Trustkeeper Scan Engine Update - May 21, 2014

We're back to bring you a large Scan Engine update. We've packed this release with tons of new vulnerabilities as well as some huge improvements to our servce protocol discovery engine. Increased coverage and faster scans--what could be better?

New Vulnerability Test Highlights

Some of the more interesting vulnerability tests we added recently are as follows:

Apache

• Apache HTTP Server mod_dav Denial of Service Vulnerability (CVE-2013-6438)
• Apache HTTP Server mod_dav Denial of Service Vulnerability (CVE-2013-6438)
• Apache Tomcat Chunked Transfer Coding Denial of Service Vulnerability (CVE-2013-4322)
• Apache Tomcat disableURLRewriting Bypass Vulnerability (CVE-2014-0033)
• Apache Tomcat HTTP Header Parsing Vulnerability (CVE-2013-4286)
• Apache Tomcat Internals Information Disclosure Vulnerability (CVE-2014-4590)

Cisco

• Cisco ASA Clientless SSL VPN Rewriter Denial of Service Vulnerability (CSCui51199) (CVE-2013-5551)
• Cisco ASA CX Safe Search Policy Bypass Vulnerability (CSCui94622) (CVE-2013-5561)
• Cisco ASA IPv6 NAT Denial of Service Vulnerability (CSCue34342) (CVE-2013-5560)
• Cisco ASA Management Connections Denial of Service Vulnerability (CSCug33233) (CVE-2013-6707)
• Cisco ASA Phone Proxy Database Entry Manipulation Vulnerability (CSCui33299) (CVE-2013-6682)
• Cisco ASA RADIUS Change of Authorization Message Replay Vulnerability (CSCuj45332) (CVE-2014-0655)
• Cisco ASA VPN Denial of Service Vulnerability (CSCua91108) (CVE-2013-5544)
• Cisco ASA VPN Tunnel Privilege Escalation Vulnerability (CSCuf85295) (CVE-2013-1215)
• Cisco Catalyst Privilege Escalation Vulnerability (CVE-2013-5522)
• Cisco IOS 10 GigE Denial of Service Vulnerability (CSCug84789) (CVE-2014-2107)
• Cisco IOS and Cisco IOS XE Session Initiation Protocol DoS Vulnerability (CVE-2014-2106)
• Cisco IOS IPSec MTU Vulnerability (CSCul29918) (CVE-2013-6694)
• Cisco IOS IPSec Replay Vulnerability (CVE-2013-5548)
• Cisco IOS Malformed IKEv2 Packet Denial of Service (CSCui88426) (CVE-2014-2108)
• Cisco IOS Malformed IPv6 Packet Denial of Service (CSCui59540) (CVE-2014-2113)
• Cisco IOS Software High Priority Queue Denial of Service Vulnerability (CVE-2014-2131)
• Cisco IOS Software IKE Main Mode Vulnerability (CVE-2014-2143)
• Cisco IOS Software NAT DNS Vulnerability (CVE-2014-2111)
• Cisco IOS Software Sup2T Denial of Service Vulnerability (CVE-2014-2124)
• Cisco IOS Software TCP Input Vulnerability (CVE-2014-2109)
• Cisco IOS SSL VPN Denial of Service Vulnerability (CSCuf51357) (CVE-2014-2112)

FreeBSD

• FreeBSD Deadlock in NFS Server Vulnerability (FreeBSD-SA-14:05.nfsserver) (CVE-2014-1453)
• FreeBSD devfs Restriction Bypass Vulnerability (FreeBSD-SA-14:07.devfs) (CVE-2014-3001)
• FreeBSD SNMP Denial of Service Vulnerability (CVE-2014-1452)
• FreeBSD TCP Reassembly Vulnerability (FreeBSD-SA-14:08.tcp) (CVE-2014-3000)

Generic

• Potential Sensitive Credit Card Information Detected

ISC

• ISC Bind in FreeBSD DNSSEC NSEC-3 Denial of Service Vulnerability (CVE-2014-0591)
• ISC BIND NSEC3 Signing Feature Denial Of Service Vulnerability (CVE-2014-0591)

