Package: nessusd Version: 2.2.5-3 Severity: important When I try to connect to a 2.2.5-3 server from a 2.2.5-2 or 2.2.5-3 client, the client says after hitting the "Login" button "SSL Error" and says on stdout "[8157] SSL_connect: error:140943FC:SSL routines:SSL3_READ_BYTES:sslv3 alert bad record mac". Downgrading the server to 2.2.5-2 makes the problem go away, upgrading to 2.2.5-3 makes it happen again.
A recompiled 2.2.5-3 on current sid exhibit the same behavior. I suspect some library issue. What i find strange: ldd of the working (2.2.5-2) daemon shows that it's linked to both libssl.so.0.9.8 and libssl.so.0.9.7, while the non-working (2.2.5-3) daemon is only linked against libssl.so.0.9.7. I can reproduce the issue in a test chroot, so if you cannot see the issue on your system, I can give you ssh access to a system that shows the issue. This is kind of important as there does not seem to be a possibility to legally use nessus built from Debian with a registered plugin feed at the moment. Greetings Marc -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.14.3-scyw00225 Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Versions of packages nessusd depends on: ii libc6 2.3.5-8.1 GNU C Library: Shared libraries an ii libnasl2 2.2.5-2+zg1 Nessus Attack Scripting Language, ii libnessus2 2.2.5-1+zg1 Nessus shared libraries ii libssl0.9.8 0.9.8a-5 SSL shared libraries ii libwrap0 7.6.dbs-8 Wietse Venema's TCP wrappers libra ii nessus-plugins 2.2.5-6 Nessus plugins ii openssl 0.9.8a-5 Secure Socket Layer (SSL) binary a nessusd recommends no packages. -- debconf information: * nessusd/organization: Nessus Users United * nessusd/califetime: 1460 * nessusd/province: * nessusd/srvlifetime: 365 * nessusd/country: * nessusd/certificate: * nessusd/location: -- ----------------------------------------------------------------------------- Marc Haber | "I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things." Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
