We are pleased to announce an updated build of Acunetix Web Vulnerability Scanner 8 (WVS 8). The new build 20120808 offers a number of new security checks for several different well known web applicatoins, improvements and also a number bug fixes.
- Acunetix WVS will alert the user if a web application firewall or IDS are detected
New Security Checks:
- Added a security check for FCKeditor cross site scripting vulnerability
- Added a test for Liferay json Auth Bypass
- Acunetix WVS now checks for Server Side Request Forgery
- Added several security checks for IBM Tivoli Access Manager Web Server vulnerabilities
- New security check for vulnerabilities in SharePoint Could Allow Elevation of Privilege (MS12-050)
- Acunetix WVS now cheks for several DotNetNuke vulnerabilities (popular ASP.NET CMS)
- Added a new security check for exposed Apache Solr Service
- Remote code execution tests for Umbraco asp.net CMS software
- Check for SWFUpload applet vulnerability in a large number of web applications
- Added security checks for user controllable scripts and charsets
- HTTP Verb Tampering security script now bruteforces common or sensitive files and directories
- Cross-site scripting (XSS) security checks were improved
- Fixed: Login Sequence Recorder; ssl_write result was not handled correctly resulting in data not rendering correctly
- Fixed: Display problem; alert/child count was not displayed correctly in some cases
- Fixed: Developer report was not showing long urls in coverage report
- Fixed: Saved credentials were not persistent in general settings
- Fixed: Product was not activating when using proxy credentials for activation
How to Upgrade to Build 20120808
On starting Acunetix WVS 8, a pop-up window will automatically notify you that a more recent build is available for download. Navigate to the General > Program Updates node in the Tools explorer, click on Download and Install the new build.
View the complete Acunetix WVS change log here.