Software Updates

TrustKeeper Scan Engine Update for December 16, 2021

Written by | Dec 16, 2021 1:52:00 PM

Summary

The latest update to the TrustKeeper scan engine that powers our Trustwave Vulnerability Management product (including both internal and external vulnerability scanning) is now available. Enjoy!

New Vulnerability Test Highlights

  • Log4shell vulnerability detection active check.
  • Credentialed checks detecting Log4J2 on CentOS, Debian, Fedora, FreeBSD, RedHat and Ubuntu.

Some of the more interesting vulnerability tests we added recently are as follows:

Apache

  • Apache Log4J2 Remote Code Execution Active Check (CVE-2021-44228) (CVE-2021-44228)

CentOS Linux (Credentialed Checks)

  • Apache Log4J2 Remote Code Execution RedHat (CVE-2021-44228) (CVE-2021-44228)

CentOS Linux (Credentialed Checks)

Debian Linux (Credentialed Checks)

Fedora (Credentialed Checks)

VMWare

FreeBSD

  • Apache Log4J2 Remote Code Execution FreeBSD (CVE-2021-44228) (CVE-2021-44228)
  • FreeBSD mailman Security Update (0d6efbe3-52d9-11ec-9472-e3667ed6088e) (CVE-2021-44227)
  • FreeBSD NSS Security Update (47695a9c-5377-11ec-8be6-d4c9ef517024) (CVE-2021-43527)
  • FreeBSD py-matrix-synapse Security Update (27aa2253-4c72-11ec-b6b9-e86a64caca56) (CVE-2021-41281)
  • FreeBSD rubygem-cgi Security Update (2c6af5c3-4d36-11ec-a539-0800270512f4) (CVE-2021-41816)
  • FreeBSD rubygem-cgi Security Update (4548ec97-4d38-11ec-a539-0800270512f4) (CVE-2021-41819)

Ubuntu (Credentialed Checks)

How to Update?

All Trustwave customers using the TrustKeeper Scan Engine receive the updates automatically as soon as an update is available. No action is required.