We are pleased to announce an updated build of Acunetix Web Vulnerability Scanner 8 (WVS 8). The new build 20120808 offers a number of new security checks for several different well known web applications, improvements and also a number bug fixes.

New Feature:

  • Acunetix WVS will alert the user if a web application firewall or IDS are detected

New Security Checks:

  • Added a security check for FCKeditor cross site scripting vulnerability
  • Added a test for Liferay json Auth Bypass
  • Acunetix WVS now checks for Server Side Request Forgery
  • Added several security checks for IBM Tivoli Access Manager Web Server vulnerabilities
  • New security check for vulnerabilities in SharePoint Could Allow Elevation of Privilege (MS12-050)
  • Acunetix WVS now cheks for several DotNetNuke vulnerabilities (popular ASP.NET CMS)
  • Added a new security check for exposed Apache Solr Service
  • Remote code execution tests for Umbraco asp.net CMS software
  • Check for SWFUpload applet vulnerability in a large number of web applications
  • Added security checks for user controllable scripts and charsets

Improvement:

  • HTTP Verb Tampering security script now bruteforces common or sensitive files and directories
  • Cross-site scripting (XSS) security checks were improved

Bug fixes:

  • Fixed: Incorrect handling of Internet Explorer’s Javascript substr implementation
  • Fixed: Login Sequence Recorder; ssl_write result was not handled correctly resulting in data not rendering correctly
  • Fixed: Display problem; alert/child count was not displayed correctly in some cases
  • Fixed: Developer report was not showing long urls in coverage report
  • Fixed: Saved credentials were not persistent in general settings
  • Fixed: Product was not activating when using proxy credentials for activation

How to Upgrade to Build 20120808

On starting Acunetix WVS 8, a pop-up window will automatically notify you that a more recent build is available for download. Navigate to the General > Program Updates node in the Tools explorer, click on Download and Install the new build.

View the complete Acunetix WVS change log here.

Contact the Acunetix Team on support@acunetix.com for any technical queries or sales@acunetix.com for any sales information.

To keep up to date with the latest website security news, ‘Like’ the Acunetix Facebook Page, follow us on Twitter and read the Acunetix Blog.

SHARE THIS POST
THE AUTHOR
Acunetix

Acunetix developers and tech agents regularly contribute to the blog. All the Acunetix developers come with years of experience in the web security sphere.