This is very common ask and keep update post, latest on top, and old just behind the latest information. Instead of create multiple post in different date, we combine all in one, easy for reference for the same edition and build history and feature implement along the release. The post date will keep change to reflect for the latest changes, despite it older portion of content is post previously, it will keep update the post date to make it relevant for customer and for those who want to access all the information in one post.
Acunetix version 12 (build 12.0.190206130 – Windows and Linux) has been released. This new build makes it easier to record Login Sequences which can be used to scan restricted areas, and provides support to provide Swagger and WSDL as import files to be used by the scanner. The new build includes a good number of vulnerabilities checks for Web Backdoors, Stack trace Disclosure in a number of products, vulnerabilities in Oracle Reports, Docker, Jenkins server and Adobe Experience Manager. The new vulnerability checks, updates and fixes are available for both Windows and Linux.
- New Integrated Login Sequence Recorder – Login Sequences can be recorded directly from the Acunetix UI
- Swagger (JSON and YAML) and WSDL can be used as import files
New Vulnerability checks
- New checks for a number of Web Backdoors
- New checks for elmah.axd information disclosure
- New test for Stack Trace Disclosure in Django
- New test for Stack Trace Disclosure in ASP.NET
- New test for Stack Trace Disclosure in ColdFusion
- New test for Stack Trace Disclosure in Python
- New test for Stack Trace Disclosure in Ruby
- New test for Stack Trace Disclosure in Tomcat
- New test for Stack Trace Disclosure in Grails
- New test for Stack Trace Disclosure in Apache MyFaces
- New test for Stack Trace Disclosure in Java
- New test for Stack Trace Disclosure in GWT
- New test for Stack Trace Disclosure in Laravel
- New test for Stack Trace Disclosure in Rails
- New test for Stack Trace Disclosure in CakePHP
- New test for Stack Trace Disclosure in CherryPy
- New Directory Listing vulnerability checks
- New Error Message vulnerability checks
- New test for Oracle Reports RWServlet showenv
- New test for Docker Engine API publicly accessible
- New test for Docker Registry API publicly accessible
- New test for Jenkins server user enumeration
- New test for Jenkins server weak credentials
- Added the following new tests for Adobe Experience Manager
- Day CQ WCM Debug Filter enabled
- LoginStatusServlet exposed (allows to bruteforce credentials)
- Bruteforce a set of default AEM credentials if LoginStatusServlet is exposed
- QueryBuilderFeedServlet public accessible, sensitive information might be exposed
- Implemented tests for a bunch of SWF files that are exposed by AEM code that are vulnerable to Reflected XSS
- Test if the AEM Groovy Console is publicly accessible. Permits RCE
- Added a test for exposed AEM ACS Tools (a set of tools for AEM developers) – RCE is possible
- Test if GQLServlet is publicly accessible. Sensitive information could be exposed
- Test if Adobe Experience Manager AuditLogServlet is publicly accessible. Audit log records could be exposed
- Test for Server Side Request Forgery (SSRF) via SalesforceSecretServlet (CVE-2018-5006)
- Test for Server Side Request Forgery (SSRF) via ReportingServicesServlet
- Test for Server Side Request Forgery (SSRF) via SiteCatalystServlet was detected
- Improved the scanning of sites using SOAP
- Improved parsing of paths
- TXT import now takes precedence over excluded paths
- Improved the adherence of the scan scope
- Improved the detection of the version of WordPress plugins
- Improved the automatic session pattern detection in the LSR
- LocalStorage / SessionStorage is retained between LSR and Deepscan Sessions
- Fixed: Scan scope was not always respected
- Technology detected during the scan was not being reported
- Fixed several scanner unexpected termination issues
- Fixed issue causing large PDF reports not to be generated
- Fixed: AcuSensor file data is better filtered by scanner.
Acunetic version 12 (build 12.0.190121124 – Windows and Linux) – 22nd January 2019
- HTTP response size limit has been increased to 20Mb
- Swagger parser now supports yml files
- Fixed a scanner crash
- Fixed: Login Sequence Recorder was not using the User-Agent configured for the Target
- Fixed issue causing false positives in ‘User controllable charset’ and ‘User controllable script source’
- Fixed issue with BURP state file importer
- Fixed: Users could not update an expired POC license
Acunetix version 12 (build 12.0.181218140 – Windows and Linux) has been released. This new build checks for vulnerabilities in Apache Solr, Apache mod)jk, Coldfusion, ACME mini_httpd, Spring Security. The new build also includes a number of updates and important fixes. The new vulnerability checks, updates and fixes are available for both Windows and Linux.
