New build facilitates scanning restricted areas and sites which use Swagger and SOAP

Acunetix version 12 (build 12.0.190206130 – Windows and Linux) has been released. This new build makes it easier to record Login Sequences which can be used to scan restricted areas, and provides support to provide Swagger and WSDL as import files to be used by the scanner. The new build includes a good number of vulnerabilities checks for Web Backdoors, Stack trace Disclosure in a number of products, vulnerabilities in Oracle Reports, Docker, Jenkins server and Adobe Experience Manager. The new vulnerability checks, updates and fixes are available for both Windows and Linux.

New Features

  • New Integrated Login Sequence Recorder – Login Sequences can be recorded directly from the Acunetix UI
  • Swagger (JSON and YAML) and WSDL can be used as import files

New Vulnerability checks

  • New checks for a number of Web Backdoors
  • New checks for elmah.axd information disclosure
  • New test for Stack Trace Disclosure in Django
  • New test for Stack Trace Disclosure in ASP.NET
  • New test for Stack Trace Disclosure in ColdFusion
  • New test for Stack Trace Disclosure in Python
  • New test for Stack Trace Disclosure in Ruby
  • New test for Stack Trace Disclosure in Tomcat
  • New test for Stack Trace Disclosure in Grails
  • New test for Stack Trace Disclosure in Apache MyFaces
  • New test for Stack Trace Disclosure in Java
  • New test for Stack Trace Disclosure in GWT
  • New test for Stack Trace Disclosure in Laravel
  • New test for Stack Trace Disclosure in Rails
  • New test for Stack Trace Disclosure in CakePHP
  • New test for Stack Trace Disclosure in CherryPy
  • New Directory Listing vulnerability checks
  • New Error Message vulnerability checks
  • New test for Oracle Reports RWServlet showenv
  • New test for Docker Engine API publicly accessible
  • New test for Docker Registry API publicly accessible
  • New test for Jenkins server user enumeration
  • New test for Jenkins server weak credentials
  • Added the following new tests for Adobe Experience Manager
    • Day CQ WCM Debug Filter enabled
    • LoginStatusServlet exposed (allows to bruteforce credentials)
    • Bruteforce a set of default AEM credentials if LoginStatusServlet is exposed
    • QueryBuilderFeedServlet public accessible, sensitive information might be exposed
    • Implemented tests for a bunch of SWF files that are exposed by AEM code that are vulnerable to Reflected XSS
    • Test if the AEM Groovy Console is publicly accessible. Permits RCE
    • Added a test for exposed AEM ACS Tools (a set of tools for AEM developers) – RCE is possible
    • Test if GQLServlet is publicly accessible. Sensitive information could be exposed
    • Test if Adobe Experience Manager AuditLogServlet is publicly accessible. Audit log records could be exposed
    • Test for Server Side Request Forgery (SSRF) via SalesforceSecretServlet (CVE-2018-5006)
    • Test for Server Side Request Forgery (SSRF) via ReportingServicesServlet
    • Test for Server Side Request Forgery (SSRF) via SiteCatalystServlet was detected

Updates

  • Improved the scanning of sites using SOAP
  • Improved parsing of paths
  • TXT import now takes precedence over excluded paths
  • Improved the adherence of the scan scope
  • Improved the detection of the version of WordPress plugins
  • Improved the automatic session pattern detection in the LSR
  • LocalStorage / SessionStorage is retained between LSR and Deepscan Sessions

Fixes

  • Fixed: Scan scope was not always respected
  • Technology detected during the scan was not being reported
  • Fixed several scanner unexpected termination issues
  • Fixed issue causing large PDF reports not to be generated
  • Fixed: AcuSensor file data is better filtered by scanner.


*** This is a Security Bloggers Network syndicated blog from Web Security Blog – Acunetix authored by Nicholas Sciberras. Read the original post at: http://feedproxy.google.com/~r/acunetixwebapplicationsecurityblog/~3/G3mpm5jEaj4/