Trustwave's 2024 Financial Services Threat Reports Highlight Alarming Trends in Insider Threats & Phishing-as-a-Service. Learn More
Get access to immediate incident response assistance.
Get access to immediate incident response assistance.
Trustwave's 2024 Financial Services Threat Reports Highlight Alarming Trends in Insider Threats & Phishing-as-a-Service. Learn More
This month's update for Database Security Knowledgebase is now available.
Knowledgebase version 5.01 includes new checks for MySQL, Oracle, and SAP (Sybase) ASE and updated checks for MySQL and SAP (Sybase) ASE.
MySQL
Critical Patch Update - April 2016
Check version to determine if the database contains vulnerabilities described by Critical Patch Update - April 2016.
Risk: High
Relevant CVEs: CVE-2015-3194, CVE-2016-0639, CVE-2016-0640, CVE-2016-0641, CVE-2016-0642, CVE-2016-0643, CVE-2016-0644, CVE-2016-0646, CVE-2016-0647, CVE-2016-0648, CVE-2016-0649, CVE-2016-0650, CVE-2016-0651, CVE-2016-0652, CVE-2016-0653, CVE-2016-0654, CVE-2016-0655, CVE-2016-0656, CVE-2016-0657, CVE-2016-0658, CVE-2016-0659, CVE-2016-0661, CVE-2016-0662, CVE-2016-0663, CVE-2016-0665, CVE-2016-0666, CVE-2016-0667, CVE-2016-0668, CVE-2016-0705, CVE-2016-2047, CVE-2016-3461
Oracle
Critical Patch Update/Patch Set Update - April 2016
Check version to determine if the database contains vulnerabilities described by Critical Patch Update/Patch Set Update - April 2016.
Risk: High
Relevant CVEs: CVE-2016-0677, CVE-2016-0681, CVE-2016-0690, CVE-2016-0691, CVE-2016-3454
SAP (Sybase) ASE
CREATE/ALTER DATABASE DSAM support SQL injection
Verify that the database is not vulnerable to the DSAM support SQL injection.
Risk: High
Relevant CVEs: CVE-2016-4013
MySQL
Latest release not installed
Updated to Support 5.5.49 and 5.6.30
Risk: High
Relevant CVEs: N/A
Release update not installed on time
Release update not installed on time
Updated to Support 5.5.49 and 5.6.30
Risk: High
Relevant CVEs: N/A
SAP (Sybase) ASE
Latest patch not applied
Updated to Support ASE 16.0 SP02 PL03
Risk: High
Relevant CVEs: N/A
Patch not applied on time
Updated to Support ASE 16.0 SP02 PL03
Risk: High
Relevant CVEs: N/A
Available to all AppDetectivePRO and DbProtect customers with maintenance (subscription or perpetual)in good standing at no additional cost
AppDetectivePRO customers can use the Updater within the product as well.
Trustwave is a globally recognized cybersecurity leader that reduces cyber risk and fortifies organizations against disruptive and damaging cyber threats. Our comprehensive offensive and defensive cybersecurity portfolio detects what others cannot, responds with greater speed and effectiveness, optimizes client investment, and improves security resilience. Learn more about us.
Copyright © 2024 Trustwave Holdings, Inc. All rights reserved.