* Javier Fernández-Sanguino Peña: >> Upstream claims that large parts of nessus-plugins has never been >> licensed under the GPL. The copyright status of many NASL scripts is >> indeed very unclear. > > This claim only applies to post-2.2.2a releases, as you can see from the > COPYING license of all the ftp sources in nessus.org (pre-2.2.2a). Upstream > (that is, Renaud Deraison) has not changed those. So they still apply.
Tenable claims that the GPL has never applied to their plugins, only to the plugins that were explicitly released under the GPL. > Moreover, the copyright status of the NASL scripts is not unclear > (copyright holders are stated for all of the scripts). The license status, > however, has changed for some of the NASL scripts in 2.2.2a (and 2.3). > For previous releases the "Nessus Script License" = GPL. Debian currently > distributes 2.2.2 BTW. >From what information do you infer this? The plugins I'm most interested in are: # # (C) Tenable Network Security # # v1.2: use the same requests as MS checktool # v1.16: use one of eEye's request when a null session can't be established # (msrpc_dcom2.nasl) # # This script is (C) Tenable Network Security # 10/22/2003 updated by KK Liu 10/22/2003 # - check messenger service, if not on - exit # - check Windows OS # (messenger_ms03-043.nasl) # # (C) Renaud Deraison # (http_asn1_decoding.nasl) I doubt we can say for sure that these plugins were covered by the GPL, even though they are distributed in a tarball which happens to contain a COPYING file.
