Summary
The latest update to the TrustKeeper scan engine that powers our Trustwave Vulnerability Management product (including both internal and external vulnerability scanning) is now available. Enjoy!
New Vulnerability Test Highlights
Some of the more interesting vulnerability tests we added recently are as follows:
Atlassian Jira
VMware ESXi
Netgear
- Netgear Device Web GUI Password Recovery and Exposure (CVE-2017-5521)
Squid
- Squid HTTP Digest Authentication Information Disclosure Vulnerability (SQUID-2019:11) (CVE-2019-18679)
- Squid HTTP message processing HTTP Request Splitting Vulnerability (SQUID-2019:10) (CVE-2019-18678)
- Squid HTTP Request processing Cross-Site Request Forgery Vulnerability (SQUID-2019:9) (CVE-2019-18677)
- Squid URI processing Multiple Vulnerabilities (SQUID-2019:8) (CVE-2019-18676, CVE-2019-12523)
- Squid URN processing Heap Overflow Vulnerability (SQUID-2019:7) (CVE-2019-12526)
ISC BIND
Joomla
- Joomla com_template Cross-Site Request Forgery (20191001) (CVE-2019-18650)
- Joomla Path Disclosure in Phpuft8 Mapping Files Vulnerability (20191002) (CVE-2019-18674)
Microsoft
- Microsoft Exchange Server Remote Code Execution Vulnerability (2019-Nov) (CVE-2019-1373)
ProFTPD
Samba
- Samba AD DC Broken Password Complexity Vulnerability (CVE-2019-14833)
- Samba AD DC LDAP Server Get Changes Denial of Service Vulnerability (CVE-2019-14847)
- Samba libsmbclient Filename Input Validation Vulnerability (CVE-2019-10218)
How to Update?
All Trustwave customers using the TrustKeeper Scan Engine receive the updates automatically as soon as an update is available. No action is required.