Loading...
Security Resources

Software Updates

TrustKeeper Scan Engine Update for June 20, 2018

New Vulnerability Test Highlights

Some of the more interesting vulnerability tests we added recently are as follows:

Cisco

  • Cisco ASA TLS Denial of Service Vulnerability (cisco-sa-20180418-asa3 and CSCve18902) ( CVE-2018-0231)

cPanel

  • cPanel Multiple Vulnerabilities (TSR-2018-0003)

phpBB

  • phpBB includes/startup.php Cross-Site Scripting Vulnerability ( CVE-2015-1431)
  • phpBB message_options function Cross-Site Request Forgery Vulnerability ( CVE-2015-1432)
  • phpBB redirect function Open Redirect Vulnerability ( CVE-2015-3880)

Webmin

  • Webmin syslog/save_log.cgi Unrestricted Access to Arbitrary Files Vulnerability ( CVE-2018-8712)

PostgreSQL

  • PostgreSQL function pg_logfile_rotate Improper Access Control Vulnerability (2018-05-10 Security Update) ( CVE-2018-1115)

Miscellaneous

  • Remote Registry Accessible (Internal Scan)
  • SMB Null Sessions Supported (Internal Scan)
  • SSL Certificate is Not Trusted (Internal Scan)

FreeBSD

  • FreeBSD Kernel Local Privilege Escalation Vulnerability via Mishandling of Debug Exceptions (FreeBSD-SA-18:06.debugreg) ( CVE-2018-8897)

Squid

  • Squid ESI Response Processing Denial of Service (SQUID-2018:3) ( CVE-2018-1172)

How to Update?

All Trustwave customers using the TrustKeeper Scan Engine receive the updates automatically as soon as an update is available. No action is required.