TrustKeeper Scan Engine Update for May 02, 2018

New Vulnerability Test Highlights

Some of the more interesting vulnerability tests we added recently are as follows:

Cisco

  • Cisco IOS Internet Key Exchange Version 1 Denial of Service Vulnerability (cisco-sa-20180328-ike-dos and CSCuj73916) (CVE-2018-0159)
  • Cisco IOS Login Enhancements Login Block Denial of Service Vulnerabilities (cisco-sa-20180328-slogin, CSCuy32360 and CSCuz60599) (CVE-2018-0179, CVE-2018-0180)
  • Cisco IOS Bidirectional Forwarding Detection Denial of Service Vulnerability (cisco-sa-20180328-bfd and CSCvc40729) (CVE-2018-0155)
  • Cisco IOS DHCP Version 4 Relay Denial of Service Vulnerability (cisco-sa-20180328-dhcpr3 and CSCuh91645) (CVE-2018-0174)
  • Cisco IOS DHCP Version 4 Relay Heap Overflow Denial of Service Vulnerability (cisco-sa-20180328-dhcpr1 and CSCvg62730) (CVE-2018-0172)
  • Cisco IOS DHCP Version 4 Relay Reply Denial of Service Vulnerability (cisco-sa-20180328-dhcpr2 and CSCvg62754) (CVE-2018-0173)
  • Cisco IOS Integrated Services Module for VPN Denial of Service Vulnerability (cisco-sa-20180328-dos and CSCvd39267) (CVE-2018-0154)
  • Cisco IOS Internet Key Exchange Memory Leak Vulnerability (cisco-sa-20180328-ike and CSCvf22394) (CVE-2018-0158)
  • Cisco IOS Link Layer Discovery Protocol Multiple Vulnerabilities (cisco-sa-20180328-lldp, CSCvd73664 and CSCvd73487) (CVE-2018-0175, CVE-2018-0167)
  • Cisco IOS Quality of Service Remote Code Execution Vulnerability (cisco-sa-20180328-qos and CSCvf73881) (CVE-2018-0151)
  • Cisco IOS Simple Network Management Protocol GET MIB Object ID Denial of Service Vulnerability (cisco-sa-20180328-snmp and CSCvd89541) (CVE-2018-0161)
  • Cisco IOS Smart Install Client Denial of Service Vulnerability (cisco-sa-20180328-smi and CSCvd40673) (CVE-2018-0156)

Drupal

  • Drupal Core CKEditor Cross Site Scripting Vulnerability (SA-CORE-2018-003)
  • Drupal Core Remote Code Execution Vulnerability (SA-CORE-2018-004)

SSL

  • CA Certificate Contains Nonstandard Basic Constraints and Key Usage Extensions
  • SSL-TLS Certificate Information
  • Use of Compromised SSL Certificate

Webmin

  • Webmin custom/run.cgi Cross-Site Scripting Vulnerability (CVE-2017-17089)

FreeBSD

  • FreeBSD ipsec Denial of Service Vulnerability (FreeBSD-SA-18:05.ipsec) (CVE-2018-6918)
  • FreeBSD kernel Speculative Execution Vulnerabilities (FreeBSD-SA-18:03) (CVE-2017-5754, CVE-2017-5715)
  • FreeBSD vt Console Memory Disclosure Vulnerability (FreeBSD-SA-18:04.vt) (CVE-2018-6917)

Microsoft

  • DNS Service running on Unsupported Microsoft Windows Version

OpenSSL

  • OpenSSL RSA Key Generation Cache Timing Vulnerability (SecAdv 20180416) (CVE-2018-0737)

Oracle

Samba

  • Samba File Access Outside Share Definition Vulnerability (CVE-2017-2619)

WordPress

  • Wordpress Versions prior to 4.9.5 Multiple Vulnerabilities (CVE-2018-10101)

How to Update?

All Trustwave customers using the TrustKeeper Scan Engine receive the updates automatically as soon as an update is available. No action is required.