TrustKeeper Scan Engine Update for June 05, 2020

Summary

The latest update to the TrustKeeper scan engine that powers our Trustwave Vulnerability Management product (including both internal and external vulnerability scanning) is now available. Enjoy!

New Vulnerability Test Highlights

Some of the more interesting vulnerability tests we added recently are as follows:

Apache

• Apache Tomcat session persistence Remote Code Execution Vulnerability (CVE-2020-9484)

ClamAV

• Ubuntu ClamAV vulnerabilities (USN-4370-1) (CVE-2020-3327, CVE-2020-3341)

cPanel

• cPanel Multiple Vulnerabilities (TSR-2020-0002) (CVE-2020-12784, CVE-2020-12785)

Drupal

• Drupal drupal_goto function Open Redirect Vulnerability(SA-CORE-2020-003)
• Drupal jQuery dom manipulation Cross Site Scripting Vulnerability(SA-CORE-2020-002) (CVE-2020-11023, CVE-2020-11022)

ESXi

• Missing VMware ESXi Patches (VMSA-2020-0008) (CVE-2020-3955)

Exim

• Exim deliver.c Improper Validation Vulnerability (Sandworm) (CVE-2019-10149)

Fortinet

• Fortinet FortiOS Detected
• Fortinet FortiOS SSL VPN Path Traversal (CVE-2018-13379)

FreeBSD

• FreeBSD cryptodev Denial of Service Vulnerability (FreeBSD-SA-20:16.cryptodev) (CVE-2019-15880)
• FreeBSD cryptodev Use-after-free Vulnerability (FreeBSD-SA-20:15.cryptodev) (CVE-2019-15879)
• FreeBSD Kernel SCTP-AUTH Use-after-free Vulnerability (FreeBSD-SA-20:14.sctp) (CVE-2019-15878)
• FreeBSD libalias Insufficient Validation Vulnerability (FreeBSD-SA-20:12.libalias) (CVE-2020-7454)
• FreeBSD libalias Memory Disclosure Vulnerability (FreeBSD-SA-20:13.libalias) (CVE-2020-7455)

ISC

• ISC BIND DNS Graph Fetch Limit Vulnerability (NXNSAttack) (CVE-2020-8616)
• ISC BIND tsig.c Crafted Message Vulnerability (CVE-2020-8617)

jQuery

• JQuery load method Cross Site Scripting Vulnerability (CVE-2020-7656)

MongoDB

• MongoDB RoleGraph IP Source Address Protection Bypass (CVE-2020-7921)

NTP

• NTP ntpd mode 3/5 broadcast Denial Of Service Vulnerability (CVE-2018-8956)

OpenVPN

• OpenVPN Illegal Client Float (CVE-2020-11810)

PHP

• PHP rfc1867.c File Upload Denial-of-Service Vulnerability (CVE-2019-11048)

PostgreSQL

• PostgreSQL Windows Installer Arbitrary Code Execution Vulnerability (CVE-2020-10733)

Red Hat Enterprise Linux

• Red Hat Enterprise Linux .NET Core security update (RHSA-2020:2143) (CVE-2020-1108)
• Red Hat Enterprise Linux buildah security and bug fix update (RHSA-2020:2116) (CVE-2020-1702, CVE-2020-10696)
• Red Hat Enterprise Linux chromium-browser security update (RHSA-2020:2064) (CVE-2020-6464, CVE-2020-6831)
• Red Hat Enterprise Linux dotnet3.1 security update (RHSA-2020:2250) (CVE-2020-1108, CVE-2020-1161)
• Red Hat Enterprise Linux java-1.7.1-ibm security update (RHSA-2020:2236) (CVE-2020-2654, CVE-2020-2756, CVE-2020-2757, CVE-2020-2781, CVE-2020-2800, CVE-2020-2803, CVE-2020-2805, CVE-2020-2830)
• Red Hat Enterprise Linux java-1.7.1-ibm security update (RHSA-2020:2238) (CVE-2020-2654, CVE-2020-2756, CVE-2020-2757, CVE-2020-2781, CVE-2020-2800, CVE-2020-2803, CVE-2020-2805, CVE-2020-2830)
• Red Hat Enterprise Linux java-1.8.0-ibm security update (RHSA-2020:2237) (CVE-2019-2949, CVE-2020-2654, CVE-2020-2754, CVE-2020-2755, CVE-2020-2756, CVE-2020-2757, CVE-2020-2781, CVE-2020-2800, CVE-2020-2803, CVE-2020-2805, CVE-2020-2830)
• Red Hat Enterprise Linux java-1.8.0-ibm security update (RHSA-2020:2239) (CVE-2019-2949, CVE-2020-2654, CVE-2020-2754, CVE-2020-2755, CVE-2020-2756, CVE-2020-2757, CVE-2020-2781, CVE-2020-2800, CVE-2020-2803, CVE-2020-2805, CVE-2020-2830)
• Red Hat Enterprise Linux java-1.8.0-ibm security update (RHSA-2020:2241) (CVE-2019-2949, CVE-2020-2654, CVE-2020-2754, CVE-2020-2755, CVE-2020-2756, CVE-2020-2757, CVE-2020-2781, CVE-2020-2800, CVE-2020-2803, CVE-2020-2805, CVE-2020-2830)
• Red Hat Enterprise Linux kernel security and bug fix update (RHSA-2020:2082) (CVE-2017-18595, CVE-2019-19768, CVE-2020-10711)
• Red Hat Enterprise Linux kernel security and bug fix update (RHSA-2020:2102) (CVE-2020-2732, CVE-2020-10711, CVE-2020-11884)
• Red Hat Enterprise Linux kernel security update (RHSA-2020:2103) (CVE-2020-10711)
• Red Hat Enterprise Linux kpatch-patch security update (RHSA-2020:2125) (CVE-2020-10711)
• Red Hat Enterprise Linux libreswan security update (RHSA-2020:2070) (CVE-2020-1763)
• Red Hat Enterprise Linux podman security update (RHSA-2020:2117) (CVE-2020-8945, CVE-2020-10696)
• Red Hat Enterprise Linux python-pip security update (RHSA-2020:2068) (CVE-2018-18074, CVE-2018-20060, CVE-2019-11236, CVE-2019-11324)
• Red Hat Enterprise Linux python-virtualenv security update (RHSA-2020:2081) (CVE-2018-18074, CVE-2018-20060, CVE-2019-11236)

