TrustKeeper Scan Engine Update - March 7, 2013

Summary

Today's a big day. We're now in the final days of winter, here in Chicago. Two weeks from today spring will begin, all the snow will melt, and we'll all run outside to jump and play in the bright, warm sunshine.

More importantly, though, today marks the release of our latest update to the TrustKeeper scan engine. We've included coverage for more than 20 vulnerabilities, including several from Microsoft and several others for PHP. As usual, the update also includes several refinements to existing vulnerability tests.

New Vulnerability Test Highlights

Some of the more interesting vulnerability tests we added recently are as follows:

Microsoft
* Vulnerability in NFS Server Could Allow Denial of Service (MS13-014) (CVE-2013-1281)
* Vulnerability in TCP/IP Could Allow Denial of Service (MS13-018) (CVE-2013-0075)
* Vulnerability in OLE Automation Could Allow Remote Code Execution (MS13-020) (CVE-2013-1313)
* Vulnerabilities in Microsoft Exchange Server Could Allow Remote Code Execution (MS13-012) (CVE-2013-0393, CVE-2013-0418)
* Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (MS13-017) (CVE-2013-1278, CVE-2013-1279, CVE-2013-1280)
* Vulnerabilities in Windows Kernel-Mode Driver Could Allow Elevation of Privilege (MS13-016) (CVE-2013-1248 through CVE-2013-1277)
* Vulnerability in .NET Framework Could Allow Remote Code Execution (MS11-028) (CVE-2010-3958)
* Vulnerability in .NET Framework Could Allow Remote Code Execution (MS11-044) (CVE-2011-1271)
* Vulnerability in Windows Client/Server Run-time Subsystem (CSRSS) Could Allow Elevation of Privilege (MS13-019) (CVE-2013-0076)

Oracle
* Oracle MySQL January 2013 CPU (CVE-2012-0572, CVE-2012-0574, CVE-2012-0578, CVE-2012-1702, CVE-2012-1705, CVE-2012-5060, CVE-2012-5096, CVE-2012-5611, CVE-2012-5612, CVE-2013-0367, CVE-2013-0368, CVE-2013-0371, CVE-2013-0375, CVE-2013-0383, CVE-2013-0384, CVE-2013-0385, CVE-2013-0386, CVE-2013-0389)

PHP
* Multiple buffer overflows in libtidy extension for PHP (CVE-2007-3294)
* PHP imap_body() Local File Disclosure (CVE-2006-7204)
* PHP libc crypt Functions Vulnerable to Race Condition (CVE-2007-2844)
* PHP Memory Contents Information Leakage (CVE-2007-1883)
* PHP Null Byte Denial of Service in 'dba_replace' (CVE-2008-7068)
* PHP on Windows com_print_typeinfo() Function Denial of Service (CVE-2007-3790)
* PHP Predictable Initialization Vector in 'mcrypt_create_iv' (CVE-2007-2727)
* PHP Session Identifier Rejection Double Free Memory Corruption Vulnerability (CVE-2007-1522)
* PHP snmpget() Function Buffer Overflow (CVE-2007-1413)
* Zend Engine in PHP Nested Arrays Denial of Service (CVE-2007-1285)

WordPress
* Wordpress create_post() Function Access Restriction Bypass (CVE-2012-4421)

How to Update?

All Trustwave customers using the TrustKeeper Scan Engine receive the updates automatically as soon as an update is available. No action is required.

Trustwave reserves the right to review all comments in the discussion below. Please note that for security and other reasons, we may not approve comments containing links.