Acunetix Standard & Premium

Updates

• Improved scanning of .NET web applications
• Improved processing of CSS files
• 40% speed improvement when parsing pages
• Various updates to WSDL processing

Fixes

• Some invalid URLs were being incorrectly reported as external hosts
• Fixed issue causing communication problem between scanner and backend
• Allowed hosts were not always being scanned
• Integrated LSR was not always working on Internet Explorer 11
• Fixed LSR display problem when browser window is zoomed or resized
• Fixed issue when importing Burp State file

Updates

• HTTP response size limit has been increased to 20Mb
• Swagger parser now supports yml files

Fixes

• Fixed a scanner crash
• Fixed: Login Sequence Recorder was not using the User-Agent configured for the Target
• Fixed issue causing false positives in ‘User controllable charset’ and ‘User controllable script source’
• Fixed issue with BURP state file importer
• Fixed: Users could not update an expired POC license

New features

• Deepscan has been updated to make use of Chromium (Windows only – already included in Linux)
• Login Sequence Recorder has been updated to make use of Chromium (Windows only – already included in Linux)
• Acunetix can now test APIs document using Swagger (Windows only – already included in Linux)
• Introduced support for NTLM HTTP Authentication on Linux release (already included on Windows)
• Introduced support for Kerberos HTTP Authentication (Windows only)

New vulnerability checks

• A huge update increasing the detection of Stored XSS
• New test for possible file creation using the HTTP PUT method
• New test for Apache Tomcat Remote Code Execution Vulnerability (CVE-2017-12615)
• New test for Ektron Content Management System (CMS) 9.20 SP2, remote re-enabling users (CVE-2018–12596)
• New test for httpoxy vulnerability
• New test checks if CouchDB REST API is publicly accessible
• New test checks if CouchDB is vulnerable to Remote Privilege Escalation resulting in Remote Code Execution (CVE-2017-12635)
• New test for Apache ActiveMQ default credentials
• New test for Node.js Path validation vulnerability (CVE-2017-14849)
• New test for GoAhead web server RCE via unsafe environment initialization of forked CGI scripts (CVE-2017-17562)
• New test for publicly accessible Hadoop YARN ResourceManager WebUI
• New test for jQuery-File-Upload <= v9.22.0 unauthenticated arbitrary file upload vulnerability
• New test looks for Google Firebase Databases URLs in the response and checks if the Firebase Databases are accessible without authentication
• New test for Oracle WebLogic Remote Code Execution vulnerability via T3 (CVE-2018-3245)
• New test for Oracle WebLogic Authentication Bypass vulnerability (CVE-2018-2894)
• New test checks if Jupyter Notebook is publicly accessible
• New test for Apache Log4j socket receiver deserialization vulnerability
• New test for NGINX range filter integer overflow (CVE-2017-7529)
• New test for Xdebug remote code execution via xdebug.remote_connect_back
• Numerous new checks for WordPress Core, WordPress plugins, Joomla Core and Drupal Core.

Updates

• Numerous memory management improvements
• Multiple updates to LSR and session detection improving scanning of restricted areas
• Improved speed of SQL Injection vulnerability checks
• The new LSR / Deepscan will improve support of JavaScript rich sites
• Added mock geo-location support to support scanning sites that require geo-location
• Improved analysis of XML and JSON

Fixes

• Fixed scanner crash when scan was resumed from paused state
• Fixed some issues in the handling of cookies
• Custom cookies were not always used
• Content-Type header was not always being sent. This affected the detection of some vulnerabilities
• Fixed a false positive in SSL weak key length vulnerability check
• Fixed issue in the Social Security Number and Credit Card number check
• Fixed issue with AcuSensor download on Linux release
• Fixed issue causing scans to be aborted when server returns an invalid charset
• Fixed a number of other issues causing the scanner to close unexpectedly
• Sensitive and Backup files were not being checked for in the site root
• Fixed issue with jquery version extractor
• Fixed 2 internally reported security issues
• Fixed issue with re-installation of Linux installations

New Vulnerability Checks

• New check for Content Security Policy (CSP) not implemented
• New check for Subresource Integrity (SRI not implemented
• New check for Node.js web application source code disclosure
• New check for Ghostscript RCE via file upload
• New check for Paperclip Server-Side Request Forgery (SSRF) via file upload (CVE-2017–0889)
• New check for WPEngine _wpeprivate/config.json information disclosure
• New check for Cross site scripting in HTTP-01 ACME challenge implementation
• New check for npm log file disclosure
• New check for PHP-CS-Fixer cache file disclosure
• Multiple new WordPress and Joomla vulnerability checks

Updates

• License keys can now be updated via the Acunetix web UI
• Additional memory improvements
• Improved exclusion of parameters
• Multiple updates to existing vulnerability checks
• Improved CORS origin validation failure checks
• Improved Pickle Serialization check

Fixes

• Manual Intervention was not working after a paused scan is resumed
• Scans for some sites using Digest HTTP Authentication were stopping unexpectedly
• Additional fixes for issues causing scans exiting unexpectedly
• Fixed issue causing many product update requests when proxy authentication is incorrectly configured
• Fixed: Some backup files / folders were not being identified
• Some vulnerabilities were incorrectly reported in the site root
• Fixed issue in similar page detection causing scans to take longer than expected
• Fixed issue causing valid sessions not to be identified correctly during the scan

New Vulnerability checks

• Detection of Liferay TunnelServlet Deserialization Remote Code Execution
• Detection of Liferay XMLRPC Blind SSRF
• Detection of older versions of Liferay
• Detection of publicly writable Amazon S3 Buckets
• Detection of Apache Shiro Deserialization RCE
• Detection of RichFaces EL Injection RCE
• Detection of Spring JSONP enabled by default in MappingJackson2JsonView (CVE-2018-11040)
• Detection of Spring Webflow SPEL RCE (CVE-2017-4971)
• Detection of Telerik Web UI Cryptographic Weakness
• Detection of Rails Sprockets Path Traversal Vulnerability (CVE-2018-3760)
• Detection of Tomcat path traversal via reverse proxy mapping
• New Vulnerability checks for WordPress and Drupal

Updates

• Reduced the number of requests required for Web Application Detection
• Improved the JSON and the Generic document parser
• Improved handling of non-responsive sites

Fixes

• Fixed a few infrequent crashes
• Fixed Malware link checking vulnerability test
• Fixed issue causing scan to be aborted on redirect to different FQDN for login
• Fixed issue causing Scan Comparison reports to fail
• Fixed issue causing the scanner not to crawl certain HTTPs sites correctly when using proxy