TrustKeeper Scan Engine Update - July 1, 2014

Summary

The latest update to the TrustKeeper Scan Engine is now available. It adds detection for more than a dozen vulnerabilities, including several recently patched vulnerabilities in ISC BIND, OpenSSL and PHP.

New Vulnerability Test Highlights

Some of the more interesting vulnerability tests we added recently are as follows:

ISC

  • ISC BIND Prefetch Defect Denial Of Service Vulnerability (CVE-2014-3214)
  • ISC BIND Denial of Service Vulnerability via EDNS Printing Processing (CVE-2014-3859)

OpenSSL

  • OpenSSL Anonymous ECDH Denial of Service Vulnerability (CVE-2014-3470)
  • OpenSSL ChangeCipherSpec Man in the Middle Vulnerability (CVE-2014-0224)
  • OpenSSL do_ssl3_write Denial of Service Vulnerability (CVE-2014-0198)
  • OpenSSL DTLS Invalid Fragment Vulnerability (CVE-2014-0195)
  • OpenSSL DTLS Recursion Denial of Service Vulnerability (CVE-2014-0221)

Other

PHP

  • PHP cdf_read_property_info Denial of Service Vulnerability (CVE-2014-0238)
  • PHP cdf_unpack_summary_info Denial of Service Vulnerability (CVE-2014-0237)

Samba

  • Samba Uninitialized Memory Exposure Vulnerability (CVE-2014-0178)

How to Update?

All Trustwave customers using the TrustKeeper Scan Engine receive the updates automatically as soon as an update is available. No action is required.

Trustwave reserves the right to review all comments in the discussion below. Please note that for security and other reasons, we may not approve comments containing links.