Ubuntu

• Ubuntu APT vulnerability (USN-4359-1) (CVE-2020-3810)
• Ubuntu Bind vulnerabilities (USN-4365-1) (CVE-2020-8616, CVE-2020-8617)
• Ubuntu Dovecot vulnerabilities (USN-4361-1) (CVE-2020-10957, CVE-2020-10958, CVE-2020-10967)
• Ubuntu DPDK vulnerabilities (USN-4362-1) (CVE-2020-10722, CVE-2020-10723, CVE-2020-10724, CVE-2020-10725, CVE-2020-10726)
• Ubuntu Exim vulnerability (USN-4366-1) (CVE-2020-12783)
• Ubuntu file regression (USN-3911-2) (CVE-2019-8904, CVE-2019-8905, CVE-2019-8906, CVE-2019-8907)
• Ubuntu Firefox regression (USN-4353-2) (CVE-2020-12387, CVE-2020-12390, CVE-2020-12391, CVE-2020-12392, CVE-2020-12394, CVE-2020-12395, CVE-2020-12396, CVE-2020-6831)
• Ubuntu IPRoute vulnerability (USN-4357-1) (CVE-2019-20795)
• Ubuntu json-c regression (USN-4360-2) (CVE-2020-12762)
• Ubuntu json-c vulnerability (USN-4360-1) (CVE-2020-12762)
• Ubuntu libexif vulnerabilities (USN-4358-1) (CVE-2018-20030, CVE-2020-12767)
• Ubuntu libvirt vulnerabilities (USN-4371-1) (CVE-2020-10703, CVE-2020-12430)
• Ubuntu Linux kernel vulnerabilities (USN-4363-1) (CVE-2020-11494, CVE-2020-11565, CVE-2020-11669, CVE-2020-12657)
• Ubuntu Linux kernel vulnerabilities (USN-4364-1) (CVE-2019-19060, CVE-2020-10942, CVE-2020-11494, CVE-2020-11565, CVE-2020-11608, CVE-2020-11609, CVE-2020-11668)
• Ubuntu Linux kernel vulnerabilities (USN-4367-1) (CVE-2019-19377, CVE-2020-11565, CVE-2020-12657, CVE-2020-12826)
• Ubuntu Linux kernel vulnerabilities (USN-4368-1) (CVE-2019-19769, CVE-2020-11494, CVE-2020-11565, CVE-2020-11608, CVE-2020-11609, CVE-2020-11668, CVE-2020-11669, CVE-2020-12657)
• Ubuntu Linux kernel vulnerabilities (USN-4369-1) (CVE-2019-19377, CVE-2019-19769, CVE-2020-11494, CVE-2020-11565, CVE-2020-11608, CVE-2020-11609, CVE-2020-11668, CVE-2020-12657, CVE-2020-12826)
• Ubuntu PulseAudio vulnerability (USN-4355-1) (CVE-2020-11931)
• Ubuntu QEMU vulnerabilities (USN-4372-1) (CVE-2019-15034, CVE-2019-20382, CVE-2020-10702, CVE-2020-11869, CVE-2020-1983)
• Ubuntu Squid vulnerabilities (USN-4356-1) (CVE-2019-12519, CVE-2019-12521, CVE-2019-18860, CVE-2020-11945)
• Ubuntu Thunderbird vulnerabilities (USN-4373-1) (CVE-2020-12387, CVE-2020-12392, CVE-2020-12395, CVE-2020-12397, CVE-2020-6831)

How to Update?

All Trustwave customers using the TrustKeeper Scan Engine receive the updates automatically as soon as an update is available. No action is required.