Rule Update
19-058 (26 November 2019)
Beschreibung
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
DCERPC Services
1010025* - Microsoft Windows NTLM Tampering Vulnerability (CVE-2019-1166)
HP Intelligent Management Center (IMC)
1010042* - HPE Intelligent Management Center AMF3 Externalizable Deserialization (CVE-2019-11944)
HP Intelligent Management Center Dbman
1010022* - HPE Intelligent Management Center Information Disclosure Vulnerability (CVE-2019-5392)
Solr Service
1010063 - Apache Solr 'Velocity Template' Command Injection Vulnerability (CNVD-2019-38290)
1010038 - Apache Solr DataImportHandler Remote Code Execution Vulnerability (CVE-2019-0193)
Trend Micro OfficeScan
1010041* - Trend Micro ApexOne And OfficeScan Directory Traversal Vulnerability (CVE-2019-18189)
1010040* - Trend Micro ApexOne Command Injection Vulnerability (CVE-2019-18188)
1010039* - Trend Micro OfficeScan Directory Traversal Vulnerability (CVE-2019-18187)
Web Application Common
1005933* - Identified Directory Traversal Sequence In Uri Query Parameter
1007170* - Identified Suspicious China Chopper Webshell Communication (ATT&CK T1100)
1009496* - Microsoft Exchange Server Multiple Elevation Of Privilege Vulnerabilities
1010023* - October CMS Upload Protection Bypass Code Execution Vulnerability (CVE-2017-1000119)
1010035* - PHP EXIF Uninitialized Read Vulnerability (CVE-2019-9640)
1010037* - PHP Out Of Bounds Read Vulnerability (CVE-2018-20783)
1010036* - SDCMS Remote Code Execution Vulnerability (CVE-2018-19520)
1010046* - rConfig Remote Command Execution Vulnerability (CVE-2019-16662)
1010047* - rConfig Remote Command Execution Vulnerability (CVE-2019-16663)
Web Application PHP Based
1010065 - PHP EXIF Uninitialized Read Vulnerabilities (CVE-2019-9638 and CVE-2019-9639)
1010064 - PHP Exif Heap Buffer Overflow Vulnerability (CVE-2019-11040)
Web Client Common
1010066 - Oracle Database ODBC Driver Heap-based Buffer Overflow Remote Code Execution Vulnerability (CVE-2019-2799)
Web Server HTTPS
1010049* - Apache Traffic Server HTTP/2 Denial Of Service Vulnerability (CVE-2019-9515)
Web Server Oracle
1010045 - Oracle Event Processing Arbitrary File Upload Vulnerability (CVE-2014-2424)
Webmin
1010043* - Webmin Unauthenticated Remote Code Execution Vulnerability (CVE-2019-15107)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
DCERPC Services
1010025* - Microsoft Windows NTLM Tampering Vulnerability (CVE-2019-1166)
HP Intelligent Management Center (IMC)
1010042* - HPE Intelligent Management Center AMF3 Externalizable Deserialization (CVE-2019-11944)
HP Intelligent Management Center Dbman
1010022* - HPE Intelligent Management Center Information Disclosure Vulnerability (CVE-2019-5392)
Solr Service
1010063 - Apache Solr 'Velocity Template' Command Injection Vulnerability (CNVD-2019-38290)
1010038 - Apache Solr DataImportHandler Remote Code Execution Vulnerability (CVE-2019-0193)
Trend Micro OfficeScan
1010041* - Trend Micro ApexOne And OfficeScan Directory Traversal Vulnerability (CVE-2019-18189)
1010040* - Trend Micro ApexOne Command Injection Vulnerability (CVE-2019-18188)
1010039* - Trend Micro OfficeScan Directory Traversal Vulnerability (CVE-2019-18187)
Web Application Common
1005933* - Identified Directory Traversal Sequence In Uri Query Parameter
1007170* - Identified Suspicious China Chopper Webshell Communication (ATT&CK T1100)
1009496* - Microsoft Exchange Server Multiple Elevation Of Privilege Vulnerabilities
1010023* - October CMS Upload Protection Bypass Code Execution Vulnerability (CVE-2017-1000119)
1010035* - PHP EXIF Uninitialized Read Vulnerability (CVE-2019-9640)
1010037* - PHP Out Of Bounds Read Vulnerability (CVE-2018-20783)
1010036* - SDCMS Remote Code Execution Vulnerability (CVE-2018-19520)
1010046* - rConfig Remote Command Execution Vulnerability (CVE-2019-16662)
1010047* - rConfig Remote Command Execution Vulnerability (CVE-2019-16663)
Web Application PHP Based
1010065 - PHP EXIF Uninitialized Read Vulnerabilities (CVE-2019-9638 and CVE-2019-9639)
1010064 - PHP Exif Heap Buffer Overflow Vulnerability (CVE-2019-11040)
Web Client Common
1010066 - Oracle Database ODBC Driver Heap-based Buffer Overflow Remote Code Execution Vulnerability (CVE-2019-2799)
Web Server HTTPS
1010049* - Apache Traffic Server HTTP/2 Denial Of Service Vulnerability (CVE-2019-9515)
Web Server Oracle
1010045 - Oracle Event Processing Arbitrary File Upload Vulnerability (CVE-2014-2424)
Webmin
1010043* - Webmin Unauthenticated Remote Code Execution Vulnerability (CVE-2019-15107)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.