Web Application Security – ModSecurity Commercial Rules, Update for December 2022 | Trustwave

Summary

The latest update to the TrustKeeper scan engine that powers our Trustwave Vulnerability Management product (including both internal and external vulnerability scanning) is now available. Enjoy!

New Vulnerability Test Highlights

Some of the more interesting vulnerability tests we added recently are as follows:

Apache

• Apache Tomcat FileStore Local Privilege Escalation Vulnerability (CVE-2022-23181)

CentOS (Credentialed Scanning)

• CentOS Linux firefox security update (CESA-2022:0510) (CVE-2022-22754, CVE-2022-22756, CVE-2022-22759, CVE-2022-22760, CVE-2022-22761, CVE-2022-22763, CVE-2022-22764)

Debian (Credentialed Scanning)

• Debian chromium Security Update (DSA-5079-1) (CVE-2022-0603, CVE-2022-0604, CVE-2022-0605, CVE-2022-0606, CVE-2022-0607, CVE-2022-0608, CVE-2022-0609, CVE-2022-0610)
• Debian cryptsetup Security Update (DSA-5070-1) (CVE-2021-4122)
• Debian debian-edu-config LTS Security Update (DLA-2918-1) (CVE-2021-20001)
• Debian debian-edu-config Security Update (DSA-5072-1) (CVE-2021-20001)
• Debian expat Security Update (DSA-5073-1) (CVE-2021-45960, CVE-2021-46143, CVE-2022-22822, CVE-2022-22823, CVE-2022-22824, CVE-2022-22825, CVE-2022-22826, CVE-2022-22827, CVE-2022-23852, CVE-2022-23990)
• Debian firefox-esr LTS Security Update (DLA-2916-1) (CVE-2022-22754, CVE-2022-22756, CVE-2022-22759, CVE-2022-22760, CVE-2022-22761, CVE-2022-22763, CVE-2022-22764)
• Debian firefox-esr Security Update (DSA-5069-1) (CVE-2022-22754, CVE-2022-22756, CVE-2022-22759, CVE-2022-22760, CVE-2022-22761, CVE-2022-22763, CVE-2022-22764)
• Debian h2database LTS Security Update (DLA-2923-1) (CVE-2021-42392, CVE-2022-23221)
• Debian h2database Security Update (DSA-5076-1) (CVE-2021-42392, CVE-2022-23221)
• Debian libraw LTS Security Update (DLA-2903-1) (CVE-2017-14608, CVE-2017-16909, CVE-2017-16910, CVE-2018-20363, CVE-2018-20364, CVE-2018-20365, CVE-2018-5800, CVE-2018-5801, CVE-2018-5802, CVE-2018-5804, CVE-2018-5805, CVE-2018-5806, CVE-2018-5807, CVE-2018-5808, CVE-2018-5810, CVE-2018-5811, CVE-2018-5812, CVE-2018-5813, CVE-2018-5815, CVE-2018-5817, CVE-2018-5818, CVE-2018-5819)
• Debian librecad Security Update (DSA-5077-1) (CVE-2021-21898, CVE-2021-21899, CVE-2021-21900, CVE-2021-45341, CVE-2021-45342, CVE-2021-45343)
• Debian libxstream-java LTS Security Update (DLA-2924-1) (CVE-2021-43859)
• Debian minetest Security Update (DSA-5075-1) (CVE-2022-24300, CVE-2022-24301)
• Debian openjdk-8 LTS Security Update (DLA-2917-1) (CVE-2022-21248, CVE-2022-21282, CVE-2022-21283, CVE-2022-21293, CVE-2022-21294, CVE-2022-21296, CVE-2022-21299, CVE-2022-21305, CVE-2022-21340, CVE-2022-21341, CVE-2022-21349, CVE-2022-21360, CVE-2022-21365)
• Debian pgbouncer LTS Security Update (DLA-2922-1) (CVE-2021-3935)
• Debian php7.4 Security Update (DSA-5082-1) (CVE-2021-21707, CVE-2021-21708)
• Debian python2.7 LTS Security Update (DLA-2919-1) (CVE-2021-3177, CVE-2021-4189)
• Debian redis Security Update (DSA-5081-1) (CVE-2022-0543)
• Debian samba Security Update (DSA-5071-1) (CVE-2021-44142, CVE-2022-0336)
• Debian snapd Security Update (DSA-5080-1) (CVE-2021-44730, CVE-2021-44731)
• Debian thunderbird LTS Security Update (DLA-2921-1) (CVE-2022-22754, CVE-2022-22756, CVE-2022-22759, CVE-2022-22760, CVE-2022-22761, CVE-2022-22763, CVE-2022-22764)
• Debian thunderbird Security Update (DSA-5074-1) (CVE-2022-22754, CVE-2022-22756, CVE-2022-22759, CVE-2022-22760, CVE-2022-22761, CVE-2022-22763, CVE-2022-22764)
• Debian twisted LTS Security Update (DLA-2927-1) (CVE-2020-10108, CVE-2020-10109, CVE-2022-21712)
• Debian varnish LTS Security Update (DLA-2920-1) (CVE-2022-23959)
• Debian webkit2gtk Security Update (DSA-5083-1) (CVE-2022-22589, CVE-2022-22590, CVE-2022-22592, CVE-2022-22620)
• Debian wpewebkit Security Update (DSA-5084-1) (CVE-2022-22589, CVE-2022-22590, CVE-2022-22592, CVE-2022-22620)
• Debian zsh LTS Security Update (DLA-2926-1) (CVE-2021-45444)
• Debian zsh Security Update (DSA-5078-1) (CVE-2021-45444)