New Vulnerability checks
- New test for Apache Solr XXE (CVE-2017-12629)
- New test for RCE in Spring Security OAuth (CVE-2016-4977)
- New test for Apache mod_jk access control bypass (CVE-2018-11759)
- New test for Unauthenticated Stored XSS in WordPress Plugin WPML (CVE-2018-18069)
- New test for ACME mini_httpd (web server) arbitrary file read (CVE-2018-18778)
- New test for OSGi Management Console Default Credentials
- New test for Flex BlazeDS AMF Deserialization RCE (CVE-2017-5641)
- New test for common misconfigurations in ColdFusion
- New test for AMF Deserialization RCE in ColdFusion (CVE-2017-3066)
- New test for JNDI injection in ColdFusion (CVE-2018-15957)
- New test for unauthenticated File uploading in ColdFusion (CVE-2018-15961)
- New WordPress / WordPress plugin vulnerability checks
- Improved the injection of payloads and other improvements in the handling of JSON data
- Updated Chromium to fix Chromium vulnerability
- Improved web application detection
- Corrected LSR launch message for Linux installations
- Fixed Update License issue on Internet Explorer
- Fixed several memory leaks/scanner closing unexpectedly
- Fixed issue affecting the processing of some content types
- Some cookies were being added multiple times during the scan
- Some redirects were not being correctly handled
- Some requests generated by the scanner incorrectly contained two backslashes (‘//’)
- Fixed issue in the Backup Folders checks going out of scope
- Several minor fixes
Acunetix version 12 (Windows build 12.0.181203110, Linux build 12.0.181204095) has been released. This new build includes updates to DeepScan and Login Sequence Recorder (LSR). It also introduces support for Swagger and Kerberos HTTP Authentication in the Windows version and introduces support for NTLM HTTP Authentication in the Linux version. Also added a good number of new vulnerability checks, including a huge update increasing the detection of stored XSS, and vulnerability checks in major products such as Apache Tomcat, CouchDB, Apach ActiveMQ, Node.js, Oracle WebLogic, nginx, and others. The new build also includes a good number of updates and fixes.
Unless otherwise stated, the new features / checks, updates and fixes are available for both Windows and Linux.
- Deepscan has been updated to make use of Chromium (Windows only – already included in Linux)
- Login Sequence Recorder has been updated to make use of Chromium (Windows only – already included in Linux)
- Acunetix can now test APIs document using Swagger (Windows only – already included in Linux)
- Introduced support for NTLM HTTP Authentication on Linux release (already included on Windows)
- Introduced support for Kerberos HTTP Authentication (Windows only)
New vulnerability checks
- A huge update increasing the detection of Stored XSS
- New test for possible file creation using the HTTP PUT method
- New test for Apache Tomcat Remote Code Execution Vulnerability (CVE-2017-12615)
- New test for Ektron Content Management System (CMS) 9.20 SP2, remote re-enabling users (CVE-2018–12596)
- New test for httpoxy vulnerability
- New test checks if CouchDB REST API is publicly accessible
- New test checks if CouchDB is vulnerable to Remote Privilege Escalation resulting in Remote Code Execution (CVE-2017-12635)
- New test for Apache ActiveMQ default credentials
- New test for Node.js Path validation vulnerability (CVE-2017-14849)
- New test for GoAhead web server RCE via unsafe environment initialization of forked CGI scripts (CVE-2017-17562)
- New test for publicly accessible Hadoop YARN ResourceManager WebUI
- New test for jQuery-File-Upload <= v9.22.0 unauthenticated arbitrary file upload vulnerability
- New test looks for Google Firebase Databases URLs in the response and checks if the Firebase Databases are accessible without authentication
- New test for Oracle WebLogic Remote Code Execution vulnerability via T3 (CVE-2018-3245)
- New test for Oracle WebLogic Authentication Bypass vulnerability (CVE-2018-2894)
- New test checks if Jupyter Notebook is publicly accessible
- New test for Apache Log4j socket receiver deserialization vulnerability
- New test for NGINX range filter integer overflow (CVE-2017-7529)
- New test for Xdebug remote code execution via xdebug.remote_connect_back
- Numerous new checks for WordPress Core, WordPress plugins, Joomla Core and Drupal Core.
