Changelogs

Acunetix Standard & Premium

RSS Feed

v11.0.172351036 - 23 Aug 2017

Copy Link Copy Link
Version 11 (build 11.0.172351036) – 23rd August 2017

New Features and Vulnerability Tests

  • Detection of Apache Struts 2 Showcase RCE (CVE-2017-9791)
  • Check for .hgignore (Mercurial SCM configuration file)
  • Check for Atlassian Confluence Stored XSS (CVE-2016-6283)
  • Check for private key files with names based on ScanHost, e.g. “www.example.org.key”, “example.org.key”
  • Check for moment.js Denial of Service (CVE-2016-4055)
  • Various updates to the WordPress and Joomla checks
  • Introduction of Multi-Engine functionality for Enterprise customers

Improvements

  • Updated the Database backup file checks
  • Improved Jquery version fingerprinting
  • Updated detection of HttpOnly and Secure cookie flags
  • Updated default Target list sorting

Fixes

  • Fixed XSS detection issue
  • Minor fix to the allow_url_fopen enabled check
  • Fixed F5 BIP-AP ASM WAF XML export
  • Fixed issue causing Acunetix not to be able to install on Chinese OS

v11.0.171721334 - 21 Jun 2017

Copy Link Copy Link
Version 11 (build 11.0.171721334) – 21st June 2017

New Vulnerability Tests

Improvements

  • Improved detection of WordPress version
  • Various updates to the WordPress and Joomla checks
  • Updated description for Broken links alert.

Fixes

  • Fixed issue causing a crash in the scanning engine
  • Fix affecting the processing of xml files, resulting in scan performance improvement
  • Fix in the High Risk Scan Type, resulting in scan performance improvement
  • Various updates and fixes in the Acunetix web UI.

v11.0.171181742 - 27 Apr 2017

Copy Link Copy Link
Version 11 (build 11.0.171181742) – 27th April 2017

New Vulnerability Tests

Improvements

  • Various improvements to the WordPress checks

Bug Fixes

  • Fixed issue affecting checks on REST APIs
  • Fixed issue with Export to Imperva SecureSphere WAF

v11.0.171101535 - 20 Apr 2017

Copy Link Copy Link
Version 11 (build 11.0.171101535) – 20th April 2017

New Vulnerability Tests

Improvements

  • Improved Backup file checks
  • Various improvements to the WordPress checks
  • Added support for various JavaScript libraries in the Login Sequence Recorder and DeepScan

Bug Fixes

  • Virtual Host Audit check was not taking into consideration the Target Port and Scheme
  • Fixed DeepScan issue which caused infinite loop during auto-authentication for some web applications
  • Fixed issue in Login Sequence Recorder causing it not to load settings from the correct location

v11.0.170941159 - 04 Apr 2017

Copy Link Copy Link
Version 11 (build 11.0.170941159) – 4th April 2017

Improvements

  • The IP address or hostname of the Acunetix machine can be specified during the installation. This information is used to generate the SSL certificates used for the UI. This is required to avoid SSL errors
  • Update to Login Sequence Recorder and DeepScan improving compatibility with modern web applications
  • Target information is shown in “Scan Done” UI notifications
  • Various minor updates to the UI
  • Scan email notifications now include links to the scan results. Report email notifications include links to the report
  • Multiple updates to the WordPress and Joomla vulnerability checks

Bug Fixes

  • Fixed false positives caused by the PHP AcuSensor
  • Fixed 2 privilege escalation issues reported privately to Acunetix
  • Fixed false positive in WAF detection
  • Fixed UI issue caused by certain characters in the Target Description field

v11.0.170751531 - 16 Mar 2017

Copy Link Copy Link
Version 11 (build 11.0.170751531) – 16th March 2017

Updates

  • Check for Remote Code Execution (RCE) vulnerability in Apache Struts 2 (CVE-2017-5638)

v11.0.170611402 - 03 Mar 2017

Copy Link Copy Link
Version 11 (build 11.0.170611402) – 3rd March 2017

Updates

  • Multiple updates to the WordPress and Joomla vulnerability checks

Fixes

  • Fixed issue caused by UTF-8 characters in the login sequence filename
  • Fixed issue with Target address validation
1 15 16 17 27