Acunetix Web Vulnerability Scanner 8 (WVS 8) - Build 20120704
Acunetix are pleased to announce an updated build of Acunetix Web Vulnerability Scanner 8 (WVS 8). The new build 20120704, includes a number of new security checks, improvements and bug fixes. The highlight of this new Acunetix Web Vulnerability Scanner 8 build is that it includes cross-site scripting security checks for HTML5 web applications, and also for responses of text/xml content-type.
New Security Checks:
- Added a number of new HTML 5 Cross-site scripting security checks
- content-type text /xml responses are now being checked for XSS vulnerabilities
- Using Windows 8.3 short filenames techniques to check for information disclosure
- Checks for Microsoft IIS Tilde directory enumaration problems
- A number of new security checks for Webadmin
- Checking for MySQL, RubyonRails and phpMyAdmin SQL dump files on web applications
- File disclosure via XXE Injection tests for Zend Framework
- Information disclosure checks in environment variables
Improvements:
- Improved Directory Traversal security checks
- Less false positives reported by the HTML Forms security checks
Bug Fixes:
- Custom cookies paths are now set correctly to the start URL
- Login Sequence Recorder now executes Javascripts even if there are js errors
- New discovered input parameters variations are added to the list of input variations rather than ignored
How to Upgrade to Build 20120704
On starting Acunetix Web Vulnerability Scanner 8, a pop-up window will automatically notify you that a more recent build is available for download. Navigate to the General > Program Updates node in the Tools explorer, click on Download and Install the new build.
Previous post regarding Acunetix -
http://santoshdudhade.blogspot.in/2012/06/acunetix-web-vulnerability-scanner-scan.htmlhttp://santoshdudhade.blogspot.in/2012/06/acunetix-web-vulnerability-scanner-8.html