- Numerous memory management improvements
- Multiple updates to LSR and session detection improving scanning of restricted areas
- Improved speed of SQL Injection vulnerability checks
- Added mock geo-location support to support scanning sites that require geo-location
- Improved analysis of XML and JSON
- Fixed scanner crash when scan was resumed from paused state
- Fixed some issues in the handling of cookies
- Custom cookies were not always used
- Content-Type header was not always being sent. This affected the detection of some vulnerabilities
- Fixed a false positive in SSL weak key length vulnerability check
- Fixed issue in the Social Security Number and Credit Card number check
- Fixed issue with AcuSensor download on Linux release
- Fixed issue causing scans to be aborted when server returns an invalid charset
- Fixed a number of other issues causing the scanner to close unexpectedly
- Fixed a few security issues discovered internally
- Sensitive and Backup files were not being checked for in the site root
- Fixed issue with jquery version extractor
- Fixed 2 internally reported security issues
- Fixed issue with re-installation of Linux installations
15-Nov-2018 Acunetix for Linux
Acunetix official release of Acunetix for Linux
Acunetix is one of the first commercial, automated web vulnerability scanners to be released for Linux as well as Windows, offering customers the choice to scan for vulnerabilities using Acunetix on their preferred Operating System.
Linux has been known to be reliable, cost effective and secure, and is the server operating system of choice for many large organisations including Facebook, Twitter and Google.
Benefits of Running Acunetix on Linux
- Reliability and security: Linux is the operating system most often selected for servers that need close to 100% uptime. Using Linux increases the reliability needed for the thousands of operations required to scan a website.
- Cost-effectiveness: Acunetix customers can run the scanner in their own private cloud on either Amazon AWS, Digital Ocean or Google Cloud, for example.
- Performance: Linux requires less resources to run, resulting in extra resources to increase scanner performance.
Customer from now onward had the choice for whether to deploy in Windows or Linux.
15-Oct-2018 Acunetix version 12 (build 12.0.181012141) has been released. This new build reports sites that do not implement Content Security Policy (CSP) or Subresource Integrity (SRI) and detects Node.js source disclosure, Ghostscript RCE, SSRF in Paperclip and other vulnerabilities. This new build has a good number of updates and some important fixes. Below is a full list of updates.
New Vulnerability Checks
- New check for Content Security Policy (CSP) not implemented
- New check for Subresource Integrity (SRI not implemented
- New check for Node.js web application source code disclosure
- New check for Ghostscript RCE via file upload
- New check for Paperclip Server-Side Request Forgery (SSRF) via file upload (CVE-2017–0889)
- New check for WPEngine _wpeprivate/config.json information disclosure
- New check for Cross-site Scripting in HTTP-01 ACME challenge implementation
- New check for npm log file disclosure
- New check for PHP-CS-Fixer cache file disclosure
- Multiple new WordPress and Joomla vulnerability checks.
- License keys can now be updated via the Acunetix web UI
- Additional memory improvements
- Improved exclusion of parameters
- Multiple updates to existing vulnerability checks
- Improved CORS origin validation failure checks
- Improved Pickle Serialization check.
- Manual Intervention was not working after a paused scan is resumed
- Scans for some sites using Digest HTTP Authentication were stopping unexpectedly
- Additional fixes for issues causing scans exiting unexpectedly
- Fixed issue causing many product update requests when proxy authentication is incorrectly configured
- Fixed: Some backup files / folders were not being identified
- Fixed: Some vulnerabilities were incorrectly reported in the site root
- Fixed issue in similar page detection causing scans to take longer than expected
- Fixed issue causing valid sessions not to be identified correctly during the scan.
12-Sep-2018 Acunetix version 12 (build 12.0.180911134) has been released. This new build adds two new AcuMonitor checks, detection of Web Cache Poisoning, Apache Struts RCE, URL rewrite vulnerabilities and Drupal Core Open Redirect. This new build has a good number of updates and some important fixes. Below is a full list of updates.
