Software Updates

TrustKeeper Scan Engine Update for February 06, 2019

Written by | Feb 7, 2019 10:49:00 AM

New Vulnerability Test Highlights

Some of the more interesting vulnerability tests we added recently are as follows:

Apache

  • Apache HTTP Server HTTP/2 Connections Denial of Service Vulnerability (CVE-2018-17189)
  • Apache HTTP Server mod_session_cookie Session Expiry Time Vulnerability (CVE-2018-17199)
  • Apache HTTP Server mod_ssl OpenSSL Remote Denial of Service Vulnerability (CVE-2019-0190)
  • Apache Subversion mod_dav_svn Denial of Service Vulnerability (CVE-2018-11803)

Cisco

  • Cisco ASA Direct Memory Access Denial of Service Vulnerability (cisco-sa-20181003-asa-dma-dos, CSCvj89470) (CVE-2018-15383)
  • Cisco ASA IPsec VPN Denial of Service Vulnerability (cisco-sa-20181003-asa-ipsec-dos, CSCuy57310) (CVE-2018-15397)

Drupal

  • Drupal Core Arbitrary PHP Code Execution Vulnerability (SA-CORE-2019-002) (CVE-2019-6339)
  • Drupal Core Third Party Library Arbitrary File Deletion Vulnerability (SA-CORE-2019-001) (CVE-2018-1000888, CVE-2019-6338)

PhpMyAdmin

  • PhpMyAdmin Arbitrary File Read Vulnerability (PMASA-2019-1) (CVE-2019-6799)
  • PhpMyAdmin Designer feature SQL injection Vulnerability (PMASA-2019-2) (CVE-2019-6798)

Joomla

  • Joomla! Core com_config Stored Cross-Site Scripting Vulnerability (20190103) (CVE-2019-6263)
  • Joomla! Core com_contact Stored Cross-Site Scripting Vulnerability (20190102) (CVE-2019-6261)
  • Joomla! Core HelpButton.php Stored Cross-Site Scripting Vulnerability (20190104) (CVE-2019-6262)
  • Joomla! Core mod_banners Stored Cross-Site Scripting Vulnerability (20190101) (CVE-2019-6264)

MySQL

Oracle

WordPress

How to Update?

All Trustwave customers using the TrustKeeper Scan Engine receive the updates automatically as soon as an update is available. No action is required.
View full post