Acunetix WVS Build History

Build v6.5.20100203 - 3rd February 2010

New security checks:

  • 8.3 DOS filename source code disclosure
  • Apache Tomcat Directory Host Appbase authentication bypass vulnerability
  • Apache Tomcat WAR File directory traversal vulnerability
  • Apache stronghold-info enabled
  • Apache stronghold-status enabled
  • ColdFusion 9 Solr Service exposed
  • Error page path disclosure
  • Error page web server version disclosure
  • File inclusion RFI list
  • Checks for multiple vulnerabilities in XAMPP
  • Server-Side Includes (SSI) injection on Unix
  • Server-Side Includes (SSI) injection on Windows
  • ASP.NET error messages when requesting URL like |.aspx

Improvements:

  • Added more variants to FCKeditor arbitrary file upload
  • Updated cross site scripting in path security checks
  • Updated directory listing security checks
  • Updated directory traversal on Unix security checks
  • Updated file upload security checks
  • Updated LDAP injection security checks
  • Updated possible sensitive files security checks
  • Updated XPath injection security checks

Bug Fixes:

  • Workaround for window.open used with NULL parameter
  • Notify elements that they are unbidden
  • Notify form if an input was removed
  • Include select element values in submitted data
  • Fixed: HttpProt was sending content length with CONNECT
  • Fixed: Crawler didn't consider post data for links from CSA engine; some where ignored
  • Fixed: Login sequence recorder was sending requests synchronously

Build v6.5.20100111 - 11th January 2010

New security checks:

  • Test for File Upload IIS bug filename.asp;.jpg
  • Test for WP-Forum 2.3 vulnerabilities
  • JBoss rmi ping (network script)

Bug Fixes:

  • Bugfix: Modified forms notifications from CSA
  • Bugfix: CSA: Workaround for window.open with null parameters
  • Fixed: In some specific scenarios the scheduler queue was restarting on its own
  • Fixed: Node was not expanding automatically when manually adding a new logout link in the LSR

Build v6.5.20091215 - 15th December 2009

New security checks:

  • JBoss BSHDeployer MBean
  • JBoss checks from RedTeam’s paper
  • JBoss HttpAdaptor JMXInvokerServlet
  • JBoss Server MBean
  • JBoss ServerInfo MBean
  • JBoss Web Console JMX Invoker
  • phpShop v0.8.1 Multiple Vulnerabilities
  • Invision Power Board <= v3.0.4 Local PHP File Inclusion and SQL Injection

Improvements:

  • Improved Blind SQL injection tests to reduce false positives
  • Added better JBoss server detection
  • Better detection for Postgre SQL injections

Bug Fixes:

  • Fixed: GUI crashes when specific settings are changed in the Port Scanner node
  • Fixed: Login Sequence recorder was retaining post data when redirecting to the same page

Build v6.5.20091130 - 30th Novomber 2009

Bug Fixes:

  • Fixed: crash in TM_MultiRequest_Parameter_Manipulation module
  • Fixed: bug in crawler related with GetVar encoding

Build v6.5.20091124 - 24th November 2009

New:

  • New security checks of AcuSensor Technology
    • curl_exec() url is controlled by user
    • PHP preg_replace used on user input
    • PHP super-globals-overwrite
    • PHP unseriazlie used on user input
  • Other new security checks of Acunetix WVS
    • osCommerce authentication bypass
    • Apache Tomcat insecure default administrative password
    • Apache Tomcat directory traversal
    • Checks for PHP invalid data type error messages
    • Check for possible remote SWF inclusion
    • Added further checks for possible sensitive files; general tests per server
    • Added further checks for possible sensitive directories; general tests per server
    • Added a new security check for SQL injection in the authentication header (basic authentication, base64 encoded)
    • Added AlertIfTextNotFound group parameter to invert search and issue an alert if a specified text is not found

Improvements:

  • Renamed Weak password module to Authentication module since now it includes much more authentication security checks
  • Improved Cross-site scripting in URI checks to include Ruby on rails security checks
  • Improved Application errors security checks
  • Introduced 3 new setting parameters for the crawler in Settings.XML file:
    • <MaxFirstPossibleValue>262144</MaxFirstPossibleValue>
    • <MaxOtherPossibleValues>256</MaxOtherPossibleValues>
    • <MaxNumberOfPossibleValues>1000</MaxNumberOfPossibleValues>

Bug Fixes:

  • Fixed: false positives issued in weak password alert
  • Fixed: WSDL importer crash when importing recursive complex elements
  • Fixed: Crawler proxy request handling changed to decode the input name/value
  • Fixed Vulnerability Editor to show group parameters with default values if no VulnXML template is used
  • Changed HTTP_Anomalies to log PHP errors and save the results in a file (instead of alerts)Changed HTTP_Anomalies to log PHP errors and save the results in a file instead of alerts
  • Hidden VulnXML properties for alerts that are not using vulnxml default template in Vulnerability Editor
  • Adjusted VulnXML to reduce the number of false positives for Blind SQL injection timing tests
  • Updated CSA engine; delete the BOM characters from script sources
  • Updated URL_Helper; UrlEncode/Decode modified not to use str := str + ch and to validate hex characters after %
  • Updated File_Inputs; possible values are limited in size now