New Vulnerability Checks
- Added detection for Apache Struts Remote Code Execution (S2-057) (CVE-2018-11776)
- Added detection for URL rewrite vulnerability due to legacy header support (CVE-2018-14773)
- Added detection for Web Cache Poisoning
- Added detection of HTTP (non-SSL) origin accessing HTTPS resource
- Added detection of Yii2 Framework’s development extensions
- Added detection for Cross-Origin Resource Sharing (CORS) origin validation failure
- Added detection for Drupal Core Open Redirect
- Added detection for Python pickle serialization
- New AcuMonitor Test – Detection of Reverse Proxy Misrouting (SSRF)
- New AcuMonitor Test – Detection of Attacks on Auxiliary Systems (SSRF)
- New vulnerability checks for multiple WordPress plugins and Joomla Core.
- Multiple updates to the SSL checks
- Various memory optimizations
- Less requests required to verify AcuMontior checks.
- Fixed bug in testing of cookie values
- Fixed memory issues, causing some scans to exit unexpectedly
- Fixed bug causing some scans to crash when paused and resumed
- Fixed issue causing some scans to be aborted immediately because of error status on initial response
- Fixed issue causing some locations to get omitted from site structure
- Multiple fixes to import file feature
- Fixed issue that caused DeepScan not to use all cookies
- Custom headers were added twice on redirect
- Fixed issue affecting some sites using SSO.
29-Aug-2018 Acunetix v12 release latest build update for existing customer and for new customer.
Acunetix v12 (build 12.0.180821106) has been released. This new build adds checks for vulnerabilities in Liferay, Apache Shiro, RichFaces, Telerik and Tomcat. The new build also includes a number of updates and fixes. Below is a full list of updates.
New vulnerability checks
- Detection of Liferay TunnelServlet Deserialization Remote Code Execution
- Detection of Liferay XMLRPC Blind SSRF
- Detection of older versions of Liferay
- Detection of publicly writable Amazon S3 Buckets
- Detection of Apache Shiro Deserialization RCE
- Detection of RichFaces EL Injection RCE
- Detection of Spring JSONP enabled by default in MappingJackson2JsonView (CVE-2018-11040)
- Detection of Spring Webflow SPEL RCE (CVE-2017-4971)
- Detection of Telerik Web UI Cryptographic Weakness
- Detection of Rails Sprockets Path Traversal Vulnerability (CVE-2018-3760)
- Detection of Tomcat path traversal via reverse proxy mapping
- New Vulnerability checks for WordPress and Drupal.
- Reduced the number of requests required for Web Application Detection
- Improved the JSON and the Generic document parser
- Improved handling of non-responsive sites.
- Fixed a few infrequent crashes
- Fixed Malware link checking vulnerability test
- Fixed issue causing scan to be aborted on redirect to different FQDN for login
- Fixed issue causing Scan Comparison reports to fail
- Fixed issue causing the scanner not to crawl certain HTTPs sites correctly when using proxy.
30-Jul-2018 Acunetix v12 release latest build update for existing customer and for new customer.
This new build adds detection for vulnerabilities in Cisco ASA, Apache Tomcat, Altassian Jira, Spring, JBoss and misconfigured nginx installations. The new build also includes HTTP Responses in the vulnerability alerts, and re-introduces manual intervention in the Login Sequence Recorder and a good number of additional updates and fixes.
Below is a full list of updates.
- HTTP responses is not shown for vulnerabilities detected (only affects new scans)
- Manual Intervention has been implemented in v12.
New Vulnerability checks
- Added detection of Java Object Deserialization vulnerabilities
- Added detection for Cisco ASA Path Traversal (CVE-2018-0296)
- Added tests for misconfigured nginx aliases that can lead to a path traversal
- Added detection of Spring Security Authentication Bypass Vulnerability (CVE-2016-5007)
- Added detection of weak/insecure permissions for Atlassian Jira REST interface
- Added detection of Apache Tomcat Information Disclosure (CVE-2017-12616)
- Added detection of Spring Data REST Remote Code Execution (CVE-2017-8046)
- Added detection of Insecure Odoo Web Database Manager
- Added detection of JBoss Remote Code Execution (CVE-2015-7501 and CVE-2017-7504)
- Added detection of WebSphere Remote Code Execution (CVE-2015-7450)
- Updated WordPress Plugin vulnerability detection.
