Acunetix Premium - v8.0.20121213

New Features

  • New report template for ISO 27001

New Security Checks

  • During a scan Acunetix WVS checks if the MongoDB web interface is open on the external interface
  • Check for included scripts which are from an invalid hostname
  • Added a new module for testing Slow HTTP Denial of Service attacks like Slowloris
  • Added a new security check that tries to guess various internal virtual hosts (information disclosure)
  • Checks for phpLiteAdmin default passwords

Improvements

  • Improved the SQL Injection detection for SQLite3
  • Further improved the Cross-Site Scripting security check
  • Added detailed descriptions to all the Acunetix WVS security scripts
  • Removed all broken web references in vulnerability reports and added several new ones
  • Improved the Joomla! security scripts for more enhanced security scanning of Joomla! portals

Bug Fixes

  • Fixed a text wrapping issue in the compliance reports
  • Fixed an issue where the CSA engine was being executed multiple times against the same file during a scan
  • User-Agent header is now included with the in-session check request
  • Login Sequence Recorder now uses the timeout value specified from settings
  • Fixed several crashes when the Login Sequence Recorder was used against some specific websites