Build v6.5.20091027 -27th October 2009

Bug Fixes:

  • Fixed: Redirect on LoginSequenceStep was not followed correctly
  • Fix in URL Rewrite module to remove GetVars before matching rules

 Build v6.5.20091012 -12th October 2009

Bug Fixes:

  • Fixed: Memory leak when invoking state change handler
  • Fixed: Item index for an item which has just been inserted fails in the Browserframe
  • Fixed: Error in indexing the get variables when redirecting in Session management

 Build v6.5.20091005 - 5th October 2009

New:

  • Added a new check for SVN repositories

Improvements:

  • Improved MultiRequest paramenter manipulation; now using the form matcher to match parameter values
  • Improved SQL injection tests
  • Improved Application error tests

Bug Fixes:

  • Fixed: Links from HTML comments and other sources that are not trusted where not checked if they are from the same host as the base
  • Fixed: Login sequence not working properly with HTTP authentication
  • Fixed: MessageDlg was used in inittempfiles in console mode
  • Fixed: WinInet bug to resent the request if the server accepts client certificates
  • Fixed: Redirect from index.php to index.php was not working

Build v6.5.20090917 - 17th September 2009

New:

  • Added two new blind SQL injection tests
  • Added a new scanning profile for stored XSS only
  • Added HTTP verb tempering using POST method check

Improvements:

  • Improved appearance for compliance report by adding visual markets and several other presentation enhancements

Bug Fixes:

  • Fixed temporary files access issue
  • Fixed issue where HTTP Proxy was dublicating the connection: keep-alive header
  • Fixed issue where HTTP Proxy was putting the authorization header from fake basic authentication into server request
  • Fixed a problem where credentials configured through command line where not working properly in particular situations


Build v6.5.20090813 - 13th August 2009

Improvements:

  • HTML forms settings node was renamed to Input Fields.  This node now can also be used to pre-define web services operations values.
  • New SQL Injection tests added
  • New XSS tests (unicode) added



Build v6.5.20090728 - 28th July 2009

New Features:

  • Manual Intervention module: better support for CAPTCHA and modern authentication mechanisms  

Improvements:

  • Added new variants of blind SQL injection tests (now testing both AND and OR boolean operators)
  • Added new tests for SQL Injection with charset GBK/Big5
  • Added new variants for Cross site scripting

Bug Fixes: 

  • Fixed several issues with CSA (Client Script Analyzer) engine.


Build v6.5.20090622 - 22nd June 2009

Improvements:

  • Better cookies handling in several modules
  • Implemented exception handler in Login Sequence Recorder

Bug Fixes:

  • Handled issue when non-responsive hosts triggered download dialog 



Build v6.5.20090618 - 18th June 2009

 New Features:

  • Implemented Blind SQL Injection (timing) for web services scanner  
  • Implemented HTTP authentication for web services scanner

Bug Fixes:

  • Fixed problem related to File Inclusion in AcuSensor Technology
  • Fixed a problem in ssl_ping network script



Build v6.5.20090519 - 20th May 2009

 New Features:

  • File upload forms vulnerability checks  
  • New Login Sequence Recorder; supports much more authentication forms and web technologies  
  • Session Auto Recognition module; if the session is invalidated or logged out during crawling, the scanner will automatically replay the login sequence without the need of manual intervention  
  • Actions drop down menu; for each selected node, the actions drop down menu is activated showing all possible functions  
  • Much more checks and alerts for JSP, Java and Tomcat web server  

Major Improvements:

  • Improved cookie management and session handling to support modern dynamic websites
  • Port scanner and Network Alerts results will appear  in a separate node in the results tree
  • Users can import Version 6 settings to Version 6.5
  • Added blind SQL injection timing test using MySQL's sleep and MS SQL's waitfor function.  This will help in discovering particular blind SQL injections that do not report a change on the page


 Build v6.1.20090211 - 11th February 2009

 General improvements:

  • CSA engine now supposrts jQuery and Yahoo! UI JavaScripts libraries
  • Added component in scanner to search for links in HTML comments and Flash (SWF) strings
  • Created an ASL.1 parser which can parse X509 Certificates
  • Improved Crawler; improved Wivet coverage to 94%
  • Added more JBoss configuration tests
  • Added more Tomcat tests
  • Added more web server configuration checks for server path, internal IP and username/password disclosure
  • Improved RSS/Atom parses
  • Added more attack vectors to source code disclosure and directory traversal tests for both Windows and Unix

Bug Fixes:

  • Reporter now filters very long knowledge base items
  • Fixed SSL3, TLS1 parsing issues
  • Fix in Crawler to handle better query variable in start URL's

Build v6.0.20081209 - 9th December 2008

 General improvements:

  • Optimized large portions of the code to improve speed
  • Optimized Progress text for scripts and port scan
  • Show progress on ScanInfo frame

Bug Fixes:

