TrustKeeper Scan Engine Update for July 04, 2018

Summary

The latest update to the TrustKeeper scan engine that powers our Trustwave Vulnerability Management product (including both internal and external vulnerability scanning) is now available. Enjoy!

New Vulnerability Test Highlights

Some of the more interesting vulnerability tests we added recently are as follows:

Cisco

• Cisco ASA Clientless SSL VPN Cross-Site Scripting Vulnerability (CSCvh20742) ( CVE-2018-0251)

ClamAV

• ClamAV clamscan/manager.c Denial of Service Vulnerability ( CVE-2013-6497)
• ClamAV cli_scanpe function (in pe.c) Inappropriate Heap Read Vulnerability ( CVE-2013-2020)
• ClamAV cli_scanpe Function (in pe.c) Remote Code Execution Vulnerability ( CVE-2014-9050)
• ClamAV cli_untar Function (in untar.c) Insufficient TAR Validation Vulnerability ( CVE-2012-1457)
• ClamAV cli_untar Function (in untar.c) TAR File Length Field Vulnerability ( CVE-2012-1459)
• ClamAV Encrypted PDF Out-of-Bounds Read Vulnerability ( CVE-2013-2021)
• ClamAV lzx_decompress Function (in mspack.c) Insufficient CHM Validation Vulnerability ( CVE-2012-1458)
• ClamAV messageAddArgument Function (in message.c) Out-of-Bounds Read Vulnerability ( CVE-2017-6418)
• ClamAV Multiple 7z-Packed Executable Parser Vulnerabilities ( CVE-2016-1372)
• ClamAV Multiple MEW-Packed Executable Parser Vulnerabilities ( CVE-2016-1371)
• ClamAV pefromupx Function (in upx.c) Integer Overflow Vulnerability ( CVE-2015-1462)
• ClamAV Petite File Unpacker Vulnerability ( CVE-2015-1463)
• ClamAV TAR File '[aliases]' Byte Prefix Vulnerability ( CVE-2012-1419)
• ClamAV unupack Function (in upack.c) Out-of-Bounds Read Vulnerability ( CVE-2014-9328)
• ClamAV UPX Executable Parser Integer Overflow Vulnerability ( CVE-2015-2170)
• ClamAV wwunpack Function (in wwunpack.c) Use-After-Free Vulnerability ( CVE-2017-6420)
• ClamAV Y0da Cryptor and Mew File Unpacker Vulnerabilities ( CVE-2015-1461)

ISC

• ISC BIND serve-stale Implementation Assertion Failure Denial of Service (AA-01606) ( CVE-2018-5737)
• ISC BIND Unauthorized Clients Permitted to Perform Recursive Queries (AA-01616) ( CVE-2018-5738)
• ISC BIND Zone Reference Count Denial of Service Vulnerability (AA-01602) ( CVE-2018-5736)

phpMyAdmin

• phpMyAdmin sql.php Cross-Site Request Forgery Vulnerability PMASA-2018-2 ( CVE-2018-10188)

Postfix

• Postfix DB_CONFIG Privilege Escalation Vulnerability ( CVE-2017-10140)

Ruby

• Ruby Dir class Directory Traversal Vulnerability ( CVE-2018-8780)
• Ruby Dir.mktmpdir Unintentional Directory Creation Vulnerability ( CVE-2018-6914)
• Ruby String#unpack Buffer Under-read Vulnerability ( CVE-2018-8778)
• Ruby UNIXServer and UNIXServer Unintentional Socket Creation Vulnerability ( CVE-2018-8779)
• Ruby WEBrick Denial of Service Vulnerability ( CVE-2018-8777)
• Ruby WEBrick HTTP Response Splitting Vulnerability ( CVE-2017-17742)

How to Update?

All Trustwave customers using the TrustKeeper Scan Engine receive the updates automatically as soon as an update is available. No action is required.