Summary
We're bringing you another TrustKeeper Scan Engine update with a bunch of new checks for vulnerabilities so that you can continue to enjoy your summer.
New Vulnerability Test Highlights
Some of the more interesting vulnerability tests we added recently are as follows:
- Discovered HTTP Methods
- Generic Shell Backdoor Detected
- Weak SSH Encryption Algorithms Supported
- Weak SSH Hashing Algorithms Supported
- Weak SSH Key Exchange Algorithms Supported
- WebDAV Detected
- Webmin Race Condition Vulnerability through the Read Mail module (CVE-2015-1377)
- Unencrypted Communication Channel Accessibility
- Database Accessibility
- Database Accessibility
- NetBIOS Accessibility
- Unix R-Services Accessibility
- Unix R-Services Accessibility
- Unix Utility Services Accessibility
- Unix Utility Services Accessibility
- Windows DCE Service Accessibility
- Unix/Linux RPC Service Accessibility
- Windows Networking Services Accessibility
- Remote Access Service Detected
ISC
- A crafted dns query could cause a Denial of Service in ISC BIND 9 with DNSSEC and recursion enabled. (CVE-2015-4620)
Microsoft
OpenSSL
- OpenSSL Alternative Chains Certificate Forgery Vulnerability (CVE-2015-1793)
Oracle
- Oracle Fusion Middleware July 2015 CPU (CVE-2013-2186, CVE-2014-1568, CVE-2014-3566, CVE-2014-3567, CVE-2014-3571, CVE-2014-7809, CVE-2015-0286, CVE-2015-0443, CVE-2015-0444, CVE-2015-0445, CVE-2015-0446, CVE-2015-1926, CVE-2015-2593, CVE-2015-2598, CVE-2015-2623, CVE-2015-2634, CVE-2015-2635, CVE-2015-2636, CVE-2015-2658, CVE-2015-4742, CVE-2015-4744, CVE-2015-4747, CVE-2015-4751, CVE-2015-4758, CVE-2015-4759)
How to Update?
All Trustwave customers using the TrustKeeper Scan Engine receive the updates automatically as soon as an update is available. No action is required.