Loading...
Wednesday, June 13, 2012
Home » Penetration Testing » Pentest » Sql Injection Scanner » VA » Vulnerability Scanner » Acunetix Web Vulnerability Scanner 8 - Build 20120613

Acunetix Web Vulnerability Scanner 8 - Build 20120613


Acunetix announce an updated build of Acunetix Web Vulnerability Scanner 8 (WVS 8). The new build 20120613 offers a number of new security checks, new scanner funtionalities, improvements and bug fixes.

New Security Checks
  • New security checks for Microsoft SharePoint.
  • Debug Parameters test offers you the ability to check your web applications if common debug parameters, such as “?debug=1” disclose sensitive information.
  • New Cross-Site Scripting checks for Ruby on Rails / Homakov variants.
  • Security check for JetBrains .idea project directory.
  • ToolsPack backdoor verification.
  • Security check for Fantastico_Filelist information disclosure.
  • Tests for authentication bypass vulnerabilities in MySQL, MariaDB (CVE-2012-2122).
  • Check for Nginx restrictions bypass (CVE-2011-4963).
  • New checks when phpinfo() page is discovered: all html in such page is parsed and various alerts are issued reporting PHP configuration problems (display_errors on, register_globals etc).
New Features
  • Ability to export report in the Report Viewer.
  • Alerts you when HTML forms do not have CSRF protection.
Improvements
  • Rewrote the ASP_NET_Oracle_Padding security script.
  • Improved SVN/GIT repository security scripts.
  • Improved presentation for all the alerts generated by crawler by showing more attack details.
Bug Fixes
  • Login sequence recorder is now using the configured user-agent.
  • Cookies path parameters are better supported.
  • The scheduler authentication checkbox is restored properly if you press “Cancel”.
  • Fixed theTrace/Track HTTP method test security script issue.
  • The input forms which are part of the login sequence are no longer filled with HTML forms pre-configured data.
  • Fixed the namespaces issue on the Web Services scanner.
  • Corrected the requests which are generated by the scan results imported from the Firefox extension.
  • Blind SQL injection now reports the correct value in the alert details.
  • Fixed the Jquery problem: CSA select html element and options are now correctly handled.

How to Upgrade to Build 20120613

On starting Acunetix WVS 8, a pop-up window will automatically notify you that a more recent build is available for download. Navigate to the General > Program Updates node in the Tools explorer, click on Download and Install the new build.
View the complete Acunetix WVS change log here.
Posted by at 8:31 PM
Information Security , , , ,
Share:

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)
 
TOP