Acunetix Standard & Premium

New features

• Deepscan has been updated to make use of Chromium (Windows only – already included in Linux)
• Login Sequence Recorder has been updated to make use of Chromium (Windows only – already included in Linux)
• Acunetix can now test APIs document using Swagger (Windows only – already included in Linux)
• Introduced support for NTLM HTTP Authentication on Linux release (already included on Windows)
• Introduced support for Kerberos HTTP Authentication (Windows only)

New vulnerability checks

• A huge update increasing the detection of Stored XSS
• New test for possible file creation using the HTTP PUT method
• New test for Apache Tomcat Remote Code Execution Vulnerability (CVE-2017-12615)
• New test for Ektron Content Management System (CMS) 9.20 SP2, remote re-enabling users (CVE-2018–12596)
• New test for httpoxy vulnerability
• New test checks if CouchDB REST API is publicly accessible
• New test checks if CouchDB is vulnerable to Remote Privilege Escalation resulting in Remote Code Execution (CVE-2017-12635)
• New test for Apache ActiveMQ default credentials
• New test for Node.js Path validation vulnerability (CVE-2017-14849)
• New test for GoAhead web server RCE via unsafe environment initialization of forked CGI scripts (CVE-2017-17562)
• New test for publicly accessible Hadoop YARN ResourceManager WebUI
• New test for jQuery-File-Upload <= v9.22.0 unauthenticated arbitrary file upload vulnerability
• New test looks for Google Firebase Databases URLs in the response and checks if the Firebase Databases are accessible without authentication
• New test for Oracle WebLogic Remote Code Execution vulnerability via T3 (CVE-2018-3245)
• New test for Oracle WebLogic Authentication Bypass vulnerability (CVE-2018-2894)
• New test checks if Jupyter Notebook is publicly accessible
• New test for Apache Log4j socket receiver deserialization vulnerability
• New test for NGINX range filter integer overflow (CVE-2017-7529)
• New test for Xdebug remote code execution via xdebug.remote_connect_back
• Numerous new checks for WordPress Core, WordPress plugins, Joomla Core and Drupal Core.

Updates

• Numerous memory management improvements
• Multiple updates to LSR and session detection improving scanning of restricted areas
• Improved speed of SQL Injection vulnerability checks
• The new LSR / Deepscan will improve support of JavaScript rich sites
• Added mock geo-location support to support scanning sites that require geo-location
• Improved analysis of XML and JSON

Fixes

• Fixed scanner crash when scan was resumed from paused state
• Fixed some issues in the handling of cookies
• Custom cookies were not always used
• Content-Type header was not always being sent. This affected the detection of some vulnerabilities
• Fixed a false positive in SSL weak key length vulnerability check
• Fixed issue in the Social Security Number and Credit Card number check
• Fixed issue with AcuSensor download on Linux release
• Fixed issue causing scans to be aborted when server returns an invalid charset
• Fixed a number of other issues causing the scanner to close unexpectedly
• Sensitive and Backup files were not being checked for in the site root
• Fixed issue with jquery version extractor
• Fixed 2 internally reported security issues
• Fixed issue with re-installation of Linux installations

New Vulnerability Checks

• New check for Content Security Policy (CSP) not implemented
• New check for Subresource Integrity (SRI not implemented
• New check for Node.js web application source code disclosure
• New check for Ghostscript RCE via file upload
• New check for Paperclip Server-Side Request Forgery (SSRF) via file upload (CVE-2017–0889)
• New check for WPEngine _wpeprivate/config.json information disclosure
• New check for Cross site scripting in HTTP-01 ACME challenge implementation
• New check for npm log file disclosure
• New check for PHP-CS-Fixer cache file disclosure
• Multiple new WordPress and Joomla vulnerability checks

Updates

• License keys can now be updated via the Acunetix web UI
• Additional memory improvements
• Improved exclusion of parameters
• Multiple updates to existing vulnerability checks
• Improved CORS origin validation failure checks
• Improved Pickle Serialization check