Fedora (Credentialed Scanning)

• Fedora containerd Security Update (FEDORA-2022-f668c3d70d) (CVE-2021-43816)
• Fedora cyrus-imapd Security Update (FEDORA-2022-d45bcc5447) (CVE-2021-32056, CVE-2021-33582)
• Fedora ipython Security Update (FEDORA-2022-b9e38f8a56) (CVE-2022-21699)
• Fedora java-1.8.0-openjdk Security Update (FEDORA-2022-b706eef225) (CVE-2022-21248, CVE-2022-21282, CVE-2022-21283, CVE-2022-21293, CVE-2022-21294, CVE-2022-21296, CVE-2022-21299, CVE-2022-21305, CVE-2022-21340, CVE-2022-21341, CVE-2022-21349, CVE-2022-21360, CVE-2022-21365)
• Fedora kernel Security Update (FEDORA-2022-df17aabb12) (CVE-2022-0435, CVE-2022-0516)
• Fedora lua Security Update (FEDORA-2022-473560d1a6) (CVE-2021-43519, CVE-2021-44647)
• Fedora mingw-expat Security Update (FEDORA-2022-d2abd0858e) (CVE-2022-23990)
• Fedora mingw-gdk-pixbuf Security Update (FEDORA-2022-a16e5d72fc) (CVE-2021-44648)
• Fedora Multiple Packages Security Update (FEDORA-2022-08d7ee21f7) (CVE-2021-45341, CVE-2021-45342, CVE-2021-45343)
• Fedora phoronix-test-suite Security Update (FEDORA-2022-43f11039b2) (CVE-2022-0157, CVE-2022-0196, CVE-2022-0197, CVE-2022-0238)
• Fedora php-laminas-form Security Update (FEDORA-2022-a42e97d8e8) (CVE-2022-23598)
• Fedora php-twig2 Security Update (FEDORA-2022-47293b1d23) (CVE-2022-23614)
• Fedora php-twig3 Security Update (FEDORA-2022-167b9becef) (CVE-2022-23614)
• Fedora podman Security Update (FEDORA-2021-6bd024d2a7) (CVE-2021-4024)
• Fedora python-rencode Security Update (FEDORA-2022-02340931ec) (CVE-2021-40839)
• Fedora rust-afterburn Security Update (FEDORA-2022-06569a0a60) (CVE-2022-21658)
• Fedora snapd Security Update (FEDORA-2022-82bea71e5a) (CVE-2021-4120, CVE-2021-44730, CVE-2021-44731)
• Fedora xen Security Update (FEDORA-2022-0cc3916e08) (CVE-2022-23033, CVE-2022-23034, CVE-2022-23035)
• Fedora xrdp Security Update (FEDORA-2022-4283d4695d) (CVE-2022-23613)
• Fedora xstream Security Update (FEDORA-2022-ad5cf1c0dd) (CVE-2021-43859)
• Fedora xterm Security Update (FEDORA-2022-965978ed67) (CVE-2022-24130)
• Fedora zziplib Security Update (FEDORA-2022-8109b472a3) (CVE-2020-18442)

Google Chrome Browser (Credentialed Scanning)

