TrustKeeper Scan Engine Update for October 07 2015

The latest update to the TrustKeeper scan engine that powers our Trustwave Vulnerability Management product (including both internal and external vulnerability scanning) is now available.

New Vulnerability Test Highlights

Some of the more interesting vulnerability tests we added recently are as follows:

Cisco

• Cisco ASA crashes for the OSPFv2 packets from codenomicon (CSCus84220) (CVE-2015-4239)
• Cisco ASA is not correctly handling errors on AES-GCM ICV (CSCuu66218) (CVE-2015-4550)
• Cisco ASA OSPFv2 Denial of Service Vulnerability (CSCut52679) (CVE-2015-4241)
• Cisco ASA SNMP Denial of Service Vulnerability (CSCul02601) (CVE-2015-4238)
• Cisco IOS Session Initiation Protocol Packet Handling Denial of Service Vulnerability (CSCto88686) (CVE-2011-2072)
• Cisco IOS and Cisco IOS XE have Denial of Service in its DHCPv6 Server (CVE-2015-0708)
• Remote Denial of Service vulnerability in Cisco IOS Voice Gateway (CVE-2015-0731)
• Information Disclosure Vulnerability for Cisco IOS 12.2(33)SCH on uBR10000 routers (CVE-2015-4202)
• Privilege escalation vulnerability in Cisco IOS through the TCL script interpreter (CVE-2015-4185)
• Remote Denial of Service Vulnerability in the IKE subsystem of Cisco WS-IPSEC-3 (CVE-2015-0771)
• Denial of Service Vulnerability in Cisco IOS for Cisco UBR devices (CVE-2015-4199)
• Memory leak in the IPv6-to-IPv4 components in Cisco IOS (CVE-2015-4200)

phpMyAdmin

• phpMyAdmin SQL Injection Vulnerability via Cookie Name (CVE-2008-1149)
• phpMyAdmin Cross-site Scripting Vulnerabilitiy via setup.php (CVE-2007-5386)
• phpMyAdmin Multiple Cross-site Scripting Vulnerabilities via Code Detection (CVE-2007-2245)
• phpMyAdmin Cross-site Scripting Vulnerabilitiy via DB Parameter (CVE-2006-2418)
• phpMyAdmin File Disclosure Vulnerability via POST Request (CVE-2008-1924)

FreeBSD

• Missing FreeBSD Vulnerability (FreeBSD-SA-06:12.opie) (CVE-2006-1283)
• Missing FreeBSD Vulnerability (FreeBSD-SA-06:13.sendmail) (CVE-2006-0058)
• Missing FreeBSD Vulnerability (FreeBSD-SA-06:08.ppp) (CVE-2006-4304)
• Missing FreeBSD Vulnerability (FreeBSD-SA-06:22.openssh) (CVE-2006-4924, CVE-2006-5051)
• Missing FreeBSD Vulnerability (FreeBSD-SA-07:03.ipv6) (CVE-2007-2242)
• Missing FreeBSD Vulnerability (FreeBSD-SA-09:16.rtld) (CVE-2009-4146, CVE-2009-4147)
• Missing FreeBSD Vulnerability (FreeBSD-SA-09:06.ktimer) (CVE-2009-1041)
• Missing FreeBSD Vulnerability (FreeBSD-SA-09:01.lukemftpd) (CVE-2008-4247)
• Missing FreeBSD Vulnerability (FreeBSD-SA-08:12.ftpd) (CVE-2008-4247)
• Missing FreeBSD Vulnerability (FreeBSD-SA-08:10.nd6) (CVE-2008-2476)
• Missing FreeBSD Vulnerability (FreeBSD-SA-08:09.icmp6) (CVE-2008-3530)
• Missing FreeBSD Vulnerability (FreeBSD-SA-08:07.amd64) (CVE-2008-3890)
• Missing FreeBSD Vulnerability (FreeBSD-SA-08:04.ipsec) (CVE-2008-0177)
• Missing FreeBSD Vulnerability (FreeBSD-SA-07:04.file) (CVE-2007-1536)
• Missing FreeBSD Vulnerability (FreeBSD-SA-06:11.ipsec) (CVE-2006-0905)
• Missing FreeBSD Vulnerability (FreeBSD-SA-06:10.nfs) (CVE-2006-0900)
• Missing FreeBSD Vulnerability (FreeBSD-SA-06:05.80211) (CVE-2006-0226)
• Missing FreeBSD Vulnerability (FreeBSD-SA-05:16.zlib) (CVE-2005-2096)

Oracle

• Oracle Database January 2015 CPU (CVE-2014-6567, CVE-2014-6577, CVE-2015-0373, CVE-2014-6578, CVE-2014-6541, CVE-2015-0371, CVE-2014-6514, CVE-2015-0370)
• Oracle Solaris July 2014 CPU (CVE-2014-4225, CVE-2014-4215, CVE-2014-4224, CVE-2014-4239)

How to Update?

All Trustwave customers using the TrustKeeper Scan Engine receive the updates automatically as soon as an update is available. No action is required.