TrustKeeper Scan Engine Update - April 3, 2014

Summary

The latest update to the TrustKeeper Scan Engine is now available. It adds detection for a dozen vulnerabilities, including several affecting Cisco ASA and IOS devices. We also added detection for more than a dozen common web backdoors. These are often installed by attackers after compromising a website, and they allow the attacker to more easily gain further access to the server they are installed on.

New Vulnerability Test Highlights

Some of the more interesting vulnerability tests we added recently are as follows:

Cisco

• Cisco ASA Authentication State Vulnerability (CSCuj45340) (CVE-2014-0653)
• Cisco ASA Auto-Update Denial of Service Vulnerability (CSCui33308) (CVE-2013-5568)
• Cisco IOS Access Restriction Bypass (CVE-2013-5552)
• Cisco IOS MLDP Denial of Service Vulnerability (CSCue22345) (CVE-2013-6693)
• Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerability (cisco-sa-20131106-sip) (CVE-2013-5553)
• Cisco IOS SSL VPN Denial of Service Vulnerability (CVE-2013-6686)

Lighttpd

• Lighttpd Unauthorized Access Vulnerability (CVE-2013-1427)

WordPress

• Wordpress Retrospam CSRF Vulnerability (CVE-2013-7233)

How to Update?

All Trustwave customers using the TrustKeeper Scan Engine receive the updates automatically as soon as an update is available. No action is required.