TrustKeeper Scan Engine Update – January 20, 2015

The latest update to the TrustKeeper scan engine that powers our Trustwave Vulnerability Management product (including both internal and external vulnerability scanning) is now available. Highlights of the release include new checks for 20 vulnerabilities

New Vulnerability Test Highlights

AllegroSoft

AllegroSoft RomPager Misfortune Cookie Vulnerability (CVE-2014-9222, CVE-2014-9223)

Cisco

Cisco IOS ISR Entropy Collection Denial of Service (CSCul77897, CVE-2014-3347)

Cisco IOS Metadata Vulnerability (CSCug75942, CVE-2014-3355)

Cisco IOS Multicast Domain Name System Vulnerabilities (cisco-sa-20140924-mdns, CVE-2014-3357, CVE-2014-3358)

Cisco IOS Multicast Virtual Private Network Data Leak (cisco-sa-20080326-mvpn, CVE-2008-1156)

Cisco IOS Network Address Translation Vulnerability (CSCun54071, CVE-2014-3361)

Cisco IOS RSVP Vulnerability (CSCui11547, CVE-2014-3354)

Juniper

Juniper NetScreen ScreenOS DNS Lookup Denial of Service (CVE-2014-3813)

Juniper NetScreen ScreenOS Malformed IPv6 Packets Denial of Service (CVE-2014-3814)

OpenSSL

OpenSSL Bignum squaring may produce incorrect results (CVE-2014-3570)

OpenSSL Certificate fingerprints can be modified (CVE-2014-8275)

OpenSSL DH client certificates accepted without verification (CVE-2015-0205)

OpenSSL DTLS memory leak in dtls1_buffer_record (CVE-2015-0206)

OpenSSL DTLS segmentation fault in dtls1_get_record (CVE-2014-3571)

OpenSSL MiTM Vulnerability in ssl23_get_client_hello function (CVE-2014-3511)

OpenSSL no-ssl3 configuration sets method to NULL (CVE-2014-3569)

phpMyAdmin

phpMyAdmin Multiple Cross-site Scripting Vulnerabilities in ENUM value (CVE-2014-7217)

Zimbra

Zimbra Local File Include Vulnerability (CVE-2013-7091)

How to Update?

All Trustwave customers using the TrustKeeper scan engine receive the updates automatically as soon as an update is available. No action is required.

Trustwave reserves the right to review all comments in the discussion below. Please note that for security and other reasons, we may not approve comments containing links.