LevelBlue Completes Acquisition of Cybereason. Learn more

Request a Demo

LevelBlue Completes Acquisition of Cybereason. Learn more

Submit RFP
Request a Demo
Services
Cyber Advisory
Managed Cloud Security
Data Security
Manage Detection & Response
Email Security
Managed Network Infrastructure Security
Exposure Management
Security Operations Platforms
Incident Readiness & Response
SpiderLabs Threat Intelligence
View All Services
Solutions
BY INDUSTRY
BY REGULATION
BY TOPIC
Offensive Security
Solutions to maximize your security ROI
Operational Technology
End-to-end OT security
Microsoft Security
Unlock the full power of Microsoft Security
Securing the IoT Landscape
Test, monitor and secure network objects
Why LevelBlue
About Us
We reduce cyber risk and fortify organizations
Awards and Accolades
Recognition by analysts and media outlets
LevelBlue SpiderLabs
Global researchers, ethical hackers, and responders
LevelBlue Security Operations Platforms
Unprecedented security visibility and control
Security Colony
Access to cybersecurity threat protection resources
Partners
Microsoft
Unlock the full power of Microsoft Security
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Register
Login
Resources
BLOGS
UPCOMING
MEDIA & ASSETS
NOTICES
HELP

AppDetectivePRO and DbProtect Knowledgebase Updates 4.40 and 4.39

The next updates to our AppDetectivePRO and DbProtect Knowledgebase are now available.

Knowledgebase version 4.40 includes checks for new vulnerabilities and configuration issues in Microsoft SQL Server and Hadoop. Update 4.40 will be the last to support Lotus Notes and Domino.

Version 4.39 included checks for new vulnerabilities and configuration issues in Oracle, MySQL, Microsoft SQL Server, Sybase ASE, IBM DB2 LUW.

See below for highlights and instructions for obtaining the update.

Version 4.40 Vulnerability and Configuration Check Highlights

Microsoft SQL Server

  • Microsoft SQL Server Stack Overrun Vulnerability (CVE-2014-4061)
  • SQL Master Data Services XSS Vulnerability (CVE-2014-1820)

Hadoop

  • Automatic Failover is not enabled on HA cluster
  • Encryption of data on the wire
  • Encrypted Shuffle
  • HTTPS enabled on HDFS

***PLEASE NOTE***: As previously announced, version 4.40 will be the last Knowledgebase update that will support Lotus Notes and Domino.

Version 4.39 Vulnerability and Configuration Check Highlights

Oracle

  • Critical Patch Update/Patch Set Update – July 2014 (CVE-2014-4245, CVE-2014-4237, CVE-2014-4236, CVE-2013-3774, CVE-2013-3751)
  • New Server Information check allows you to gather the current installed version information of all your databases enterprise wide and generate reports.

MySQL

  • Critical Path Update – July 2014 (CVE-2014-4214, CVE-2014-4240, CVE-2014-4233, CVE-2014-4238, CVE-2014-2484, CVE-2014-4207, CVE-2014-2494, CVE-2014-4260, CVE-2014-4258, CVE-2014-4243)

Microsoft SQL Server

  • MS SQL Server 2012 SP2 not installed
  • New Server Information check allows you to gather the current installed version information of all your databases enterprise wide and generate reports.

Sybase ASE

  • New Server Information check allows you to gather the current installed version information of all your databases enterprise wide and generate reports.

IBM DB2 LUW

  • New Server Information check allows you to gather the current installed version information of all your databases enterprise wide and generate reports.

How to Update?

All AppDetectivePRO and DbProtect customers can download and install the latest update by visiting the Trustwave Support Portal and selecting AppDetectivePRO or DbProtect from the drop-down menu. AppDetectivePRO customers can update their deployment by launching the "Updater" within the product.

Latest Software Updates

CVT Deployment 1.111.0-1

Database Security Knowledgebase Update KB 6.54

DbProtect 6.6.13 Now Available