TrustKeeper Scan Engine Update for June 19, 2020

Summary

The latest update to the TrustKeeper scan engine that powers our Trustwave Vulnerability Management product (including both internal and external vulnerability scanning) is now available. Enjoy!

New Vulnerability Test Highlights

Some of the more interesting vulnerability tests we added recently are as follows:

Atlassian Jira

• Atlassian Jira XML Export View Cross-Site Scripting (CVE-2020-4021)

Cisco ASA

• Cisco ASA BGP Denial of Service Vulnerability (cisco-sa-asa-dos-P43GCE5j) (CVE-2020-3305)
• Cisco ASA DHCP Denial of Service Vulnerability (cisco-sa-asaftd-dos-qk8cTGLz) (CVE-2020-3306)
• Cisco ASA IKEv1 Denial of Service Vulnerability (cisco-sa-asa-dos-BqYFRJt9) (CVE-2020-3303)
• Cisco ASA IPv6 DNS Denial of Service Vulnerability (cisco-sa-asaftd-ipv6-67pA658k) (CVE-2020-3191)
• Cisco ASA Kerberos Authentication Bypass Vulnerability (cisco-asa-kerberos-bypass-96Gghe2sS) (CVE-2020-3125)
• Cisco ASA Malformed OSPF Packets Processing Denial of Service Vulnerability (cisco-sa-asa-ftd-ospf-dos-RhMQY8qx) (CVE-2020-3298)
• Cisco ASA Media Gateway Control Protocol Denial of Service Vulnerabilities (cisco-sa-asaftd-mgcp-SUqB8VKH) (CVE-2020-3254)
• Cisco ASA Software OSPF Packets Processing Memory Leak Vulnerability ( cisco-sa-asa-ftd-ospf-memleak-DHpsgfnv) (CVE-2020-3195)
• Cisco ASA SSL/TLS Denial of Service Vulnerability (cisco-sa-asa-ssl-vpn-dos-qY7BHpjN) (CVE-2020-3196)
• Cisco ASA Web Services Information Disclosure Vulnerability (cisco-sa-asaftd-info-disclose-9eJtycMB) (CVE-2020-3259)
• Cisco ASA Web Services Path Traversal Vulnerability (cisco-sa-asaftd-path-JE3azWw43) (CVE-2020-3187)

Fortinet FortiOS

• Fortinet FortiOS SSL VPN Buffer Overrun (CVE-2018-13383)
• Fortinet FortiOS SSL VPN Unauthenticated Password Modification (CVE-2018-13382)

Joomla

• Joomla Cross-Site Request Forgery in com_postinstall Vulnerability (20200605) (CVE-2020-13760)
• Joomla Cross-Site Scripting in com_modules Tag Options Vulnerability (20200603) (CVE-2020-13762)
• Joomla Cross-Site Scripting in Jquery.htmlprefilter Vulnerability (20200604) (CVE-2020-11022)
• Joomla Cross-Site Scripting in Modules Heading Tag Option Vulnerability (20200601) (CVE-2020-13761)
• Joomla Inconsistent Default Textfilter Settings Vulnerability (20200602) (CVE-2020-13763)

Microsoft (Credentialed Checks)

• Microsoft Windows June 2020 Security Updates Missing (CVE-2020-1313, CVE-2020-1307, CVE-2020-1275, CVE-2020-1273, CVE-2020-1268, CVE-2020-1265, CVE-2020-1248, CVE-2020-1209, CVE-2020-1206, CVE-2020-1296, CVE-2020-1277, CVE-2020-1244, CVE-2020-1204, CVE-2020-1348, CVE-2020-1334, CVE-2020-1324, CVE-2020-1317, CVE-2020-1316, CVE-2020-1315, CVE-2020-1314, CVE-2020-1312, CVE-2020-1311, CVE-2020-1310, CVE-2020-1309, CVE-2020-1306, CVE-2020-1305, CVE-2020-1304, CVE-2020-1302, CVE-2020-1301, CVE-2020-1300, CVE-2020-1299, CVE-2020-1294, CVE-2020-1293, CVE-2020-1292, CVE-2020-1291, CVE-2020-1290, CVE-2020-1287, CVE-2020-1286, CVE-2020-1283, CVE-2020-1282, CVE-2020-1281, CVE-2020-1280, CVE-2020-1279, CVE-2020-1278, CVE-2020-1276, CVE-2020-1274, CVE-2020-1272, CVE-2020-1271, CVE-2020-1270, CVE-2020-1269, CVE-2020-1266, CVE-2020-1264, CVE-2020-1263, CVE-2020-1262, CVE-2020-1261, CVE-2020-1260, CVE-2020-1259, CVE-2020-1258, CVE-2020-1257, CVE-2020-1255, CVE-2020-1254, CVE-2020-1253, CVE-2020-1251, CVE-2020-1247, CVE-2020-1246, CVE-2020-1242, CVE-2020-1241, CVE-2020-1239, CVE-2020-1238, CVE-2020-1237, CVE-2020-1236, CVE-2020-1235, CVE-2020-1234, CVE-2020-1233, CVE-2020-1232, CVE-2020-1231, CVE-2020-1230, CVE-2020-1222, CVE-2020-1220, CVE-2020-1219, CVE-2020-1217, CVE-2020-1216, CVE-2020-1215, CVE-2020-1214, CVE-2020-1213, CVE-2020-1212, CVE-2020-1211, CVE-2020-1208, CVE-2020-1207, CVE-2020-1203, CVE-2020-1202, CVE-2020-1201, CVE-2020-1199, CVE-2020-1197, CVE-2020-1196, CVE-2020-1194, CVE-2020-1162, CVE-2020-1160, CVE-2020-1073, CVE-2020-0986, CVE-2020-0916, CVE-2020-0915)

