Acunetix WVS v6.5 build 20100203 released
Acunetix Web Vulnerability Scanner (WVS) is an automated web application security testing tool that audits your web applications by checking for exploitable hacking vulnerabilities. Automated scans may be supplemented and cross-checked with the variety of manual tools to allow for comprehensive web site and web application penetration testing.
New security checks:
- 8.3 DOS filename source code disclosure
- Apache Tomcat Directory Host Appbase authentication bypass vulnerability
- Apache Tomcat WAR File directory traversal vulnerability
- Apache stronghold-info enabled
- Apache stronghold-status enabled
- ColdFusion 9 Solr Service exposed
- Error page path disclosure
- Error page web server version disclosure
- File inclusion RFI list
- Checks for multiple vulnerabilities in XAMPP
- Server-Side Includes (SSI) injection on Unix
- Server-Side Includes (SSI) injection on Windows
- ASP.NET error messages when requesting URL like |.aspx
Improvements:
- Added more variants to FCKeditor arbitrary file upload
- Updated cross site scripting in path security checks
- Updated directory listing security checks
- Updated directory traversal on Unix security checks
- Updated file upload security checks
- Updated LDAP injection security checks
- Updated possible sensitive files security checks
- Updated XPath injection security checks
Bug Fixes:
- Workaround for window.open used with NULL parameter
- Notify elements that they are unbidden
- Notify form if an input was removed
- Include select element values in submitted data
- Fixed: HttpProt was sending content length with CONNECT
- Fixed: Crawler didn’t consider post data for links from CSA engine; some where ignored
- Fixed: Login sequence recorder was sending requests synchronously
How to upgrade: On starting up Acunetix WVS, a pop up window will automatically notify you that a more recent build is available for download. To download the latest build, navigate to General > Program Updates node in the Tools explorer, and click on Download and Install new build.
Post scriptum
Compliance Mandates
|
Related Articles
Acunetix |
|
Application Scanner |
|
Vulnerability Scanner |
|