TrustKeeper Scan Engine Update for June 05, 2020

June 05, 2020

Summary

The latest update to the TrustKeeper scan engine that powers our Trustwave Vulnerability Management product (including both internal and external vulnerability scanning) is now available. Enjoy!

New Vulnerability Test Highlights

Some of the more interesting vulnerability tests we added recently are as follows:

Apache

Apache Tomcat session persistence Remote Code Execution Vulnerability (CVE-2020-9484)

ClamAV

Ubuntu ClamAV vulnerabilities (USN-4370-1) (CVE-2020-3327, CVE-2020-3341)

cPanel

cPanel Multiple Vulnerabilities (TSR-2020-0002) (CVE-2020-12784, CVE-2020-12785)

Drupal

Drupal drupal_goto function Open Redirect Vulnerability(SA-CORE-2020-003)
Drupal jQuery dom manipulation Cross Site Scripting Vulnerability(SA-CORE-2020-002) (CVE-2020-11023, CVE-2020-11022)

ESXi

Missing VMware ESXi Patches (VMSA-2020-0008) (CVE-2020-3955)

Exim

Exim deliver.c Improper Validation Vulnerability (Sandworm) (CVE-2019-10149)

Fortinet

Fortinet FortiOS Detected
Fortinet FortiOS SSL VPN Path Traversal (CVE-2018-13379)

FreeBSD

FreeBSD cryptodev Denial of Service Vulnerability (FreeBSD-SA-20:16.cryptodev) (CVE-2019-15880)
FreeBSD cryptodev Use-after-free Vulnerability (FreeBSD-SA-20:15.cryptodev) (CVE-2019-15879)
FreeBSD Kernel SCTP-AUTH Use-after-free Vulnerability (FreeBSD-SA-20:14.sctp) (CVE-2019-15878)
FreeBSD libalias Insufficient Validation Vulnerability (FreeBSD-SA-20:12.libalias) (CVE-2020-7454)
FreeBSD libalias Memory Disclosure Vulnerability (FreeBSD-SA-20:13.libalias) (CVE-2020-7455)

ISC

ISC BIND DNS Graph Fetch Limit Vulnerability (NXNSAttack) (CVE-2020-8616)
ISC BIND tsig.c Crafted Message Vulnerability (CVE-2020-8617)

jQuery

JQuery load method Cross Site Scripting Vulnerability (CVE-2020-7656)

MongoDB

MongoDB RoleGraph IP Source Address Protection Bypass (CVE-2020-7921)

NTP

NTP ntpd mode 3/5 broadcast Denial Of Service Vulnerability (CVE-2018-8956)

OpenVPN

OpenVPN Illegal Client Float (CVE-2020-11810)

PHP

PHP rfc1867.c File Upload Denial-of-Service Vulnerability (CVE-2019-11048)

PostgreSQL

PostgreSQL Windows Installer Arbitrary Code Execution Vulnerability (CVE-2020-10733)

Red Hat Enterprise Linux

Red Hat Enterprise Linux .NET Core security update (RHSA-2020:2143) (CVE-2020-1108)
Red Hat Enterprise Linux buildah security and bug fix update (RHSA-2020:2116) (CVE-2020-1702, CVE-2020-10696)
Red Hat Enterprise Linux chromium-browser security update (RHSA-2020:2064) (CVE-2020-6464, CVE-2020-6831)
Red Hat Enterprise Linux dotnet3.1 security update (RHSA-2020:2250) (CVE-2020-1108, CVE-2020-1161)
Red Hat Enterprise Linux java-1.7.1-ibm security update (RHSA-2020:2236) (CVE-2020-2654, CVE-2020-2756, CVE-2020-2757, CVE-2020-2781, CVE-2020-2800, CVE-2020-2803, CVE-2020-2805, CVE-2020-2830)
Red Hat Enterprise Linux java-1.7.1-ibm security update (RHSA-2020:2238) (CVE-2020-2654, CVE-2020-2756, CVE-2020-2757, CVE-2020-2781, CVE-2020-2800, CVE-2020-2803, CVE-2020-2805, CVE-2020-2830)
Red Hat Enterprise Linux java-1.8.0-ibm security update (RHSA-2020:2237) (CVE-2019-2949, CVE-2020-2654, CVE-2020-2754, CVE-2020-2755, CVE-2020-2756, CVE-2020-2757, CVE-2020-2781, CVE-2020-2800, CVE-2020-2803, CVE-2020-2805, CVE-2020-2830)
Red Hat Enterprise Linux java-1.8.0-ibm security update (RHSA-2020:2239) (CVE-2019-2949, CVE-2020-2654, CVE-2020-2754, CVE-2020-2755, CVE-2020-2756, CVE-2020-2757, CVE-2020-2781, CVE-2020-2800, CVE-2020-2803, CVE-2020-2805, CVE-2020-2830)
Red Hat Enterprise Linux java-1.8.0-ibm security update (RHSA-2020:2241) (CVE-2019-2949, CVE-2020-2654, CVE-2020-2754, CVE-2020-2755, CVE-2020-2756, CVE-2020-2757, CVE-2020-2781, CVE-2020-2800, CVE-2020-2803, CVE-2020-2805, CVE-2020-2830)
Red Hat Enterprise Linux kernel security and bug fix update (RHSA-2020:2082) (CVE-2017-18595, CVE-2019-19768, CVE-2020-10711)
Red Hat Enterprise Linux kernel security and bug fix update (RHSA-2020:2102) (CVE-2020-2732, CVE-2020-10711, CVE-2020-11884)
Red Hat Enterprise Linux kernel security update (RHSA-2020:2103) (CVE-2020-10711)
Red Hat Enterprise Linux kpatch-patch security update (RHSA-2020:2125) (CVE-2020-10711)
Red Hat Enterprise Linux libreswan security update (RHSA-2020:2070) (CVE-2020-1763)
Red Hat Enterprise Linux podman security update (RHSA-2020:2117) (CVE-2020-8945, CVE-2020-10696)
Red Hat Enterprise Linux python-pip security update (RHSA-2020:2068) (CVE-2018-18074, CVE-2018-20060, CVE-2019-11236, CVE-2019-11324)
Red Hat Enterprise Linux python-virtualenv security update (RHSA-2020:2081) (CVE-2018-18074, CVE-2018-20060, CVE-2019-11236)

