Collaborate Disseminate
Summary The latest update to the TrustKeeper scan engine that powers our Trustwave Vulnerability Management product (including both internal and external vulnerability scanning) is now available. Enjoy! New Vulnerability Test Highlights Some of the mor… Continue reading TrustKeeper Scan Engine Update for November 02, 2016
The November Patch Tuesday is here and it’s a big one with 14 bulletins covering 68 unique CVEs. Despite the large volume of patches, this patch cycle still promises to be less painful than Election Day here in the USA….
Continue reading Microsoft Patch Tuesday, November 2016
Trustwave recently discovered a remotely exploitable issue in all current versions of “B Labs” Bopup Communications Server. The issues were discovered and confirmed to exist in version 4.5.1.12872 as detailed in the recently posted Trustwave advisory. … Continue reading Bopup Communications Server Remote Buffer Overflow Vulnerability
Trustwave recently discovered a remotely exploitable issue in all current versions of “B Labs” Bopup Communications Server. The issues were discovered and confirmed to exist in version 4.5.1.12872 as detailed in the recently posted Trustwave advisory. … Continue reading Bopup Communications Server Remote Buffer Overflow Vulnerability
This vulnerability was introduced in SAP Adaptive Server Enterprise 16.0 SP02 PL03: prior versions of 16.0 are not vulnerable. The DBCC command import_sproc is internal to the server and is not intended to be called by users. However any database…
Continue reading About SAP Adaptive Server Enterprise dbcc import_sproc SQL injection vulnerability (CVE-2016-7402)
This vulnerability was introduced in SAP Adaptive Server Enterprise 16.0 SP02 PL03: prior versions of 16.0 are not vulnerable. The DBCC command import_sproc is internal to the server and is not intended to be called by users. However any database…
Continue reading About SAP Adaptive Server Enterprise dbcc import_sproc SQL injection vulnerability (CVE-2016-7402)
This month’s update for Database Security Knowledgebase is now available. Knowledgebase version 5.06 includes new and updated checks for IBMDB2 LUW, Microsoft SQL Server and SAP (Sybase) ASE. New Vulnerability and Configuration Check Highlights IBMDB2 … Continue reading Database Security Knowledgebase Update 5.06
This month’s update for Database Security Knowledgebase is now available. Knowledgebase version 5.06 includes new and updated checks for IBMDB2 LUW, Microsoft SQL Server and SAP (Sybase) ASE. New Vulnerability and Configuration Check Highlights IBMDB2 … Continue reading Database Security Knowledgebase Update 5.06
The OWASP Core Rule Set (CRS) is an Open Source project run by the Open Web Application Security Project (OWASP) and is frequently paired with the Open Source ModSecurity project. As part of Trustwave’s commitment to ModSecurity, the Spiderlabs Web…
Continue reading OWASP ModSecurity CRS Version 3.0 RC2 Released
The OWASP Core Rule Set (CRS) is an Open Source project run by the Open Web Application Security Project (OWASP) and is frequently paired with the Open Source ModSecurity project. As part of Trustwave’s commitment to ModSecurity, the Spiderlabs Web…
Continue reading OWASP ModSecurity CRS Version 3.0 RC2 Released