TrustKeeper Scan Engine Update for January 28, 2022

Summary

The latest update to the TrustKeeper scan engine that powers our Trustwave Vulnerability Management product (including both internal and external vulnerability scanning) is now available. Enjoy!

New Vulnerability Test Highlights

Some of the more interesting vulnerability tests we added recently are as follows:

Apache

• Apache HTTP ProxyRequests NULL Pointer Dereference Vulnerability (CVE-2021-44224)
• Apache HTTP Server ap_escape_quotes Buffer Overflow Vulnerability (CVE-2021-39275)
• Apache HTTP Server mod_lua Buffer Overflow Vulnerability (CVE-2021-44790)

Atlassian Jira

• Atlassian Jira File Replication Settings Broken Access Control Vulnerability (CVE-2021-41308)
• Atlassian Jira ImporterFinishedPage Cross-Site Scripting Vulnerability (CVE-2021-41304)
• Atlassian Jira Status Gadget (Average Number of Times) Insecure Direct Object Reference Vulnerability (CVE-2021-41305)
• Atlassian Jira Status Gadget (Average Time) Insecure Direct Object Reference Vulnerability (CVE-2021-41306)
• Atlassian Jira Workload Pie Chart Insecure Direct Object Reference Vulnerability (CVE-2021-41307)

CentOS

• CentOS Linux grafana security update (CESA-2022:0001) (CVE-2021-44716)
• CentOS Linux xorg-x11-server Security Update (CESA-2022:0003) (CVE-2021-4008, CVE-2021-4009, CVE-2021-4010, CVE-2021-4011)

Debian

• Debian apache2 Security Update (DSA-5035-1) (CVE-2021-44224, CVE-2021-44790)
• Debian ghostscript Security Update (DSA-5038-1) (CVE-2021-45944, CVE-2021-45949)
• Debian roundcube Security Update (DSA-5037-1) (CVE-2021-46144)
• Debian salt LTS Security Update (DLA-2480-2) (CVE-2020-16846, CVE-2020-28243, CVE-2021-25282, CVE-2021-25284, CVE-2021-3197)
• Debian sphinxsearch Security Update (DSA-5036-1) (CVE-2020-29050)
• Debian thunderbird LTS Security Update (DLA-2874-1) (CVE-2021-38496, CVE-2021-38500, CVE-2021-38502, CVE-2021-38503, CVE-2021-38504, CVE-2021-38506, CVE-2021-38507, CVE-2021-38508, CVE-2021-38509, CVE-2021-4126, CVE-2021-43528, CVE-2021-43529, CVE-2021-43534, CVE-2021-43535, CVE-2021-43536, CVE-2021-43537, CVE-2021-43538, CVE-2021-43539, CVE-2021-43541, CVE-2021-43542, CVE-2021-43543, CVE-2021-43545, CVE-2021-43546, CVE-2021-44538)
• Debian thunderbird Security Update (DSA-5034-1) (CVE-2021-38496, CVE-2021-38500, CVE-2021-38502, CVE-2021-38503, CVE-2021-38504, CVE-2021-38506, CVE-2021-38507, CVE-2021-38508, CVE-2021-38509, CVE-2021-4126, CVE-2021-43528, CVE-2021-43529, CVE-2021-43534, CVE-2021-43535, CVE-2021-43536, CVE-2021-43537, CVE-2021-43538, CVE-2021-43539, CVE-2021-43541, CVE-2021-43542, CVE-2021-43543, CVE-2021-43545, CVE-2021-43546, CVE-2021-44538)

Fedora

• Fedora chromium Security Update (FEDORA-2021-6a292e2cf4) (CVE-2021-37997, CVE-2021-37998, CVE-2021-37999, CVE-2021-38000, CVE-2021-38001, CVE-2021-38002, CVE-2021-38003, CVE-2021-38004, CVE-2021-38005, CVE-2021-38006, CVE-2021-38007, CVE-2021-38008, CVE-2021-38009, CVE-2021-38010, CVE-2021-38011, CVE-2021-38012, CVE-2021-38013, CVE-2021-38014, CVE-2021-38015, CVE-2021-38016, CVE-2021-38017, CVE-2021-38018, CVE-2021-38019, CVE-2021-38020, CVE-2021-38021, CVE-2021-38022, CVE-2021-4052, CVE-2021-4053, CVE-2021-4054, CVE-2021-4055, CVE-2021-4056, CVE-2021-4057, CVE-2021-4058, CVE-2021-4059, CVE-2021-4061, CVE-2021-4062, CVE-2021-4063, CVE-2021-4064, CVE-2021-4065, CVE-2021-4066, CVE-2021-4067, CVE-2021-4068, CVE-2021-4098, CVE-2021-4099, CVE-2021-4100, CVE-2021-4101, CVE-2021-4102)
• Fedora golang Security Update (FEDORA-2021-6fdc5ea304) (CVE-2021-44716, CVE-2021-44717)
• Fedora kernel Security Update (FEDORA-2021-c387682aa1) (CVE-2021-45469)
• Fedora libgda Security Update (FEDORA-2021-084f819da6) (CVE-2021-39359)
• Fedora log4j Security Update (FEDORA-2021-1bd9151bab) (CVE-2021-44832)
• Fedora log4j Security Update (FEDORA-2021-5c9d12a93e) (CVE-2021-44228, CVE-2021-45046)
• Fedora mingw-binutils Security Update (FEDORA-2021-f2c6802743) (CVE-2021-45078)
• Fedora Multiple Packages Security Update (FEDORA-2021-dd7960de3c) (CVE-2021-3982)
• Fedora toxcore Security Update (FEDORA-2021-8b746a32c5) (CVE-2021-44847)
• Fedora xorg-x11-server Security Update (FEDORA-2021-664a6554a1) (CVE-2021-4008, CVE-2021-4009, CVE-2021-4010, CVE-2021-4011)
• Fedora xorg-x11-server-Xwayland Security Update (FEDORA-2021-69e96c8f68) (CVE-2021-4008, CVE-2021-4009, CVE-2021-4010, CVE-2021-4011)