Red Hat (Credentialed Checks)

• Red Hat Enterprise Linux bind security update (RHSA-2020:2338) (CVE-2020-8616, CVE-2020-8617)
• Red Hat Enterprise Linux bind security update (RHSA-2020:2344) (CVE-2020-8616, CVE-2020-8617)
• Red Hat Enterprise Linux bind security update (RHSA-2020:2383) (CVE-2020-8616, CVE-2020-8617)
• Red Hat Enterprise Linux firefox security update (RHSA-2020:2378) (CVE-2020-12405, CVE-2020-12406, CVE-2020-12410)
• Red Hat Enterprise Linux firefox security update (RHSA-2020:2379) (CVE-2020-12405, CVE-2020-12406, CVE-2020-12410)
• Red Hat Enterprise Linux firefox security update (RHSA-2020:2381) (CVE-2020-12405, CVE-2020-12406, CVE-2020-12410)
• Red Hat Enterprise Linux freerdp security update (RHSA-2020:2334) (CVE-2020-11521, CVE-2020-11523, CVE-2020-11524)
• Red Hat Enterprise Linux freerdp security update (RHSA-2020:2336) (CVE-2020-11521, CVE-2020-11523, CVE-2020-11524)
• Red Hat Enterprise Linux freerdp security update (RHSA-2020:2405) (CVE-2020-13398)
• Red Hat Enterprise Linux freerdp security update (RHSA-2020:2406) (CVE-2020-13398)
• Red Hat Enterprise Linux freerdp security update (RHSA-2020:2407) (CVE-2020-13398)
• Red Hat Enterprise Linux git security update (RHSA-2020:2337) (CVE-2020-11008)

Ubuntu (Credentialed Checks)

• Ubuntu Apache Ant vulnerability (USN-4380-1) (CVE-2020-1945)
• Ubuntu ca-certificates update (USN-4377-1)
• Ubuntu Django vulnerabilities (USN-4381-1) (CVE-2020-13254, CVE-2020-13596)
• Ubuntu Firefox vulnerabilities (USN-4383-1) (CVE-2020-12399, CVE-2020-12405, CVE-2020-12406, CVE-2020-12407, CVE-2020-12408, CVE-2020-12409, CVE-2020-12410, CVE-2020-12411)
• Ubuntu Flask vulnerability (USN-4378-1) (CVE-2018-1000656)
• Ubuntu FreeRDP vulnerabilities (USN-4379-1) (CVE-2018-1000852, CVE-2019-17177, CVE-2020-11042, CVE-2020-11044, CVE-2020-11045, CVE-2020-11046, CVE-2020-11047, CVE-2020-11048, CVE-2020-11049, CVE-2020-11058, CVE-2020-11521, CVE-2020-11522, CVE-2020-11523, CVE-2020-11524, CVE-2020-11525, CVE-2020-11526, CVE-2020-13396, CVE-2020-13397, CVE-2020-13398)
• Ubuntu FreeRDP vulnerabilities (USN-4382-1) (CVE-2020-11042, CVE-2020-11045, CVE-2020-11046, CVE-2020-11048, CVE-2020-11049, CVE-2020-11058, CVE-2020-11521, CVE-2020-11522, CVE-2020-11523, CVE-2020-11525, CVE-2020-11526, CVE-2020-13396, CVE-2020-13397, CVE-2020-13398)
• Ubuntu json-c vulnerability (USN-4360-4) (CVE-2020-12762)
• Ubuntu Linux kernel regression (USN-4367-2) (CVE-2019-19377, CVE-2020-11565, CVE-2020-12657, CVE-2020-12826)
• Ubuntu Linux kernel regression (USN-4369-2) (CVE-2019-19377, CVE-2019-19769, CVE-2020-11494, CVE-2020-11565, CVE-2020-11608, CVE-2020-11609, CVE-2020-11668, CVE-2020-12657, CVE-2020-12826)
• Ubuntu OpenSSL vulnerabilities (USN-4376-1) (CVE-2019-1547, CVE-2019-1549, CVE-2019-1551, CVE-2019-1563)
• Ubuntu PHP vulnerability (USN-4375-1) (CVE-2019-11048)
• Ubuntu Unbound vulnerabilities (USN-4374-1) (CVE-2020-12662, CVE-2020-12663)

WordPress

• Wordpress cookie-law-info plugin Multiple Vulnerabilities

How to Update?

All Trustwave customers using the TrustKeeper Scan Engine receive the updates automatically as soon as an update is available. No action is required.