Loading...
Security Resources

Software Updates

TrustKeeper Scan Engine Update for September 17, 2020

Summary

The latest update to the TrustKeeper scan engine that powers our Trustwave Vulnerability Management product (including both internal and external vulnerability scanning) is now available. Enjoy!


New Vulnerability Test Highlights

Some of the more interesting vulnerability tests we added recently are as follows:

Dell IDRAC

FreeBSD

  • FreeBSD dhclient Heap Overflow Vulnerability (FreeBSD-SA-20:26.dhclient) (CVE-2020-7461)
  • FreeBSD IPv6 Hop-by-Hop Use-After-Free Vulnerability (FreeBSD-SA-20:24.ipv6) (CVE-2020-7462)
  • FreeBSD SCTP Socket Use-After-Free Vulnerability (FreeBSD-SA-20:25.sctp) (CVE-2020-7463)

Joomla

  • Joomla Core com_content Vote Feature Open Redirect (20200802) (CVE-2020-24598)
  • Joomla Core com_media Directory Traversal (20200803) (CVE-2020-24597)
  • Joomla Core mod_latestactions Cross-Site Scripting (20200801) (CVE-2020-24599)

Microsoft

MongoDB

OpenSSL

  • OpenSSL DH Ciphersuite Timing Attack Vulnerability (Raccoon Attack) (CVE-2020-1968)

Red Hat (Credentialed Checks)

Ubuntu (Credentialed Checks)

WordPress

  • Wordpress wp-file-manager plugin Arbitrary File Upload Vulnerability (CVE-2020-25213)

How to Update?

All Trustwave customers using the TrustKeeper Scan Engine receive the updates automatically as soon as an update is available. No action is required.