TrustKeeper Scan Engine Update - December 5, 2013

It's that time again for another TrustKeeper Scan Engine update. In this release you'll clearly see what we're thankful for, with 17 of the 23 new vulnerabilities coming from Cisco ASA and IOS.

One of those Cisco ASA vulnerabilities includes the detection logic for default credential checking on Cisco ASDM. In talking with some of our pentest breathren, it's been an item that's often overlooked by a lot of organizations for one reason or another, so it only made sense for us to include it in this release to help out. I also created a Metasploit Auxillary module for it earlier in the week to allow for more indepth testing for pentesters, which is now part of Metasploit Framework (special thanks to @sinner for his review).

As always, this release contains improvements to existing tests and their associate evidence to help aid in vulnerability remediation activities.

New Vulnerability Test Highlights

Some of the more interesting vulnerability tests we added recently are as follows:

Adobe

  • Adobe ColdFusion Known Hash Authentication Bypass (CVE-2010-5290)

Cisco

Nokia

  • Nokia IPSO Unspecified Denial of Service
  • Nokia IPSO Voyager HTTPDAccessLog.TCL Remote Script Execution

Oracle

WordPress

How to Update?

All Trustwave customers using the TrustKeeper Scan Engine receive the updates automatically as soon as an update is available. No action is required.

Trustwave reserves the right to review all comments in the discussion below. Please note that for security and other reasons, we may not approve comments containing links.