• Google Chrome Browser Update Missing (01_02_22) (CVE-2022-0452, CVE-2022-0453, CVE-2022-0454, CVE-2022-0455, CVE-2022-0456, CVE-2022-0457, CVE-2022-0458, CVE-2022-0459, CVE-2022-0460, CVE-2022-0461, CVE-2022-0462, CVE-2022-0463, CVE-2022-0464, CVE-2022-0465, CVE-2022-0466, CVE-2022-0467, CVE-2022-0468, CVE-2022-0469, CVE-2022-0470)
• Google Chrome Browser Update Missing (04_01_22) (CVE-2022-0096, CVE-2022-0097, CVE-2022-0098, CVE-2022-0099, CVE-2022-0100, CVE-2022-0101, CVE-2022-0102, CVE-2022-0103, CVE-2022-0104, CVE-2022-0105, CVE-2022-0106, CVE-2022-0107, CVE-2022-0108, CVE-2022-0109, CVE-2022-0110, CVE-2022-0111, CVE-2022-0112, CVE-2022-0113, CVE-2022-0114, CVE-2022-0115, CVE-2022-0116, CVE-2022-0117, CVE-2022-0118, CVE-2022-0120, CVE-2022-0337)
• Google Chrome Browser Update Missing (19_01_22) (CVE-2022-0289, CVE-2022-0290, CVE-2022-0291, CVE-2022-0292, CVE-2022-0293, CVE-2022-0294, CVE-2022-0295, CVE-2022-0296, CVE-2022-0297, CVE-2022-0298, CVE-2022-0300, CVE-2022-0301, CVE-2022-0302, CVE-2022-0304, CVE-2022-0305, CVE-2022-0306, CVE-2022-0307, CVE-2022-0308, CVE-2022-0309, CVE-2022-0310, CVE-2022-0311)

pfSense

• pfSense pkg.php Privilege Escalation Vulnerability (CVE-2022-23993)

FreeBSD

• FreeBSD chromium Security Update (e12432af-8e73-11ec-8bc4-3065ec8fd3ec) (CVE-2022-0603, CVE-2022-0604, CVE-2022-0605, CVE-2022-0606, CVE-2022-0607, CVE-2022-0608, CVE-2022-0609, CVE-2022-0610)
• FreeBSD go Security Update (096ab080-907c-11ec-bb14-002324b2fba8) (CVE-2022-23772, CVE-2022-23773, CVE-2022-23806)
• FreeBSD jenkins Security Update (0b0ad196-1ee8-4a98-89b1-4d5d82af49a9) (CVE-2021-43859, CVE-2022-0538)
• FreeBSD libmysoft Security Update (4d763c65-9246-11ec-9aa3-4ccc6adda413) (CVE-2021-3756)
• FreeBSD MariaDB Security Update (27bf9378-8ffd-11ec-8be6-d4c9ef517024) (CVE-2021-46661, CVE-2021-46663, CVE-2021-46664, CVE-2021-46665, CVE-2021-46668)
• FreeBSD MariaDB Security Update (ff5606f7-8a45-11ec-8be6-d4c9ef517024) (CVE-2021-46659, CVE-2022-24048, CVE-2022-24050, CVE-2022-24051, CVE-2022-24052)
• FreeBSD Qt5 Security Update (43ae57f6-92ab-11ec-81b4-2cf05d620ecc) (CVE-2022-25255)
• FreeBSD zsh Security Update (d923fb0c-8c2f-11ec-aa85-0800270512f4) (CVE-2021-45444)

Red Hat (Credentialed Checks)