  • Module tm_backup_files - can make tests like {filename}{test}{extension} (e.g. file1.php from file.php)
  • Crawler was not sending the custom cookies for the first request reporter crash on settings read (only try/except)
  • Fixed crash in "import scan results to database" when the scan was running
  • SSL certificate validity year fix
  • Fixed a bug in parameter manipulation. Crashing when Combination was nil (no values)
  • Error in interpreting redirections of type "?getvar=value"
  • Fixed jsessionid session fixation test
  • Fixed Activation in v6 for Vista.
  • Fixed a problem with Authentication Tester (the app was not recovering when an invalid protocol was specified as target) - Reported by Harutyun Sardaryan
  • Fixed a crash in HTTP Fuzzer - Reported by Harutyun Sardaryan
  • Fix in Blind SQL Injector: On UNION SELECT based string extraction when httpencoding is applied the last char was eaten

Build v6.0.20081028 - 28th October 2008

New tools / Applications:

General improvements:

  • Pause and Resume scan functionality
  • Option to mark an alert as false positive
  • Support for NTLM v2
  • Scanner can now gather a list of uncommon HTTP responses
  • Scanner can automatically stop if a number of network errors occure or web server does not respond.

User Interface improvements:

  • Compare results tool now compares also Knowledge Base items and list of open web server ports
  • Possibility to quickly locate a vulnerability by using a filter while before only search was allowed
  • In Scanning profiles and Vulnerability Edior vulnerabilities are automatically sorted by name
  • In HTTP Fuzzer results can be sorted by clicking on header columns and changes in Fuzzer filters are automatically reflected in results window

Scheduler improvements:

  • All scanning options are now available in scheduler
  • Option to configure the day of the week or month for a scheduled scan
  • Option to configure scan exclusion hours, i.e. when an ongoing scan should be paused and resumed

Build v5.1.70829 - 4th September 2007

  • Huge improvement in memory handling! - Memory handling is now done in a much more efficient way and temporary data is now stored by default onto the hard drive freeing up a LOT of system memory especially when dealing with large websites.
  • Introduced pre-conditions to various vulnerability tests - this will check if vulns can actually exist in a certain environment before starting to test for then - thus avoiding checking for vulnerabilities in vain and at the same time speeding up the scanning time.
  • Summary view for alert nodes - avoids long delays in displaying all alerts under a node
  • Added "Current Test" information to the scan information view
  • Improvements in HTTP Fuzzer
  • Fixed Javascript issue with parsing certain websites
  • Fixed validation when saving login sequence file
  • Fixed crash with error "sitefile parts already loaded"
  • Fixed Web Services Scan Wizard detection of Inputs for particular WSDL URLs
  • Fixed Web Services Scaner crash when clicking on some elements of the tree structure

Build v5.0.70621 - 25th June 2007

  • Tweak in Heuristic scanning mode for improved memory management
  • Enabled by default save crawling data to disk
  • Added Day and Month to timestamps in Activity Window
  • Small text changes in crawler settings
  • Elevation of privileges OS vulnerability fix

Build v5.0.70604 - 11th June 2007

New Tools / Applications:

  • Subdomain Scanner
  • Web Services Scanner
  • Web Services Editor
  • Reporter Application

General Improvements:

  • Microsoft WindowsVista Support
  • Visual Interface Improvements with new graphics and buttons
  • Source View in various parts of the product
  • Password protection for all Acunetix Tools and applications
  • Upgrading from Previous Versions/Builds keeps all Settings and Configurations

Reporting Improvements:

  • New Reporter Application
  • Detailed Scans View from the Database
  • Standard Report Templates: Developer, Executive, Vulnerability
  • Scan Comparison Templates
  • Statistical Templates: Yearly, Monthly, etc..
  • Compliance Reports Templates: PCI, Sarbanes-Oxley, HIPAA, etc..

Crawler Improvements:

  • Manual Choice of Files from the Site Structure
  • Directory Recursion (loop) Detection
  • URL Rewrite Detection and Warning to User
  • Improved Filtering (replacing the old search functionality)

Scanner Improvements:

  • New Scanning Mode Option: Quick, Heuristic and Full
  • Multi-Step Scanning
  • Stored XSS Tests
  • Header Manipulation
  • Improved Blind SQL Injection Tests
  • Improved Mod_Rewrite Support
  • Improved Filtering (replacing the old search functionality)
  • Grouping of Test Variants
  • Sitemaps Support
  • Added New Vulnerability Tests

Scheduler Improvements:

  • Support for Web Services Scheduled Scans
  • New options for Source and Output of Scans
  • Mail Notifications

Command Line Improvements:

  • New options added to support more functions like the full application
  • Web Services Scans
  • Mail Notifications

Database Improvements:

  • Significantly Reduced DB Size by 90% while keeping the same details and more!
  • New Database Structure (conversion tool available to upgrade from v4 structure)

Acunetix Web Application Security Blog

Latest Article

Web Server Security and Database Server Security

Latest Whitepaper

Why File Upload Forms are a major security threat

Testimonials

“The issues detected were of major impact; if hackers would have found the security holes, they could have hacked an entire Joomla! Site.”

Robin Muilvijk
Quality & Testing Team, Joomla!