Security Resources

Software Updates

TrustKeeper Scan Engine Update – October 1, 2014

Summary

The latest update to the TrustKeeper scan engine that powers our Trustwave Vulnerability Management product (including both internal and external vulnerability scanning) is now available. A highlight of the update is an additional check for the recently disclosed Shellshock vulnerability in GNU Bash (CVE-2014-6271) via the Pure-FTPd vector. Total, this release includes five new checks with coverage for more than a dozen vulnerabilities.

New Vulnerability Test Highlights

Some of the more interesting vulnerability tests we added recently are as follows:

Joomla

  • Joomla! Host Header Cross Site Scripting Vulnerability (CVE-2012-3828)
  • Joomla! Host Header Installation Path Disclosure Vulnerability (CVE-2012-3829)

Oracle

How to Update?

All Trustwave customers using the TrustKeeper Scan Engine receive the updates automatically as soon as an update is available. No action is required.