We’ve just released a new version of Acunetix WVS version 8 – build 20121213 – which includes several new security checks such as the new module that tests Slow HTTP Denial of Service attacks like Slowloris. We’ve also added a good number of improvements and bug fixes, making this the most stable WVS 8 version to date.
This latest build of Acunetix WVS also includes the compliance report template for ISO 27001, allowing companies to check if their web applications are ISO 27001 compliant. After scanning your website with Acunetix Web Vulnerability Scanner, you can now generate an ISO 27001 compliance report quickly and easily.
New Features:
- New report template for ISO 27001
New Security Checks:
- During a scan Acunetix WVS checks if the MongoDB web interface is open on the external interface
- Check for included scripts which are from an invalid hostname
- Added a new module for testing Slow HTTP Denial of Service attacks like Slowloris
- Added a new security check that tries to guess various internal virtual hosts (information disclosure)
- Checks for phpLiteAdmin default passwords
Improvements:
- Improved the SQL Injection detection for SQLite3
- Further improved the Cross-Site Scripting security check
- Added detailed descriptions to all the Acunetix WVS security scripts
- Removed all broken web references in vulnerability reports and added several new ones
- Improved the Joomla! security scripts for more enhanced security scanning of Joomla! portals
Bug Fixes:
- Fixed a text wrapping issue in the compliance reports
- Fixed an issue where the CSA engine was being executed multiple times against the same file during a scan
- User-Agent header is now included with the in-session check request
- Login Sequence Recorder now uses the timeout value specified from settings
- Fixed several crashes when the Login Sequence Recorder was used against some specific websites
How to Upgrade to Build 20121213
When you start Acunetix WVS 8, a pop-up window will automatically notify you that a new build is available to download. Navigate to the General > Program Updates node in the Tools explorer, click on Download and Install the new build.
You can see the complete Acunetix WVS change log here.
Make sure you keep up to date with the latest website security and Acunetix news by reading the Acunetix Blog, liking the Acunetix Facebook Page, and following us on Twitter.
Get the latest content on web security
in your inbox each week.