Rule Update
20-026 (02 junho 2020)
Data de publicação: 02 junho 2020
Descrição
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
DCERPC Services
1001852* - Identified Attempt To Brute Force Windows Login Credentials (ATT&CK T1110)
Directory Server LDAP
1010301 - Samba LDAP Server Denial Of Service Vulnerability (CVE-2020-10704)
FTP Server Common
1010229* - uftpd FTP Server PORT Command Handling Stack Buffer Overflow Vulnerability (CVE-2020-5204)
1010137* - uftpd FTP Server compose_path Directory Traversal Vulnerability (CVE-2020-5221)
SSL/TLS Server
1010258* - Microsoft Windows Transport Layer Security Denial of Service Vulnerability (CVE-2020-1118) - Server
Web Application Common
1010210* - Identified Default Credentials Usage In Sonatype Nexus Repository Manager
1010222 - Jenkins Authenticated Remote Command Execution Vulnerability (CVE-2019-10392)
1010282 - Sonatype Nexus Repository Manager Java EL Injection Remote Code Execution Vulnerability (CVE-2020-10199)
Web Client HTTPS
1010290 - Microsoft Windows Transport Layer Security Denial Of Service Vulnerability (CVE-2020-1118) - Client
Web Client Internet Explorer/Edge
1010133* - Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CVE-2020-0674)
Web Proxy Squid
1010295 - Squid Proxy X.509 Certificate Cross Site Scripting Vulnerability (CVE-2018-19131)
Web Server Common
1010268* - Apache OFBiz 'serviceContext' XStream Insecure Deserialization Vulnerability (CVE-2019-0189)
1010302 - Apache OFBiz Cross-Site Request Forgery Vulnerability (CVE-2019-0235)
1000128* - HTTP Protocol Decoding
1010294* - Symantec Web Gateway Postauth Command Injection Vulnerability
Web Server Miscellaneous
1008527* - Nginx ngx_http_range_filter_module Integer Overflow Vulnerability (CVE-2017-7529)
Web Server Oracle
1010253* - Oracle WebLogic Server T3 Protocol Deserialization Of Untrusted Data Vulnerability (CVE-2020-2883)
Zoho ManageEngine DataSecurity Plus XNode server
1010297 - Zoho ManageEngine DataSecurity Plus Authentication Bypass Vulnerability (CVE-2020-11532)
1010298 - Zoho ManageEngine DataSecurity Plus Directory Traversal Vulnerability (CVE-2020-11531)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
1008670* - Microsoft Windows Security Events - 3
Deep Packet Inspection Rules:
DCERPC Services
1001852* - Identified Attempt To Brute Force Windows Login Credentials (ATT&CK T1110)
Directory Server LDAP
1010301 - Samba LDAP Server Denial Of Service Vulnerability (CVE-2020-10704)
FTP Server Common
1010229* - uftpd FTP Server PORT Command Handling Stack Buffer Overflow Vulnerability (CVE-2020-5204)
1010137* - uftpd FTP Server compose_path Directory Traversal Vulnerability (CVE-2020-5221)
SSL/TLS Server
1010258* - Microsoft Windows Transport Layer Security Denial of Service Vulnerability (CVE-2020-1118) - Server
Web Application Common
1010210* - Identified Default Credentials Usage In Sonatype Nexus Repository Manager
1010222 - Jenkins Authenticated Remote Command Execution Vulnerability (CVE-2019-10392)
1010282 - Sonatype Nexus Repository Manager Java EL Injection Remote Code Execution Vulnerability (CVE-2020-10199)
Web Client HTTPS
1010290 - Microsoft Windows Transport Layer Security Denial Of Service Vulnerability (CVE-2020-1118) - Client
Web Client Internet Explorer/Edge
1010133* - Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CVE-2020-0674)
Web Proxy Squid
1010295 - Squid Proxy X.509 Certificate Cross Site Scripting Vulnerability (CVE-2018-19131)
Web Server Common
1010268* - Apache OFBiz 'serviceContext' XStream Insecure Deserialization Vulnerability (CVE-2019-0189)
1010302 - Apache OFBiz Cross-Site Request Forgery Vulnerability (CVE-2019-0235)
1000128* - HTTP Protocol Decoding
1010294* - Symantec Web Gateway Postauth Command Injection Vulnerability
Web Server Miscellaneous
1008527* - Nginx ngx_http_range_filter_module Integer Overflow Vulnerability (CVE-2017-7529)
Web Server Oracle
1010253* - Oracle WebLogic Server T3 Protocol Deserialization Of Untrusted Data Vulnerability (CVE-2020-2883)
Zoho ManageEngine DataSecurity Plus XNode server
1010297 - Zoho ManageEngine DataSecurity Plus Authentication Bypass Vulnerability (CVE-2020-11532)
1010298 - Zoho ManageEngine DataSecurity Plus Directory Traversal Vulnerability (CVE-2020-11531)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
1008670* - Microsoft Windows Security Events - 3