Pulse Connect Secure

• Pulse Connect Secure Dsagentd Denial of Service Vulnerability (CVE-2021-22965)

FreeBSD

• FreeBSD Mbed TLS Security Update (c1b2b492-6999-11ec-a50c-001cc0382b2f) (CVE-2021-44732)
• FreeBSD minio Security Update (a4ff3673-d742-4b83-8c2b-3ddafe732034) (CVE-2021-43858)
• FreeBSD opendmarc Security Update (937aa1d6-685e-11ec-a636-000c29061ce6) (CVE-2019-16378, CVE-2019-20790, CVE-2020-12272, CVE-2020-12460)
• FreeBSD opendmarc Security Update (ede832bf-6576-11ec-a636-000c29061ce6) (CVE-2021-34555)
• FreeBSD OpenSearch Security Update (b0f49cb9-6736-11ec-9eea-589cfc007716) (CVE-2021-45046)
• FreeBSD OpenSearch Security Update (d1be3d73-6737-11ec-9eea-589cfc007716) (CVE-2021-45105)
• FreeBSD Pillow Security Update (ed8a4215-675c-11ec-8dd4-a0f3c100ae18) (CVE-2021-23437)

MongoDB

• MongoDB applyOps Improper Input Validation Vulnerability (SERVER-36263) (CVE-2021-20330)
• MongoDB invariant Reachable Assertion Vulnerability (SERVER-59071) (CVE-2021-32037)

Red Hat (Credentialed Checks)

• Red Hat Enterprise Linux grafana security update (RHSA-2022:0001) (CVE-2021-44716)
• Red Hat Enterprise Linux kernel security and bug fix update (RHSA-2022:0063) (CVE-2020-25704, CVE-2020-36322, CVE-2021-42739)
• Red Hat Enterprise Linux openssl security update (RHSA-2022:0064) (CVE-2021-3712)
• Red Hat Enterprise Linux webkitgtk4 security update (RHSA-2022:0059) (CVE-2021-30858)
• Red Hat Enterprise Linux xorg-x11-server security update (RHSA-2022:0003) (CVE-2021-4008, CVE-2021-4009, CVE-2021-4010, CVE-2021-4011)

Ubuntu (Credentialed Checks)

• Ubuntu Apache HTTP Server vulnerabilities (USN-5212-1) (CVE-2021-44224, CVE-2021-44790)
• Ubuntu Django vulnerabilities (USN-5204-1) (CVE-2021-45115, CVE-2021-45116, CVE-2021-45452)
• Ubuntu Linux kernel (OEM) vulnerabilities (USN-5207-1) (CVE-2021-4001, CVE-2021-4002, CVE-2021-42739, CVE-2021-43267)
• Ubuntu Linux kernel (OEM) vulnerability (USN-5206-1) (CVE-2021-4002)
• Ubuntu Linux kernel vulnerabilities (USN-5208-1) (CVE-2021-20321, CVE-2021-3760, CVE-2021-4002, CVE-2021-41864, CVE-2021-43056, CVE-2021-43267, CVE-2021-43389)
• Ubuntu Linux kernel vulnerabilities (USN-5209-1) (CVE-2021-20317, CVE-2021-20321, CVE-2021-3760, CVE-2021-4002, CVE-2021-41864, CVE-2021-43389)
• Ubuntu Linux kernel vulnerabilities (USN-5210-1) (CVE-2020-26541, CVE-2021-20321, CVE-2021-3760, CVE-2021-4002, CVE-2021-41864, CVE-2021-43056, CVE-2021-43389)
• Ubuntu WebKitGTK vulnerabilities (USN-5213-1) (CVE-2021-30887, CVE-2021-30890)

How to Update?

All Trustwave customers using the TrustKeeper Scan Engine receive the updates automatically as soon as an update is available. No action is required.