SpiderLabs Blog

Trustkeeper Scan Engine Update - May 21, 2014

Written by Donovan Lampa | May 21, 2014 2:20:00 PM

We're back to bring you a large Scan Engine update. We've packed this release with tons of new vulnerabilities as well as some huge improvements to our servce protocol discovery engine. Increased coverage and faster scans--what could be better?

 

New Vulnerability Test Highlights

Some of the more interesting vulnerability tests we added recently are as follows:

Apache

  • Apache HTTP Server mod_dav Denial of Service Vulnerability (CVE-2013-6438)
  • Apache HTTP Server mod_dav Denial of Service Vulnerability (CVE-2013-6438)
  • Apache Tomcat Chunked Transfer Coding Denial of Service Vulnerability (CVE-2013-4322)
  • Apache Tomcat disableURLRewriting Bypass Vulnerability (CVE-2014-0033)
  • Apache Tomcat HTTP Header Parsing Vulnerability (CVE-2013-4286)
  • Apache Tomcat Internals Information Disclosure Vulnerability (CVE-2014-4590)

Cisco

  • Cisco ASA Clientless SSL VPN Rewriter Denial of Service Vulnerability (CSCui51199) (CVE-2013-5551)
  • Cisco ASA CX Safe Search Policy Bypass Vulnerability (CSCui94622) (CVE-2013-5561)
  • Cisco ASA IPv6 NAT Denial of Service Vulnerability (CSCue34342) (CVE-2013-5560)
  • Cisco ASA Management Connections Denial of Service Vulnerability (CSCug33233) (CVE-2013-6707)
  • Cisco ASA Phone Proxy Database Entry Manipulation Vulnerability (CSCui33299) (CVE-2013-6682)
  • Cisco ASA RADIUS Change of Authorization Message Replay Vulnerability (CSCuj45332) (CVE-2014-0655)
  • Cisco ASA VPN Denial of Service Vulnerability (CSCua91108) (CVE-2013-5544)
  • Cisco ASA VPN Tunnel Privilege Escalation Vulnerability (CSCuf85295) (CVE-2013-1215)
  • Cisco Catalyst Privilege Escalation Vulnerability (CVE-2013-5522)
  • Cisco IOS 10 GigE Denial of Service Vulnerability (CSCug84789) (CVE-2014-2107)
  • Cisco IOS and Cisco IOS XE Session Initiation Protocol DoS Vulnerability (CVE-2014-2106)
  • Cisco IOS IPSec MTU Vulnerability (CSCul29918) (CVE-2013-6694)
  • Cisco IOS IPSec Replay Vulnerability (CVE-2013-5548)
  • Cisco IOS Malformed IKEv2 Packet Denial of Service (CSCui88426) (CVE-2014-2108)
  • Cisco IOS Malformed IPv6 Packet Denial of Service (CSCui59540) (CVE-2014-2113)
  • Cisco IOS Software High Priority Queue Denial of Service Vulnerability (CVE-2014-2131)
  • Cisco IOS Software IKE Main Mode Vulnerability (CVE-2014-2143)
  • Cisco IOS Software NAT DNS Vulnerability (CVE-2014-2111)
  • Cisco IOS Software Sup2T Denial of Service Vulnerability (CVE-2014-2124)
  • Cisco IOS Software TCP Input Vulnerability (CVE-2014-2109)
  • Cisco IOS SSL VPN Denial of Service Vulnerability (CSCuf51357) (CVE-2014-2112)

FreeBSD

  • FreeBSD Deadlock in NFS Server Vulnerability (FreeBSD-SA-14:05.nfsserver) (CVE-2014-1453)
  • FreeBSD devfs Restriction Bypass Vulnerability (FreeBSD-SA-14:07.devfs) (CVE-2014-3001)
  • FreeBSD SNMP Denial of Service Vulnerability (CVE-2014-1452)
  • FreeBSD TCP Reassembly Vulnerability (FreeBSD-SA-14:08.tcp) (CVE-2014-3000)

Generic

  • Potential Sensitive Credit Card Information Detected

ISC

  • ISC Bind in FreeBSD DNSSEC NSEC-3 Denial of Service Vulnerability (CVE-2014-0591)
  • ISC BIND NSEC3 Signing Feature Denial Of Service Vulnerability (CVE-2014-0591)

Jira

  • JIRA Path traversal in Importers plugin (CVE-2014-2313)
  • JIRA Path traversal in Issue Collector plugin (CVE-2014-2314)
  • JIRA Web Interface Unspecified Remote Privilege Escalation

Juniper

  • Juniper Netscreen Cross-Site Scripting vulnerability in Antivirus HTTP Engine
  • Juniper Netscreen Default Credentials Discovered
  • Juniper Netscreen ScreenOS Link State Advertisement Denial of Service (CVE-2013-7313, CVE-2013-0149)
  • Juniper Netscreen ScreenOS Ping of Death Denial of Service (CVE-2013-6958)
  • Juniper Netscreen ScreenOS SSL TLS Denial of Service (CVE-2014-2842)

Lighttpd

  • Lighttpd Multiple Directory Traversal Vulnerabilities (CVE-2014-2324)

MySQL

  • Lighttpd SQL Injection Vulnerability in mod_mysql_vhost.c (CVE-2014-2323)

OpenSSH

  • nginx Heap Memory Buffer Overflow Vulnerability (CVE-2014-0133)
  • Open Redirect Vulnerability
  • OpenSSH schnorr.c hash_buffer Function Unspecified Memory Corruption Remote DoS (CVE-2014-1692)
  • OpenSSH Wildcards on AcceptEnv Vulnerability (CVE-2014-2532)

OpenSSL

  • OpenSSL Montgomery Ladder Side Channeling Vulnerability (CVE-2014-0076)

Oracle

PHP

  • PHP gdImageCreateFromXpm() Crafted Color Table Denial of Service Vulnerability (CVE-2014-2497)
  • PHP gdImageCreateFromXpm() Denial of Service Vulnerability (CVE-2013-7327)
  • PHP gdImageCrop() Denial of Service Vulnerability (CVE-2013-7328)
  • PHP gdImageCrop() Integer Underflow Vulnerability (CVE-2013-7226)
  • PHP imagecrop() Heap Overflow Vulnerability (CVE-2014-2020)

PostgreSQL

Ruby on Rails

  • Ruby on Rails Cross-Site Scripting Vulnerabilties in number_helper (CVE-2014-0081)
  • Ruby on Rails Denial of Service Vulnerability in Action View (CVE-2014-0082)
  • Ruby on Rails Directory Traversal in implicit-render Implementation (CVE-2014-0130)
  • Ruby on Rails SQL Injection Vulnerability in Active Record cast (CVE-2014-0080)
  • Ruby on Rails XSS Vulnerability in simple_format helper (CVE-2013-6416)

Samba

Webmin

  • Webmin Cross-site Scripting Vulnerability in show.cgi (CVE-2014-0339)

How to Update?

All Trustwave customers using the TrustKeeper Scan Engine receive the updates automatically as soon as an update is available. No action is required.