- Password is no longer required when configuring client certificate for a Target
- Additional memory optimization
- Scanner will now report when the LSR cannot login
- Application Error Message vulnerability check updated to provide more details on the error
- Reports, XML exports and WAF exports now use a more meaningful filename
- Reports now show the status of a scan
- Scan debug logs now include imported files
- Increased maximum number of Issue Trackers that can be configured.
- Fixed multiple crashes while scanning
- Scanner will now re-authenticate when website invalidates authentication during scan (applies to HTTP authentication only)
- Scanner sometimes fails to decode LSR output, leading to an unauthenticated scan, now fixed
- Fixed many issues causing vulnerabilities to be undetected or to be detected incorrectly
- Two fixes affecting the setting of Cookies
- Fixed issue in RSS parsing
- Fields with certain characters in the name (such as $) were not being tested
- Some out of scope paths were still being crawled
- Fix in the Autologin
- Upon upgrade, user is asked to “Logout from Other Session”: Fixed
- Fixed Target and Vulnerabilities reports that were failing
- Fixed recurrent scans for Standard licenses that were being disabled
- Fixed some reports were generated without file extension.
25-Jun-2018 Acunetix v12 (build 12.0.180619111) has been released. This new build introduces new vulnerability checks for WordPress, Django, multiple Spring Framework and Atlassian products. Below is a full list of updates.
New Features and Vulnerability tests
- Spring Data Commons RCE via Spring Expression Language (SpEL) injection (CVE-2018-1273)
- Atlassian OAuth Plugin IconUriServlet SSRF, affecting multiple Atlassian products (CVE-2017-9506)
- WordPress REST API User Enumeration
- Django Debug Mode via DisallowedHost
- Tests for PHP-FPM (FastCGI Process Manager) Status Page
- Check for common test CGI scripts that are leaking environment variables
- Check Spring Boot Actuator information disclosure
- Check for RCE via Spring Boot WhiteLabel Error Page Spring Expression Language (SpEL)
- Atlassian Jira ManageFilters Information Disclosure
- Crash dump was sometimes not being created
14-Jun-2018 Acunetix v12 (build 12.0.180611183) has been released. This new build introduces new vulnerability checks for Oracle Weblogic, PHPUnit, Edge Side Include Injection and other vulnerabilities. The new build also includes a good number of updates and several important fixes. Acunetix Online has also been updated to reflect these updates. Below is a full list:
New Features and Vulnerability tests
- Introduced system to automatically avoid testing similar pages
- New check for Oracle Weblogic WLS-WSAT Component Deserialization RCE affecting versions 10.3.6.0.0, 188.8.131.52.0, 184.108.40.206.0 and 220.127.116.11.0 (CVE-2017-10271)
- New check for PHPUnit RCE affecting versions 4.8.28 and 5.x before 5.6.3 (CVE-2017-9841)
- New check for Edge Side Include Injection vulnerabilities
- New check for Dotenv (.env and variants) files
- New check for Joe Text Editor DEADJOE file
- New check for Symfony configuration file
- New check for Laravel (PHP framework) log files
- New check for publicly accessible backup directory in Drupal Backup Migrate.
- Updated timeout and retries for HTTP requests done by some vulnerability checks
- Updated Web Application Detection checks to make less HTTP requests resulting in faster scans
- Various minor updates to the UI
- Improved parsing of robots.txt
- Improved detection of default index files
- Acunetix now shows the number of licensed Targets in the License section of the UI.
- Some addresses were not parsed correctly, resulting in incorrect paths
- Some addresses were not detected, resulting in missing paths
- Some paths were being detected incorrectly
- Scanner crash when allowed hosts are used
- Scanner crash when parsing some pages
- Scanner hang when crawling caused by DeepScan
- No links parsed from pages without Content-Type header
- Some vulnerability checks duplicated the query values
- Sitemap was always being detected
- Fixed validation issues in Security Settings > Account Lockout > Lockout timeout
- License checks was failing for some installations.
Upgrade to the latest build
If you are already using Acunetix v12, you can initiate the automatic upgrade from the new build notification in the Acunetix UI > Settings page. If you have not yet installed or upgraded to Acunetix v12, you may download Acunetix version 12 from here. Use your current still valid Acunetix License Key to download and activate your product. Be note that for pre v12 customer upgrade to v12, you are need to follow v12 target licensing model. Your previous pre v12 unlimited licensing is discontinued and once upgrade you can not downgrade.
Feel free to contact E-SPIN for your context and requirement.