While some of the team is already out in Vegas for Black Hat, the rest of us have been in the office, slaving away to bring you an update to the TrustKeeper scan engine before we head out there for DEF CON.
This update includes more than a dozen new vulnerability tests, as well as seven new fingerprints for web applications, including several for various applications from the Horde Project. The new vulnerability tests include ones for several recent vulns in Microsoft SharePoint, WordPress and PHP. We also added detection for web-server log files, which some people and some misconfigurations make publically accessible.
This release also marks the introduction of our next-generation web-application scanning module, which will initially be undergoing testing alongside our existing web app scanner. Our internal testing has shown it to be a significant improvement over the existing scanner (phew!), but we're going to put it through broader external testing before we remove the legacy scanning module.
That's it for now. If you're in Las Vegas this week, come find us and chat us up. We'll be the ones in spider shirts.
New Vulnerability Test Highlights
Some of the more interesting vulnerability tests we added recently are as follows:
Apache
* Apache Tomcat Null-Byte Source Code Disclosure Vulnerability (CVE-2005-4836)
Generic
* Accessible Log Files Detected
Microsoft
* Vulnerabilities in SharePoint Could Allow Elevation of Privilege (MS12-050) (CVE-2012-1858, CVE-2012-1859, CVE-2012-1860, CVE-2012-1861, CVE-2012-1862, CVE-2012-1863)
* Vulnerabilities in GDI+ Could Allow Remote Code Execution (MS09-062) (CVE-2009-2500, CVE-2009-2501, CVE-2009-2502, CVE-2009-2503, CVE-2009-2504, CVE-2009-2518, CVE-2009-2528, CVE-2009-3126)
PHP
* PHP phar Extension Heap Overflow and Denial of Service Vulnerability (CVE-2012-2386)
Samba
* Samba SWAT Logfile Symlink Vulnerability (CVE-2000-0935)
WordPress
* WordPress < 3.1.1 XSS Vulnerability (CVE-2011-4956)
* WordPress make_clickable Function Recursive Call Denial of Service Vulnerability (CVE-2011-4957)
* WordPress Plugins Restriction Bypass Vulnerability (CVE-2012-2402)
How to Update?
All Trustwave customers using the TrustKeeper Scan Engine receive the updates "auto-magically" as soon as an update is available. No action is required.