Note — This post applies to an older version of Acunetix
An updated build of Acunetix Web Vulnerability Scanner Version 7 was released. This new build features a number of new security checks, automatic crawling and scanning of SVN repositories, improved Cross-site scripting checks and a number of bug fixes.
New feature:
- Acunetix WVS will parse SVN repositories file structure and crawl it automatically
New security checks:
- ClientAccessPolicy.xml and CrossDomain.xml security checks
- Git repository security checks
- Check if htaccess file is readable
- Nginx PHP Code Execution via FastCGI
- Nginx buffer underflow vulnerability
- Nginx PHP FastCGI Code Execution File Upload.
Improvements:
- Improved Cross-site scripting checks.
Bug fixes:
- Maximum directory depth value was not working properly
- HTTP limitations were not respected from scripts
- When scanning a domain with subdomains, in some cases multiple scans were created for the same subdomain.
- Properly handling of situations when a file redirects to itself from http to https.
How to upgrade to build 20110308:
On starting up Acunetix WVS, a pop up window will automatically notify you that a more recent build is available for download. To download the latest build, navigate to General > Program Updates node in the Tools explorer, and click on Download and Install new build.
Click here for the complete Acunetix WVS change log.
Get the latest content on web security
in your inbox each week.
THE AUTHOR
Acunetix
