TrustKeeper Scan Engine Update – August 13, 2014

Summary

The latest update to the TrustKeeper Scan Engine is now available. Highlights of this release include coverage for four new vulnerabilities and improved version comparison for FreeBSD.

New Vulnerability Test Highlights

Some of the more interesting vulnerability tests we added recently are as follows:

FreeBSD

  • FreeBSD Kernel Memory Disclosure Vulnerability (FreeBSD-SA-14:17.kmem) (CVE-2014-3952, CVE-2014-3953)
  • FreeBSD NFS READDIR Vulnerability (FreeBSD-SA-13:05.nfsserver) (CVE-2013-3266)
  • FreeBSD mountd Netmask Miscalculation Vulnerability (FreeBSD-SA-11:01.mountd) (CVE-2011-1739)
  • FreeBSD FTP Cross-Site Request Forgery Vulnerability (FreeBSD-SA-08:12.ftpd) (CVE-2008-4247)

How to Update?

All Trustwave customers using the TrustKeeper Scan Engine receive the updates automatically as soon as an update is available. No action is required.

Trustwave reserves the right to review all comments in the discussion below. Please note that for security and other reasons, we may not approve comments containing links.