TrustKeeper Scan Engine Update – November 5, 2014

The latest update to the TrustKeeper scan engine that powers our Trustwave Vulnerability Management product (including both internal and external vulnerability scanning) is now available. The update includes 21 new checks providing coverage for more than 70 vulnerabilities.

New Vulnerability Test Highlights

Cisco

  • Cisco ASA Software Version Information Disclosure Vulnerability (CSCuq65542) (CVE-2014-3398)

FreeBSD

  • FreeBSD IP Multicast Integer Overflow (FreeBSD-SA-13:09.ip_multicast) (CVE-2013-3077)
  • FreeBSD Kernel Memory Disclosure in sctp (CVE-2013-5209)
  • FreeBSD Network ioctl Insufficient Credential Check Vulnerability (CVE-2013-5691)
  • FreeBSD NFS Server File Permission Bypass (FreeBSD-SA-13:08.nfsserver) (CVE-2013-4851)
  • FreeBSD sendfile Kernel Memory Disclosure Vulnerability (CVE-2013-5666)
  • ISC BIND in FreeBSD malformed rdata Denial of Service Vulnerability (FreeBSD-SA-13:07.bind) (CVE-2013-4854)

Oracle

PHP

PostgreSQL

  • PostgreSQL bitsubstr denial of service (CVE-2010-0442)
  • PostgreSQL crafted SET ROLE privilege escalation (CVE-2006-0553)
  • PostgreSQL doubly-nested state regular expression denial of service (CVE-2007-6067)
  • PostgreSQL intagg module denial of service (CVE-2005-0246)
  • PostgreSQL multiple buffer overflows in gram.y (CVE-2005-0247)
  • PostgreSQL on Windows postmaster denial of service (CVE-2006-0105)
  • PostgreSQL public EXECUTE denial of service (CVE-2005-1409)
  • PostgreSQL TCL regular expression denial of service (CVE-2007-4772)
  • PostgreSQL tsearch2 module internal argument denial of service (CVE-2005-1410)

Java

How to Update?

All Trustwave customers using the TrustKeeper scan engine receive the updates automatically as soon as an update is available. No action is required.

Trustwave reserves the right to review all comments in the discussion below. Please note that for security and other reasons, we may not approve comments containing links.