TrustKeeper Scan Engine Update – March 23, 2015

The latest update to the TrustKeeper scan engine that powers our Trustwave Vulnerability Management product (including both internal and external vulnerability scanning) is now available.

This week we've added 13 new vulnerability checks, all of which are associated with the widely anticipated March 19th OpenSSL advisory.

New Vulnerability Test Highlights

Some of the more interesting vulnerability tests we added recently are as follows:

OpenSSL

• OpenSSL X509_to_X509_REQ NULL pointer deref (CVE-2015-0288)
• OpenSSL Use After Free following d2i_ECPrivatekey error (CVE-2015-0209)
• OpenSSL Handshake with unseeded PRNG (CVE-2015-0285)
• OpenSSL Empty CKE with client auth and DHE (CVE-2015-1787)
• OpenSSL DoS via reachable assert in SSLv2 servers (CVE-2015-0293)
• OpenSSL Base64 decode (CVE-2015-0292)
• OpenSSL PKCS7 NULL pointer dereferences (CVE-2015-0289)
• OpenSSL ASN.1 structure reuse memory corruption (CVE-2015-0287)
• OpenSSL Segmentation fault for invalid PSS parameters (CVE-2015-0208)
• OpenSSL Segmentation fault in ASN1_TYPE_cmp (CVE-2015-0286)
• OpenSSL Segmentation fault in DTLSv1_listen (CVE-2015-0207)
• OpenSSL Multiblock corrupted pointer (CVE-2015-0290)
• OpenSSL 1.0.2 ClientHello sigalgs DoS (CVE-2015-0291)

How to Update?

All Trustwave customers using the TrustKeeper Scan Engine receive the updates automatically as soon as an update is available. No action is required.