The latest update to the TrustKeeper scan engine that powers our Trustwave Vulnerability Management product (including both internal and external vulnerability scanning) is now available. Highlights of the release include new checks for 20 vulnerabilities
New Vulnerability Test Highlights
Juniper NetScreen ScreenOS DNS Lookup Denial of Service (CVE-2014-3813)
Juniper NetScreen ScreenOS Malformed IPv6 Packets Denial of Service (CVE-2014-3814)
OpenSSL Bignum squaring may produce incorrect results (CVE-2014-3570)
OpenSSL Certificate fingerprints can be modified (CVE-2014-8275)
OpenSSL DH client certificates accepted without verification (CVE-2015-0205)
OpenSSL DTLS memory leak in dtls1_buffer_record (CVE-2015-0206)
OpenSSL DTLS segmentation fault in dtls1_get_record (CVE-2014-3571)
OpenSSL MiTM Vulnerability in ssl23_get_client_hello function (CVE-2014-3511)
OpenSSL no-ssl3 configuration sets method to NULL (CVE-2014-3569)
phpMyAdmin Multiple Cross-site Scripting Vulnerabilities in ENUM value (CVE-2014-7217)
Zimbra Local File Include Vulnerability (CVE-2013-7091)
How to Update?
All Trustwave customers using the TrustKeeper scan engine receive the updates automatically as soon as an update is available. No action is required.