Loading...
Security Resources

Software Updates

TrustKeeper Scan Engine Update for October 12, 2020

Summary

The latest update to the TrustKeeper scan engine that powers our Trustwave Vulnerability Management product (including both internal and external vulnerability scanning) is now available. Enjoy!


New Vulnerability Test Highlights

Some of the more interesting vulnerability tests we added recently are as follows:

Atlassian Jira

  • Atlassian Jira browse.PROJECTKEY Information Disclosure Vulnerability (CVE-2020-14178)
  • Atlassian Jira ViewUserHover.jspa Information Disclosure Vulnerability (CVE-2020-14181)

CentOS (Credentialed Checks)

  • CentOS Installed Packages
  • CentOS Operating System Detected

cPanel

Debian (Credentialed Checks)

FreeBSD

  • FreeBSD bhyve Privilege Escalation Vulnerability (FreeBSD-SA-20:28.bhyve_vmcs) (CVE-2020-24718)
  • FreeBSD bhyve Privilege Escalation Vulnerability (FreeBSD-SA-20:29.bhyve_svm) (CVE-2020-7467)
  • FreeBSD ftpd Privilege Escalation Vulnerability (FreeBSD-SA-20:30.ftpd) (CVE-2020-7468)
  • FreeBSD ure Driver Packet Injection Vulnerability (FreeBSD-SA-20:27.ure) (CVE-2020-7464)

Microsoft

  • Microsoft Windows 10 Version 1507 End Of Life
  • Microsoft Windows 10 Version 1511 End Of Life
  • Microsoft Windows 10 Version 1607 End Of Life
  • Microsoft Windows 10 Version 1703 End Of Life
  • Windows Credentialed Scanning Insecure Service Permissions

PHP

  • PHP PHAR phar_parse_zipfile Use After Free Vulnerability (CVE-2020-7068)

Red Hat (Credentialed Checks)

Ubuntu (Credentialed Checks)

How to Update?

All Trustwave customers using the TrustKeeper Scan Engine receive the updates automatically as soon as an update is available. No action is required.