TrustKeeper Scan Engine Update – October 15, 2014

Summary

The latest update to the TrustKeeper scan engine that powers our Trustwave Vulnerability Management product (including both internal and external vulnerability scanning) is now available. A highlight of the update is an additional check for the recently disclosed POODLE vulnerability in version 3 of the SSL protocol (CVE-2014-3566). This week's release also includes new tests for an additional 27 vulnerabilities.

New Vulnerability Test Highlights

Some of the more interesting vulnerability tests we added recently are as follows:

XAMPP

• XAMPP ADONewConnection Buffer Overflow (CVE-2007-2079)
• XAMPP Cross Site Request Forgery in xamppsecurity.php (CVE-2008-6498)
• XAMPP Cross Site Scripting Vulnerabilities in iart.php and ming.php (CVE-2008-3569)
• XAMPP Cross Site Scripting Vulnerability in phonebook.php and other pages (CVE-2005-1077)
• XAMPP Directory Traversal and Code Injection Vulnerability (CVE-2005-2043)
• XAMPP lang.tmp Arbitrary File Write Vulnerability (CVE-2013-2586)
• XAMPP Multiple SQL Injection Vulnerabilities (CVE-2007-2080)
• XAMPP Multiple Unquoted Windows Search Path Vulnerabilities (CVE-2006-4994)
• XAMPP SERVER Superglobal Variable Spoofing (CVE-2008-6499)

Microsoft .NET Framework

• Vulnerability in .NET Framework Could Allow Denial of Service (MS14-053, CVE-2014-4072)

PostgreSQL

• PostgreSQL using LOAD with plugins can shut down backend server (CVE-2009-3229)
• PostgreSQL RESET SESSION AUTHORIZATION combined with ANALYZE allows privilege escalation (CVE-2009-3230)
• PostgreSQL authentication bypass with LDAP backend (CVE-2009-3231)
• PostgreSQL denial-of-service using client-specified localized error messages (CVE-2009-0922)
• PostgreSQL ANALYZE user defined function privilege escalation (CVE-2007-6600)
• PostgreSQL TCL regular expression back reference denial-of-service (CVE-2007-4769)
• PostgreSQL DBLink function privilege escalation (CVE-2007-6601)
• PostgreSQL search_path SECURITY DEFINER privilege escalation (CVE-2007-2138)
• PostgreSQL ALTER COLUMN TYPE denial-of-service and unauthorized memory access (CVE-2007-0556)
• PostgreSQL disable data type check denial-of-service and unauthorized memory access (CVE-2007-0555)
• PostgreSQL logging of protocol messages denial-of-service (CVE-2006-5542)
• PostgreSQL aggregates in UPDATE denial-of-service (CVE-2006-5540)
• PostgreSQL SQL injection quote escape bypass (CVE-2006-2314)
• PostgreSQL invalid multibyte encoding SQL injection bypass (CVE-2006-2313)
• PostgreSQL ANYARRAY coercion denial-of-service (CVE-2006-5541)

FreeBSD

• FreeBSD mmap Local User Privilege Escalation (FreeBSD-SA-13:06.mmap) (CVE-2013-2171)

SSL Protocol

• SSLv3 Supported (CVE-2014-3566)

How to Update?

All Trustwave customers using the TrustKeeper scan engine receive the updates automatically as soon as an update is available. No action is required.