Loading...
Security Resources

Software Updates

TrustKeeper Scan Engine Update for May 07, 2020

Summary

The latest update to the TrustKeeper scan engine that powers our Trustwave Vulnerability Management product (including both internal and external vulnerability scanning) is now available. Enjoy!


New Vulnerability Test Highlights

Some of the more interesting vulnerability tests we added recently are as follows:

FreeBSD

  • FreeBSD ipfw Invalid mbuf Handling Vulnerability (FreeBSD-SA-20:10.ipfw) (CVE-2019-5614, CVE-2019-15874)
  • FreeBSD openssl Remote Denial of Service Vulnerability (FreeBSD-SA-20:11.openssl) (CVE-2020-1967)

Joomla

  • Joomla Incorrect Access Control In com_users Access Level Deletion Function Vulnerability (20200403) (CVE-2020-11889)
  • Joomla Incorrect Access Control In com_users Access Level Editing Function Vulnerability (20200401) (CVE-2020-11891)
  • Joomla Missing Checks for The Root Usergroup in Usergroup Table Vulnerability (20200402) (CVE-2020-11890)

Magento

  • Magento 2.x Detected

Microsoft

MySQL

NTP

  • NTP ntpd server mode packet Denial Of Service Vulnerability (Bug 3592) (CVE-2020-11868)

OpenSSL

  • OpenSSL SSL_check_chain NULL Pointer Dereference (CVE-2020-1967)

Oracle

PHP

Protocols

  • SMB Signing Not Required By Server

Pulse Secure

Squid

How to Update?

All Trustwave customers using the TrustKeeper Scan Engine receive the updates automatically as soon as an update is available. No action is required.