Loading...
Security Resources

Software Updates

TrustKeeper Scan Engine Update for February 06, 2019

New Vulnerability Test Highlights

Some of the more interesting vulnerability tests we added recently are as follows:

Apache

  • Apache HTTP Server HTTP/2 Connections Denial of Service Vulnerability (CVE-2018-17189)
  • Apache HTTP Server mod_session_cookie Session Expiry Time Vulnerability (CVE-2018-17199)
  • Apache HTTP Server mod_ssl OpenSSL Remote Denial of Service Vulnerability (CVE-2019-0190)
  • Apache Subversion mod_dav_svn Denial of Service Vulnerability (CVE-2018-11803)

Cisco

  • Cisco ASA Direct Memory Access Denial of Service Vulnerability (cisco-sa-20181003-asa-dma-dos, CSCvj89470) (CVE-2018-15383)
  • Cisco ASA IPsec VPN Denial of Service Vulnerability (cisco-sa-20181003-asa-ipsec-dos, CSCuy57310) (CVE-2018-15397)

Drupal

  • Drupal Core Arbitrary PHP Code Execution Vulnerability (SA-CORE-2019-002) (CVE-2019-6339)
  • Drupal Core Third Party Library Arbitrary File Deletion Vulnerability (SA-CORE-2019-001) (CVE-2018-1000888, CVE-2019-6338)

PhpMyAdmin

  • PhpMyAdmin Arbitrary File Read Vulnerability (PMASA-2019-1) (CVE-2019-6799)
  • PhpMyAdmin Designer feature SQL injection Vulnerability (PMASA-2019-2) (CVE-2019-6798)

Joomla

  • Joomla! Core com_config Stored Cross-Site Scripting Vulnerability (20190103) (CVE-2019-6263)
  • Joomla! Core com_contact Stored Cross-Site Scripting Vulnerability (20190102) (CVE-2019-6261)
  • Joomla! Core HelpButton.php Stored Cross-Site Scripting Vulnerability (20190104) (CVE-2019-6262)
  • Joomla! Core mod_banners Stored Cross-Site Scripting Vulnerability (20190101) (CVE-2019-6264)

MySQL

Oracle

WordPress

How to Update?

All Trustwave customers using the TrustKeeper Scan Engine receive the updates automatically as soon as an update is available. No action is required.