TrustKeeper Scan Engine Update for December 19, 2018

Summary

The latest update to the TrustKeeper scan engine that powers our Trustwave Vulnerability Management product (including both internal and external vulnerability scanning) is now available. Enjoy!

New Vulnerability Test Highlights

Some of the more interesting vulnerability tests we added recently are as follows:

Cisco

• Cisco ASA Access Control List Bypass Vulnerability (cisco-sa-20181003-asa-acl-bypass, CSCvj91858) (CVE-2018-15398)
• Cisco ASA TCP Syslog Denial of Service Vulnerability (cisco-sa-20181003-asa-syslog-dos, CSCvh73829) (CVE-2018-15399)
• Cisco IOS Internet Key Exchange Version 1 RSA-Encrypted Nonces Vulnerability (CSCve77140) (CVE-2018-0131)

Atlassian

• Atlassian JIRA Onboarding - Getting Started Open redirect vulnerability (CVE-2018-13402)
• Atlassian JIRA System Administration - WebSudo improper access control vulnerability (CVE-2018-13400)
• Atlassian JIRA User Management - XsrfErrorAction resource Open redirect vulnerability (CVE-2018-13401)

cPanel

• cPanel Multiple Vulnerabilities (TSR-2018-0006)

Splunk

• Splunk Patch Missing (SP-CAAAN7C) (CVE-2015-6515, CVE-2015-6514)
• Splunk Patch Missing (SP-CAAANST) (CVE-2014-3566, CVE-2014-3567, CVE-2014-5466)
• Splunk Patch Missing (SP-CAAAP3K) (CVE-2017-17067)
• Splunk Patch Missing (SP-CAAAP3M) (CVE-2017-18348)
• Splunk Patch Missing (SP-CAAAP5E) (CVE-2018-11409)
• Splunk Patch Missing (SP-CAAAP5T) (CVE-2018-7429, CVE-2018-7431, CVE-2018-7432, CVE-2018-7427)
• Splunk Patch Missing (SP-CAAAPAM) (CVE-2015-7604)
• Splunk Patch Missing (SP-CAAAPN9) (CVE-2016-4858, CVE-2016-4856)
• Splunk Patch Missing (SP-CAAAPQ6) (CVE-2016-4859)
• Splunk Patch Missing (SP-CAAAPQM) (CVE-2016-4857)
• Splunk Patch Missing (SP-CAAAPSR) (CVE-2016-0772, CVE-2016-5699, CVE-2016-5636)
• Splunk Patch Missing (SP-CAAAPW8) (CVE-2017-5880)
• Splunk Patch Missing (SP-CAAAPYC) (CVE-2017-12572)
• Splunk Patch Missing (SP-CAAAPZ3) (CVE-2017-5607)
• Ubuntu Operating System Detected

FreeBSD

• FreeBSD bhyve Arbitary Code Execution Vulnerability (FreeBSD-SA-18:14.bhyve) (CVE-2018-17160)
• FreeBSD NFS Server Multiple vulnerabilities (FreeBSD-SA-18:13.nfs) (CVE-2018-17157, CVE-2018-17158, CVE-2018-17159)

Joomla

• Joomla! Core ACL Violation Vulnerability (20180803) (CVE-2018-15881)
• Joomla! Core com_contact Unauthorized Email Vulnerability (20181001) (CVE-2018-17859)
• Joomla! Core com_installer Insufficient Cross-Site Request Forgery Hardening (20181005) (CVE-2018-17858)
• Joomla! Core com_tags Access Bypass Vulnerability (20181003) (CVE-2018-17857)
• Joomla! Core Frontend Profile Stored Cross-Site Scripting Vulnerability (20180802) (CVE-2018-15880)
• Joomla! Core InputFilter PHAR File Injection Vulnerability (20180801) (CVE-2018-15882)
• Joomla! Core mailto Spam Abuse Vulnerability (CVE-2008-4103)
• Joomla! Core User Notes List View SQL Injection Vulnerability (20180301) (CVE-2018-8045)

Microsoft

• Microsoft Exchange Server Tampering Vulnerability (2018-Dec) (CVE-2018-8604)

Squid

• Squid Proxy Cache Cross Site Scripting Vulnerability (SQUID-2018:4) (CVE-2018-19131)
• Squid SNMP Rejection Denial of Service Vulnerability (SQUID-2018:5) (CVE-2018-19132)

How to Update?

All Trustwave customers using the TrustKeeper Scan Engine receive the updates automatically as soon as an update is available. No action is required.