TrustKeeper Scan Engine Update for July 23, 2019

Summary

The latest update to the TrustKeeper scan engine that powers our Trustwave Vulnerability Management product (including both internal and external vulnerability scanning) is now available. Enjoy!

New Vulnerability Test Highlights

Some of the more interesting vulnerability tests we added recently are as follows:

Cisco

• Cisco ASA and Cisco Firepower Threat Defense Software MOBIKE Denial of Service Vulnerability (cisco-sa-20190501-asa-ftd-ike-dos) (CVE-2019-1708)
• Cisco ASA Cross-Site Request Forgery Vulnerability (cisco-sa-20190501-asa-csrf) (CVE-2019-1713)
• Cisco ASA IPsec Denial of Service Vulnerability (cisco-sa-20190501-asa-ipsec-dos) (CVE-2019-1706)
• Cisco ASA Low-Entropy Keys Vulnerability (cisco-sa-20190501-asa-ftd-entropy) (CVE-2019-1715)
• Cisco ASA VPN SAML Authentication Bypass Vulnerability (cisco-sa-20190501-asaftd-saml-vpn) (CVE-2019-1714)
• Cisco ASA WebVPN Cross-Site Scripting Vulnerability (cisco-sa-20180418-asawvpn) (CVE-2018-0242)

Atlassian

• Atlassian JIRA - Epic Name Ordering Denial of Service Vulnerability (CVE-2019-11583)
• Atlassian JIRA - Server-Side Template Injection Vulnerability (CVE-2019-11581)

VMWare

• Missing VMware ESXi Patch (VMSA-2019-0011) (CVE-2019-5528)

FreeBSD

• FreeBSD iconv Buffer Overflow Vulnerability (FreeBSD-SA-19:09.iconv) (CVE-2019-5600)
• FreeBSD Kernel CD Driver Privilege Escalation Vulnerability (FreeBSD-SA-19:11.cd_ioctl) (CVE-2019-5602)
• FreeBSD Kernel UFS/FFS Stack Disclosure Vulnerability (FreeBSD-SA-19:10.ufs) (CVE-2019-5601)

Microsoft

• Microsoft Exchange Information Disclosure Vulnerability (2019-Jul) (CVE-2019-1084)
• Microsoft Exchange Server 2019 Unsupported Cumulative Update
• Microsoft Exchange Server Elevation of Privilege Vulnerability (2019-Jul) (CVE-2019-1136)
• Microsoft Exchange Server Spoofing Vulnerability (2019-Jul) (CVE-2019-1137)
• Microsoft SQL Server Remote Code Execution Vulnerability (2019-Jul) (CVE-2019-1068)

MySQL

• MySQL Critical Patch Update - July 2019 (CVE-2019-2731, CVE-2019-2730, CVE-2019-2879, CVE-2019-2834, CVE-2019-2830, CVE-2019-2826, CVE-2019-2822, CVE-2019-2819, CVE-2019-2815, CVE-2019-2814, CVE-2019-2812, CVE-2019-2811, CVE-2019-2810, CVE-2019-2808, CVE-2019-2805, CVE-2019-2803, CVE-2019-2802, CVE-2019-2801, CVE-2019-2800, CVE-2019-2797, CVE-2019-2796, CVE-2019-2795, CVE-2019-2791, CVE-2019-2789, CVE-2019-2785, CVE-2019-2784, CVE-2019-2780, CVE-2019-2778, CVE-2019-2774, CVE-2019-2758, CVE-2019-2757, CVE-2019-2752, CVE-2019-2741, CVE-2019-2740, CVE-2019-2739, CVE-2019-2738, CVE-2019-2737, CVE-2019-3822, CVE-2019-2798, CVE-2019-2755, CVE-2019-2747, CVE-2019-2746, CVE-2019-2743)

Oracle

• Oracle Database CPU July 2019 Advisory (CVE-2019-2799, CVE-2019-2776, CVE-2019-2753, CVE-2018-15769, CVE-2018-11057, CVE-2018-11056, CVE-2018-11055, CVE-2018-11054, CVE-2016-9572, CVE-2016-8610, CVE-2016-6306, CVE-2016-2183, CVE-2016-0701, CVE-2018-11058, CVE-2019-2749, CVE-2019-2569)
• Oracle Enterprise Manager CPU July 2019 (CVE-2018-11775, CVE-2018-8039, CVE-2019-0222, CVE-2019-1559)
• Oracle Weblogic Server - Web Services XMLDecoder Deserialization Remote Code Execution Vulnerability (CVE-2019-2729)

Squid

• Squid cachemgr.cgi Cross Site Scripting Vulnerability (CVE-2019-13345)
• Squid HTTP Basic Authentication Denial of Service Vulnerability (SQUID-2019:2) (CVE-2019-12529)

How to Update?

All Trustwave customers using the TrustKeeper Scan Engine receive the updates automatically as soon as an update is available. No action is required.