5
0
votes
1 answer

How does Nessus detect CVE's in scans

how does Nessus scanner write plugins for the latest CVE’s that don’t have a public exploit? in order to identify the vulnerabilities in the network. does it do banner matching with the available CVE ?
M4rkm3n_
  • 11
  • 1
  • 5
0
votes
1 answer

How to run a process in daemon mode with systemd service?

I've googled and read quite a bit of blogs, posts, etc. on this. I've also been trying them out manually on my EC2 instance. However, I'm still not able to properly configure the systemd service unit to have it run the process in background as I…
breezymri
  • 3,975
  • 8
  • 31
  • 65
0
votes
1 answer

Nessus IO Powershell API HTML/PDF report

When exporting PDF & HTML format reports the reports are empty, best I can tell there needs to be a report attribute but after 5 hours of running through the API and searching every which way I can think of I am not finding anything referencing…
Nick W.
  • 1,536
  • 3
  • 24
  • 40
0
votes
1 answer

How to solve SWEET32 and Logjam vulnerabilities in weblogic nodemanger process

I got below vulnerabilities for NodeManager service in Weblogic version 12.1.3.0.0 and JDK 1.8.0_101-b13 { "port": 5556, "serviceName": "remotewatch?", "protocol": "tcp", "severity": 2, "pluginID": 42873, "pluginName": "SSL Medium…
Raghu
  • 129
  • 1
  • 1
  • 9
0
votes
1 answer

Remote Desktop SSL Nessus Vulnerability 2008R2

I have TLS 1.0 completely disabled in the Registry. However Nessus still returns an SSL vulnerability for port 3389 which is Remote Desktop. Specifically the certificate. Why does this come up when TLS 1.0 is turned off? What is the best option to…
MarlonC
  • 67
  • 6
0
votes
1 answer

Rest API to get information on Vulnerability Information (Exploit Available) from nessus scan

I am trying to find a REST API in Nessus to find the Vulnerability Information (Exploit Available) used https://:8834/scans/(INT)/export https://ip:port/tokens/{filetoken}/download the above 2 api's are working but Vulnerability Information…
user3906723
  • 117
  • 2
  • 15
0
votes
1 answer

How to fix all critical issues of a server resulted in Nessus vulnerability scan with one click?

I have 500 servers (AWS ec2 instances), in all the servers Nessus agent installed so I want a short cut to fix all the servers critical issues resulted in Nessus scan with one click. How to achieve that? Any feasibility is available from AWS or…
sudhir tataraju
  • 1,159
  • 1
  • 14
  • 30
0
votes
1 answer

python 3.7 package for nessus 8.4 with documentation

Trying to create a small python penetration testing toolkit and would like to implement nessus scanner. I don't seem to be able to find a package for the newest nessus 8.4 ( I did find a package for nessus 6 - although not with a python 3.7 support)…
misomrk1
  • 13
  • 2
0
votes
1 answer

Chef Nessus Agent Install

I am trying to write a cookbook to download and install Nessus Agent found here: https://www.tenable.com/downloads/nessus-agents But am having trouble due to an explicit download url not being provided, and the requirement of accepting the license…
okstef
  • 11
  • 4
1 2 3
4
5 6 7