Jira

• JIRA Path traversal in Importers plugin (CVE-2014-2313)
• JIRA Path traversal in Issue Collector plugin (CVE-2014-2314)
• JIRA Web Interface Unspecified Remote Privilege Escalation

Juniper

• Juniper Netscreen Cross-Site Scripting vulnerability in Antivirus HTTP Engine
• Juniper Netscreen Default Credentials Discovered
• Juniper Netscreen ScreenOS Link State Advertisement Denial of Service (CVE-2013-7313, CVE-2013-0149)
• Juniper Netscreen ScreenOS Ping of Death Denial of Service (CVE-2013-6958)
• Juniper Netscreen ScreenOS SSL TLS Denial of Service (CVE-2014-2842)

Lighttpd

• Lighttpd Multiple Directory Traversal Vulnerabilities (CVE-2014-2324)

MySQL

• Lighttpd SQL Injection Vulnerability in mod_mysql_vhost.c (CVE-2014-2323)

OpenSSH

• nginx Heap Memory Buffer Overflow Vulnerability (CVE-2014-0133)
• Open Redirect Vulnerability
• OpenSSH schnorr.c hash_buffer Function Unspecified Memory Corruption Remote DoS (CVE-2014-1692)
• OpenSSH Wildcards on AcceptEnv Vulnerability (CVE-2014-2532)

OpenSSL

• OpenSSL Montgomery Ladder Side Channeling Vulnerability (CVE-2014-0076)

Oracle

• Oracle Database April 2014 Update Multiple Vulnerabilities (CVE-2014-2406, CVE-2014-2408)
• Oracle MySQL April 2014 Update Multiple Vulnerabilities (CVE-2014-0384, CVE-2014-2419, CVE-2014-2430, CVE-2014-2431, CVE-2014-2432, CVE-2014-2434, CVE-2014-2435, CVE-2014-2436, CVE-2014-2438, CVE-2014-2440, CVE-2014-2442, CVE-2014-2444, CVE-2014-2450, CVE-2014-2451)
• Oracle Solaris April 2014 Update Multiple Vulnerabilities (CVE-2014-0421, CVE-2014-0442, CVE-2014-0447)

PHP

• PHP gdImageCreateFromXpm() Crafted Color Table Denial of Service Vulnerability (CVE-2014-2497)
• PHP gdImageCreateFromXpm() Denial of Service Vulnerability (CVE-2013-7327)
• PHP gdImageCrop() Denial of Service Vulnerability (CVE-2013-7328)
• PHP gdImageCrop() Integer Underflow Vulnerability (CVE-2013-7226)
• PHP imagecrop() Heap Overflow Vulnerability (CVE-2014-2020)

PostgreSQL

• PostgreSQL 2014-02-20 Security Release (CVE-2014-0060, CVE-2014-0061, CVE-2014-0062, CVE-2014-0063, CVE-2014-0064, CVE-2014-0065, CVE-2014-0066)

Ruby on Rails

• Ruby on Rails Cross-Site Scripting Vulnerabilties in number_helper (CVE-2014-0081)
• Ruby on Rails Denial of Service Vulnerability in Action View (CVE-2014-0082)
• Ruby on Rails Directory Traversal in implicit-render Implementation (CVE-2014-0130)
• Ruby on Rails SQL Injection Vulnerability in Active Record cast (CVE-2014-0080)
• Ruby on Rails XSS Vulnerability in simple_format helper (CVE-2013-6416)

Samba

• Samba Access Bypass Vulnerability (CVE-2013-6442)
• Samba heap-based buffer overflow in dcerpc_read_ncacn_packet_done function (CVE-2013-4408)
• Samba Password Guessing Deficiency (CVE-2013-4496)

Webmin

• Webmin Cross-site Scripting Vulnerability in show.cgi (CVE-2014-0339)

How to Update?

All Trustwave customers using the TrustKeeper Scan Engine receive the updates automatically as soon as an update is available. No action is required.