Acunetix Web Vulnerability Scanner version 9, build 20130904 contains various new features including the detection of BREACH and CRIME SSL / TLS vulnerabilities, the detection of vulnerabilities in OpenX and vBulletin, and various other improvements.
- Implemented the detection for BREACH vulnerabilities.
- Implemented the detection of Compression Ratio Info-leak Made Easy (CRIME) SSL/TLS exploits.
- Added detection for OpenX 2.8.10 backdoor.
- Added detection of vBulletin versions 4.1+ and 5+ customer number leak.
- Improved DeepScan to provide better coverage.
- Improved SQL injection detection for HSQLDB databases.
- Improved XSS detection.
- Added ability to select/unselect all items in a folder when using the option “after crawling let me choose the files to scan”.
- Fixed custom 404 browser navigation bug
- Filenames encoded as UTF-8 are now properly displayed.
How to Upgrade
If you are running Acunetix WVS 8, you should follow the upgrade instructions available in the “Upgrading from a previous version of Acunetix Web Vulnerability Scanner” in the Acunetix WVS user manual.
If you are running Acunetix WVS v9, you will be notified that a new build is available to download when you start Acunetix WVS. Navigate to the General > Program Updates node in the Tools explorer, click on Download and Install the new build.