Rule Update

21-021 (May 4, 2021)


  DESCRIPTION

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

DCERPC Services
1010532 - Identified Remote Operating System Discovery Over SMB Via Nmap Scripting Engine


Directory Server LDAP
1010895* - OpenLDAP Slapd CancelRequest Denial Of Service Vulnerability (CVE-2020-36227)


Netatalk DSI
1010921 - Netatalk Out-of-Bounds Write Remote Code Execution Vulnerability (CVE-2018-1160)


Web Application Common
1010918* - Nagios XI Remote Code Execution Vulnerability (CVE-2020-35578)


Web Application PHP Based
1010931 - GetSimple CMS Cross Site Scripting Vulnerability (CVE-2020-23839)


Web Client Common
1010765* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB21-09) - 2
1010906 - LibTIFF Tiff2pdf Converter Out Of Bounds Read Vulnerability
1010932 - XStream Library Arbitrary Code Execution Vulnerability (CVE-2021-21344)
1010929 - XStream Library Arbitrary Code Execution Vulnerability (CVE-2021-21346)
1010933 - XStream Library Arbitrary Code Execution Vulnerability (CVE-2021-21347)
1010923 - XStream Library Arbitrary Code Execution Vulnerability (CVE-2021-21350)
1010920 - XStream Library Arbitrary File Deletion Vulnerability (CVE-2020-26259)
1010936 - XStream Library Arbitrary File Deletion Vulnerability (CVE-2021-21343)
1010938 - XStream Library Denial Of Service Vulnerability (CVE-2021-21341)
1010930 - XStream Library Remote Command Execution Vulnerability (CVE-2021-21345)
1010937 - XStream Library SSRF Vulnerability (CVE-2021-21342)
1010939 - XStream Library SSRF Vulnerability (CVE-2021-21349)


Web Server Common
1010890 - HPE Systems Insight Manager AMF Deserialization of Untrusted Data Vulnerability (CVE-2020-7200)


Web Server Miscellaneous
1010916* - Atlassian Jira Information Disclosure Vulnerability (CVE-2019-3403)
1010893* - Jenkins 'Repository Connector' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2021-21618)
1008763* - Red Hat JBoss Application Server 'doFilter' Insecure Deserialization Vulnerability (CVE-2017-12149)


Web Server Oracle
1010926 - Oracle WebLogic Server T3 Protocol Deserialization of Untrusted Data Vulnerability (CVE-2021-2211)


Zoho ManageEngine
1010903* - Zoho ManageEngine Applications Manager Custom Monitor Type SQL Injection Vulnerability


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.