
From the licenses/README.txt of the Nessus plugins distribution:

----------------------------------------------------------------------
Nessus plugins are released under the following licenses :

- Every plugin copyrighted "Tenable Network Security" is released under
the terms of the Tenable License (Tenable_License.txt)

- The plugin os_fingerprint.nasl is released under a BSD-like license
(see os_fingerprint_license.txt)

- Every other plugin is released under the version 2 of the GNU General
Public License (GPLv2.txt)
----------------------------------------------------------------------

These NOTE does not mention, however, that the "Nessus Script License" which
some plugins held (and still hold) is, and has always been, equivalent to the
GPL v2 license (the license with which the plugins file was initially
released).

Take in account that some Nessus releases (previous to the creation of the
non-free Feed, in 2.2.1) there were plugins which were "(C) Tenable" but were
included in a distribution package that *only* included the GPL license. Some
of these plugins have since been removed from the GPL feed so we consider them
non-free although the retroactive relicensing of a distributed software is
somewhat dubious.

In later releases (indeed, up to 2.10) some plugins which were originally GPLd
and written by people not associated by Tenable were rewritten from scratch by
Tenable and were licensed only under the "Tenable License". Also, some other
(GPL) plugins were modified to make them depend (through the use of 'includes')
on non-free (i.e. Tenable-licensed) include files (for example the
'snmp_default_communities.nasl' plugin, which is a basic network vulnerability
test)

The following files need to be removed from the plugins:

- Files that fit the following regular expressions:

  grep -i  "script_copyright.*Tenable.*" *

  NOTE: See mail from Jan-Oliver Wagner to the OpenVAS mailing list dated
  may 2007 "Serious license issues regarding plugins"
  and the july 2007 thread "Some last Plugins license issues (urgent)"

  egrep -i "#.*(C).*Tenable Network Security" * 

    NOTE: Except if the plugin said it was *based* on something (C) Tenable"
    (some plugins include that line but another (C) line before it 
     of somebody else)

- All the files which include non-free plugins (.inc files) have also been
  removed. 

  NOTE: Once the non-free .inc files have been removed the audit script should
  detect those too

- In some cases an older version of the plugin might be found in previous
  Nessus releases. These plugins might:
    - hold a different copyright ownership (not Tenables)
    - not depend on include files

  When appropiate, restore the old plugin version instead of just removing
  the non-free one available.
 
