TrustKeeper Scan Engine Update – November 24, 2014

The latest update to the TrustKeeper scan engine that powers our Trustwave Vulnerability Management product (including both internal and external vulnerability scanning) is now available. Highlights of this release include three new checks for vulnerabilities in Apache.

New Vulnerability Test Highlights

Apache

  • Apache mod_jk URI Handler Remote Code Execution Vulnerability (CVE-2007-0774)
  • Apache Tomcat AJP Connector Information Disclosure Vulnerability (CVE-2005-3164)
  • Apache Tomcat Javadoc Frame Injection Vulnerability (CVE-2013-1571)

How to Update?

All Trustwave customers using the TrustKeeper scan engine receive the updates automatically as soon as an update is available. No action is required.

Trustwave reserves the right to review all comments in the discussion below. Please note that for security and other reasons, we may not approve comments containing links.