Note — This post applies to an older version of Acunetix
We are pleased to announce an updated build of Acunetix Web Vulnerability Scanner 8 (WVS 8). The new build 20120808 offers a number of new security checks for several different well known web applications, improvements and also a number bug fixes.
New Feature:
- Acunetix WVS will alert the user if a web application firewall or IDS are detected
New Security Checks:
- Added a security check for FCKeditor cross site scripting vulnerability
- Added a test for Liferay json Auth Bypass
- Acunetix WVS now checks for Server Side Request Forgery
- Added several security checks for IBM Tivoli Access Manager Web Server vulnerabilities
- New security check for vulnerabilities in SharePoint Could Allow Elevation of Privilege (MS12-050)
- Acunetix WVS now cheks for several DotNetNuke vulnerabilities (popular ASP.NET CMS)
- Added a new security check for exposed Apache Solr Service
- Remote code execution tests for Umbraco asp.net CMS software
- Check for SWFUpload applet vulnerability in a large number of web applications
- Added security checks for user controllable scripts and charsets
Improvement:
- HTTP Verb Tampering security script now bruteforces common or sensitive files and directories
- Cross-site scripting (XSS) security checks were improved
Bug fixes:
- Fixed: Incorrect handling of Internet Explorer’s Javascript substr implementation
- Fixed: Login Sequence Recorder; ssl_write result was not handled correctly resulting in data not rendering correctly
- Fixed: Display problem; alert/child count was not displayed correctly in some cases
- Fixed: Developer report was not showing long urls in coverage report
- Fixed: Saved credentials were not persistent in general settings
- Fixed: Product was not activating when using proxy credentials for activation
How to Upgrade to Build 20120808
On starting Acunetix WVS 8, a pop-up window will automatically notify you that a more recent build is available for download. Navigate to the General > Program Updates node in the Tools explorer, click on Download and Install the new build.
View the complete Acunetix WVS change log here.
To keep up to date with the latest website security news, ‘Like’ the Acunetix Facebook Page, follow us on Twitter and read the Acunetix Blog.
Get the latest content on web security
in your inbox each week.