• Red Hat Enterprise Linux .NET 5.0 security and bugfix update (RHSA-2022:0495) (CVE-2022-21986)
• Red Hat Enterprise Linux .NET 6.0 security and bugfix update (RHSA-2022:0496) (CVE-2022-21986)
• Red Hat Enterprise Linux 389-ds-base security and bug fix update (RHSA-2022:0628) (CVE-2021-4091)
• Red Hat Enterprise Linux aide security update (RHSA-2022:0473) (CVE-2021-45417)
• Red Hat Enterprise Linux cyrus-sasl security update (RHSA-2022:0658) (CVE-2022-24407)
• Red Hat Enterprise Linux firefox security update (RHSA-2022:0510) (CVE-2022-22754, CVE-2022-22756, CVE-2022-22759, CVE-2022-22760, CVE-2022-22761, CVE-2022-22763, CVE-2022-22764)
• Red Hat Enterprise Linux firefox security update (RHSA-2022:0514) (CVE-2022-22754, CVE-2022-22756, CVE-2022-22759, CVE-2022-22760, CVE-2022-22761, CVE-2022-22763, CVE-2022-22764)
• Red Hat Enterprise Linux kernel security and bug fix update (RHSA-2022:0620) (CVE-2020-0465, CVE-2020-0466, CVE-2021-0920, CVE-2021-3564, CVE-2021-3573, CVE-2021-3752, CVE-2021-4155, CVE-2022-0330, CVE-2022-22942)
• Red Hat Enterprise Linux kpatch-patch security update (RHSA-2022:0592) (CVE-2020-0466, CVE-2021-0920, CVE-2021-4155, CVE-2022-0330, CVE-2022-22942)
• Red Hat Enterprise Linux nodejs14 security bug fix and enhancement update (RHSA-2022:0350) (CVE-2020-28469, CVE-2020-7788, CVE-2021-22959, CVE-2021-22960, CVE-2021-33502, CVE-2021-37701, CVE-2021-37712, CVE-2021-3807, CVE-2021-3918)
• Red Hat Enterprise Linux openldap security update (RHSA-2022:0621) (CVE-2020-25709, CVE-2020-25710)
• Red Hat Enterprise Linux python-pillow security update (RHSA-2022:0609) (CVE-2022-22816, CVE-2022-22817)
• Red Hat Enterprise Linux python-pillow security update (RHSA-2022:0643) (CVE-2022-22816, CVE-2022-22817)
• Red Hat Enterprise Linux ruby:2.5 security update (RHSA-2022:0545) (CVE-2020-36327)
• Red Hat Enterprise Linux ruby:2.6 security update (RHSA-2022:0543) (CVE-2020-36327, CVE-2021-31799, CVE-2021-31810, CVE-2021-32066, CVE-2021-41817, CVE-2021-41819)
• Red Hat Enterprise Linux thunderbird security update (RHSA-2022:0535) (CVE-2022-22754, CVE-2022-22756, CVE-2022-22759, CVE-2022-22760, CVE-2022-22761, CVE-2022-22763, CVE-2022-22764)
• Red Hat Enterprise Linux thunderbird security update (RHSA-2022:0538) (CVE-2022-22754, CVE-2022-22756, CVE-2022-22759, CVE-2022-22760, CVE-2022-22761, CVE-2022-22763, CVE-2022-22764)

Ubuntu (Credentialed Checks)

• Ubuntu c3p0 vulnerability (USN-5293-1) (CVE-2019-5427)
• Ubuntu Expat vulnerabilities (USN-5288-1) (CVE-2021-45960, CVE-2021-46143, CVE-2022-22822, CVE-2022-22823, CVE-2022-22824, CVE-2022-22825, CVE-2022-22826, CVE-2022-22827, CVE-2022-23852, CVE-2022-23990, CVE-2022-25235, CVE-2022-25236)
• Ubuntu Linux kernel (GKE) vulnerabilities (USN-5297-1) (CVE-2021-39685, CVE-2021-4083, CVE-2021-4155, CVE-2021-4202, CVE-2021-43975, CVE-2022-0330, CVE-2022-22942)
• Ubuntu Linux kernel (HWE) vulnerabilities (USN-5295-1) (CVE-2021-22600, CVE-2021-4083, CVE-2021-4155, CVE-2022-0330, CVE-2022-22942)
• Ubuntu Linux kernel vulnerabilities (USN-5294-2) (CVE-2021-22600, CVE-2021-39685, CVE-2021-4083, CVE-2021-4155, CVE-2021-4202, CVE-2021-43975, CVE-2022-0330, CVE-2022-22942)
• Ubuntu Linux kernel vulnerabilities (USN-5295-2) (CVE-2021-22600, CVE-2021-4083, CVE-2021-4155, CVE-2022-0330, CVE-2022-22942)
• Ubuntu Linux kernel vulnerabilities (USN-5298-1) (CVE-2021-22600, CVE-2021-28711, CVE-2021-28712, CVE-2021-28713, CVE-2021-28714, CVE-2021-28715, CVE-2021-39685, CVE-2021-4083, CVE-2021-4155, CVE-2021-4202, CVE-2022-0330, CVE-2022-22942)
• Ubuntu snapd vulnerabilities (USN-5292-2) (CVE-2021-3155, CVE-2021-4120, CVE-2021-44730, CVE-2021-44731)

WordPress

• WordPress Update URI plugin Arbitrary Code Execution (CVE-2021-44223)

How to Update?

All Trustwave customers using the TrustKeeper Scan Engine receive the updates automatically as soon as an update is available. No action is required.