New security checks in Acunetix Web Vulnerability Scanner v8 build 20130308

This new release of Acunetix Web Vulnerability Scanner version 8 – build 20130308– includes a number of new security tests, most of which are product-specific, as well as various improvements in Cross-Site Scripting (XSS) checks and various bug fixes in the scan scheduler.

New Functionality

  • Added a test for Kayako Fusion v4.51.1891 - Multiple Web Vulnerabilities
  • Added various tests for Apache Tomcat
  • Added a test for CKEditor 4.0.1 Cross-Site Scripting vulnerability
  • Added a test for Moveable Type 4.x Unauthenticated Remote Command Execution
  • Implemented detection of Virtual Hosts on the target server
  • Implemented jQuery 1.9 support
  • Added a test for subversion 1.7 (.svn) repositories
  • Added a test for Parallels Plesk SQL Injection Vulnerability (CVE-2012-1557).
  • Implemented some tests looking for various Unicode transformation issues such as Best-Fit Mappings, Overlong byte sequences and Ill-Formed Sub-sequences
  • Added header input schemes for folders
  • Added identification of file names in input scheme parameter values. Any file names detected are subsequently crawled

Improvements

  • Various improvements to XSS tests
  • Improved Possible_Sensitive_Directories script
  • Improved jQuery attr() support
  • Improved Virtual Host Directory Listing test
  • The report of 404 – Page Not Found now instructs users to checks the Referrers tab for a list of pages linking to the broken link

Bug Fixes

  • Fixed a crash that occurs infrequently when configuring a scheduled scan
  • Fixed various minor issues in the scan scheduler

How to Upgrade

When you start Acunetix WVS 8, you will be notified that a new build is available to download. Navigate to the General > Program Updates node in the Tools explorer, click on Download and Install the new build.

You can see the complete Acunetix WVS change log here. If you have any technical questions, feel free to email the Acunetix Team on support@acunetix.com. If you have any sales related questions or are interested in becoming an Acunetix Reseller, email the Sales Team - sales@acunetix.com.

Make sure you keep up to date with the latest website security and Acunetix news by reading the Acunetix Blog, taking part on the Acunetix Facebook Page, and following us on Twitter.

ShareShare on FacebookTweet about this on TwitterShare on Google+

Leave a Reply


*

  1. Steve Wysocki

    Hello, I am receiving the following error when trying to download the new build:

    03.13 10:34.31, [Error] Unable to download [http://www.acunetix.com/download/fullver8/2013_03_08_01_webvulnscan8.exe]. Try again later.

    Is there something that I need to do on my end, or is that file available for manual download?

    Thanks

    March 13, 2013 at 5:36 pm Reply
  2. Hi Steve,

    Can you let me know which build you are currently running?

    Thank you
    Nick

    March 14, 2013 at 12:01 pm Reply
  3. Probably you are using an older build. You would need to un-install your current installation, download and install the latest build from [https://www.acunetix.com/download/fullver8/]. Your settings, scanning profiles and reporting data will be retained.

    March 14, 2013 at 1:07 pm Reply