Summary
The latest update to the TrustKeeper scan engine that powers our Trustwave Vulnerability Management product (including both internal and external vulnerability scanning) is now available. Enjoy!
New Vulnerability Test Highlights
- Coverage for 9 new vulnerabilities for ClamAV, cPanel, FreeBSD, VMware, MongoDB and OpenSSL.
- Coverage for Microsoft Windows August 2019 Patch Tuesday
Some of the more interesting vulnerability tests we added recently are as follows:
ClamAV
- ClamAV Non-Recursive Zip Bomb Resource Exhaustion Vulnerability
cPanel
- cPanel Multiple Vulnerabilities (TSR-2019-0001) (CVE-2019-14414, CVE-2019-14413, CVE-2019-14412, CVE-2019-14411, CVE-2019-14410, CVE-2019-14409, CVE-2019-14408, CVE-2019-14407)
- cPanel Multiple Vulnerabilities (TSR-2019-0002) (CVE-2019-14406, CVE-2019-14405, CVE-2019-14404, CVE-2019-14403, CVE-2019-14402, CVE-2019-14401, CVE-2019-14400, CVE-2019-14399)
FreeBSD
- FreeBSD bhyve Out-of-bounds Read Vulnerability (FreeBSD-SA-19:16.bhyve) (CVE-2019-5604)
MongoDB
- MongoDB Mongo Shell Function Overriding Vulnerability (SERVER-9131)
- MongoDB Server Arbitrary Code Execution Vulnerability (SERVER-9124) (CVE-2013-1892)
- MongoDB Server Buffer Over-Read Vulnerability (SERVER-7769) (CVE-2012-6619)
OpenSSL
- OpenSSL MinGW Insecure Default Configuration Path Vulnerability (CVE-2019-1552)
VMware
How to Update?
All Trustwave customers using the TrustKeeper Scan Engine receive the updates automatically as soon as an update is available. No action is required.