The past couple weeks have been a blur for our entire team as we've been heads down on cranking out vulnerabilities for the TrustKeeper Scan Engine. In fact, we ended up breaking a new internal record for sheer number of vulnerabilities in a single update this week. This is probably somewhat related to having more researchers than we've ever had producing vulnerability checks (*cough* Thanks c7five! *cough*), but we'll take our prize proudly knowing that we'll be helping you find more and more vulnerabilities on your network(s).
Besides new vulnerabilities, this update also includes a number of bug fixes and improvements to evidence for existing vulnerability tests.
New Vulnerability Test Highlights
Some of the more interesting vulnerability tests we added recently are as follows:
Cisco
* Cisco IOS Access Restriction Bypass via HTTP Interface (CVE-2012-0384)
* Cisco IOS Software Internet Key Exchange (IKE) Denial of Service Vulnerability (CVE-2012-0381)
* Cisco IOS Software MSDP-peered Router Denial of Service Vulnerability (CVE-2012-0382)
ISC Bind
* ISC BIND Heavy DNSSEC Validation Load Can Cause a Bad Cache Assertion Failure (CVE-2012-3817)
* ISC BIND High TCP Query Load Can Trigger a Memory Leak Vulnerability (CVE-2012-3868)
Microsoft Windows
* Microsoft Windows and Messages Vulnerability (MS12-034) (CVE-2012-0180)
* Microsoft Windows Object Packager Insecure Executable Launching Vulnerability (MS12-002) (CVE-2012-0009)
* Microsoft Windows Ancillary Function Driver Multiple Vulnerabilities (MS12-009) (CVE-2012-0148, CVE-2012-0149)
* Microsoft Windows Shell Command Injection Vulnerability (MS12-048) (CVE-2012-0175)
* Microsoft Windows TLS Protocol Vulnerability (MS12-049) (CVE-2012-1870)
* Microsoft Windows Kernel-Mode Drivers Privilege Escalation Vulnerabilities (MS12-047) (CVE-2012-1890, CVE-2012-1893)
Novell
* Novell Groupwise Directory Traversal Vulnerability in User.interface Parameter (CVE-2012-0410)
OpenSSL
* OpenSSL Invalid GOST parameters DoS Vulnerability (CVE-2012-0027)
Oracle
* Oracle Database July 2012 Security Update For Multiple Vulnerabilities (CVE-2012-1737, CVE-2012-1745, CVE-2012-1746, CVE-2012-1747, CVE-2012-3134)
* Oracle Application Server July 2012 Security Update For Multiple Vulnerabilities (CVE-2011-3368, CVE-2011-4317, CVE-2012-1741)
* Oracle July 2012 Security Update For GlassFish Enterprise Server (CVE-2011-4358)
* Oracle July 2012 Security Update For Java System Web Server (CVE-2012-1738)
PHP
* PHP Overflow Vulnerability in php stream scandir (CVE-2012-2688)
* PHP SQLite Extension "open basedir" Bypass Vulnerability (CVE-2012-3365)
How to Update?
All Trustwave customers using the TrustKeeper Scan Engine receive the updates "auto-magically" as soon as an update is available. No action is required.