Fixes

• Manual Intervention was not working after a paused scan is resumed
• Scans for some sites using Digest HTTP Authentication were stopping unexpectedly
• Additional fixes for issues causing scans exiting unexpectedly
• Fixed issue causing many product update requests when proxy authentication is incorrectly configured
• Fixed: Some backup files / folders were not being identified
• Some vulnerabilities were incorrectly reported in the site root
• Fixed issue in similar page detection causing scans to take longer than expected
• Fixed issue causing valid sessions not to be identified correctly during the scan

New Vulnerability checks

• Detection of Liferay TunnelServlet Deserialization Remote Code Execution
• Detection of Liferay XMLRPC Blind SSRF
• Detection of older versions of Liferay
• Detection of publicly writable Amazon S3 Buckets
• Detection of Apache Shiro Deserialization RCE
• Detection of RichFaces EL Injection RCE
• Detection of Spring JSONP enabled by default in MappingJackson2JsonView (CVE-2018-11040)
• Detection of Spring Webflow SPEL RCE (CVE-2017-4971)
• Detection of Telerik Web UI Cryptographic Weakness
• Detection of Rails Sprockets Path Traversal Vulnerability (CVE-2018-3760)
• Detection of Tomcat path traversal via reverse proxy mapping
• New Vulnerability checks for WordPress and Drupal

Updates

• Reduced the number of requests required for Web Application Detection
• Improved the JSON and the Generic document parser
• Improved handling of non-responsive sites

Fixes

• Fixed a few infrequent crashes
• Fixed Malware link checking vulnerability test
• Fixed issue causing scan to be aborted on redirect to different FQDN for login
• Fixed issue causing Scan Comparison reports to fail
• Fixed issue causing the scanner not to crawl certain HTTPs sites correctly when using proxy

New Features

• HTTP response is now shown for vulnerabilities detected (only affects new scans)
• Manual Intervention has been implemented in v12

New Vulnerability checks

• Added detection of Java Object Deserialization vulnerabilities
• Added detection for Cisco ASA Path Traversal (CVE-2018-0296)
• Added tests for misconfigured nginx aliases that can lead to a path traversal
• Added detection of Spring Security Authentication Bypass Vulnerability (CVE-2016-5007)
• Added detection of weak/insecure permissions for Atlassian Jira REST interface
• Added detection of Apache Tomcat Information Disclosure (CVE-2017-12616)
• Added detection of Spring Data REST Remote Code Execution (CVE-2017-8046)
• Added detection of Insecure Odoo Web Database Manager
• Added detection of JBoss Remote Code Execution (CVE-2015-7501 and CVE-2017-7504)
• Added detection of WebSphere Remote Code Execution (CVE-2015-7450)
• Updated WordPress Plugin vulnerability detection

Updates

• Password is no longer required when configuring client certificate for a Target
• Additional memory optimizations
• Scanner will now report when the LSR cannot login
• Application Error Message vulnerability check updated to provide more details on the error
• Reports, XML exports and WAF exports now use a more meaningful filename
• Reports now show the status of a scan
• Scan debug logs now include imported files
• Increase maximum number of issues trackers that can be configured

Fixes

• multiple crashes while scanning
• Scanner will now re-authenticate when website invalidates authentication during scan (applies to HTTP authentication only)
• Scanner sometimes fails to decode LSR output, leading to an unauthenticated scan
• Fixed many issues causing vulnerabilities not to be detected or to be detected incorrectly
• Two fixes affecting the setting of Cookies
• Fixed issue in RSS parsing
• Fields with certain characters in the name (such as $) were not being tested
• Some out of scope paths were still being crawled
• Fix in the Autologin
• Upon upgrade, user is asked to “Logout from Other Session”
• Target and Vulnerabilities reports were failing
• Recurrent scans for Standard licenses were being disabled
• some reports were generated without file extension