Ubuntu

Ubuntu APT vulnerability (USN-4359-1) (CVE-2020-3810)
Ubuntu Bind vulnerabilities (USN-4365-1) (CVE-2020-8616, CVE-2020-8617)
Ubuntu Dovecot vulnerabilities (USN-4361-1) (CVE-2020-10957, CVE-2020-10958, CVE-2020-10967)
Ubuntu DPDK vulnerabilities (USN-4362-1) (CVE-2020-10722, CVE-2020-10723, CVE-2020-10724, CVE-2020-10725, CVE-2020-10726)
Ubuntu Exim vulnerability (USN-4366-1) (CVE-2020-12783)
Ubuntu file regression (USN-3911-2) (CVE-2019-8904, CVE-2019-8905, CVE-2019-8906, CVE-2019-8907)
Ubuntu Firefox regression (USN-4353-2) (CVE-2020-12387, CVE-2020-12390, CVE-2020-12391, CVE-2020-12392, CVE-2020-12394, CVE-2020-12395, CVE-2020-12396, CVE-2020-6831)
Ubuntu IPRoute vulnerability (USN-4357-1) (CVE-2019-20795)
Ubuntu json-c regression (USN-4360-2) (CVE-2020-12762)
Ubuntu json-c vulnerability (USN-4360-1) (CVE-2020-12762)
Ubuntu libexif vulnerabilities (USN-4358-1) (CVE-2018-20030, CVE-2020-12767)
Ubuntu libvirt vulnerabilities (USN-4371-1) (CVE-2020-10703, CVE-2020-12430)
Ubuntu Linux kernel vulnerabilities (USN-4363-1) (CVE-2020-11494, CVE-2020-11565, CVE-2020-11669, CVE-2020-12657)
Ubuntu Linux kernel vulnerabilities (USN-4364-1) (CVE-2019-19060, CVE-2020-10942, CVE-2020-11494, CVE-2020-11565, CVE-2020-11608, CVE-2020-11609, CVE-2020-11668)
Ubuntu Linux kernel vulnerabilities (USN-4367-1) (CVE-2019-19377, CVE-2020-11565, CVE-2020-12657, CVE-2020-12826)
Ubuntu Linux kernel vulnerabilities (USN-4368-1) (CVE-2019-19769, CVE-2020-11494, CVE-2020-11565, CVE-2020-11608, CVE-2020-11609, CVE-2020-11668, CVE-2020-11669, CVE-2020-12657)
Ubuntu Linux kernel vulnerabilities (USN-4369-1) (CVE-2019-19377, CVE-2019-19769, CVE-2020-11494, CVE-2020-11565, CVE-2020-11608, CVE-2020-11609, CVE-2020-11668, CVE-2020-12657, CVE-2020-12826)
Ubuntu PulseAudio vulnerability (USN-4355-1) (CVE-2020-11931)
Ubuntu QEMU vulnerabilities (USN-4372-1) (CVE-2019-15034, CVE-2019-20382, CVE-2020-10702, CVE-2020-11869, CVE-2020-1983)
Ubuntu Squid vulnerabilities (USN-4356-1) (CVE-2019-12519, CVE-2019-12521, CVE-2019-18860, CVE-2020-11945)
Ubuntu Thunderbird vulnerabilities (USN-4373-1) (CVE-2020-12387, CVE-2020-12392, CVE-2020-12395, CVE-2020-12397, CVE-2020-6831)

How to Update?

All Trustwave customers using the TrustKeeper Scan Engine receive the updates automatically as soon as an update is available. No action is required.

Experiencing a security breach?

Experiencing a security breach?

TrustKeeper Scan Engine Update for June 05, 2020

Summary

New Vulnerability Test Highlights

How to Update?

Latest Software Updates

CVT Deployment 1.111.0-1

Database Security Knowledgebase Update KB 6.54

DbProtect 6.6.13 Now Available

Stay Informed

Sign up to receive the latest security news and trends straight to your inbox from LevelBlue.