It's that time again for another TrustKeeper Scan Engine update. In this release you'll clearly see what we're thankful for, with 17 of the 23 new vulnerabilities coming from Cisco ASA and IOS.
One of those Cisco ASA vulnerabilities includes the detection logic for default credential checking on Cisco ASDM. In talking with some of our pentest breathren, it's been an item that's often overlooked by a lot of organizations for one reason or another, so it only made sense for us to include it in this release to help out. I also created a Metasploit Auxillary module for it earlier in the week to allow for more indepth testing for pentesters, which is now part of Metasploit Framework (special thanks to @sinner for his review).
As always, this release contains improvements to existing tests and their associate evidence to help aid in vulnerability remediation activities.
New Vulnerability Test Highlights
Some of the more interesting vulnerability tests we added recently are as follows:
- Adobe ColdFusion Known Hash Authentication Bypass (CVE-2010-5290)
- Nokia IPSO Unspecified Denial of Service
- Nokia IPSO Voyager HTTPDAccessLog.TCL Remote Script Execution
How to Update?
All Trustwave customers using the TrustKeeper Scan Engine receive the updates automatically as soon as an update is available. No action is required.