Rule Update
23-037 (August 29, 2023)
DESCRIPTION
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Mail Server Common
1011847 - Identified Img Over SMTP With Base64 Encoding (ATT&CK T1071.003)
Unix Samba
1011797* - Samba Out-Of-Bounds Read Information Disclosure Vulnerability (CVE-2022-32742)
Web Server Adobe ColdFusion
1011819 - Adobe ColdFusion Authentication Bypass Vulnerability (CVE-2023-29301)
1011820 - Adobe ColdFusion Improper Access Control Vulnerability (CVE-2023-29298)
Web Server HTTPS
1011788* - SNIProxy Stack Buffer Overflow Vulnerability (CVE-2023-25076)
1011842 - Zabbix Cross-Site Scripting Vulnerability (CVE-2023-29452)
Web Server Miscellaneous
1011844 - Atlassian Jira and Jira Service Desk 'Stagil Navigation Menus and Themes' Plugin Directory Traversal Vulnerability (CVE-2023-26255 and CVE-2023-26256)
1011827* - XWiki Cross-Site Scripting Vulnerability (CVE-2023-32071)
Integrity Monitoring Rules:
1011848 - Linux/Unix - Apache Web Server Root Documents Files Modified (ATT&CK T1189)
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
Mail Server Common
1011847 - Identified Img Over SMTP With Base64 Encoding (ATT&CK T1071.003)
Unix Samba
1011797* - Samba Out-Of-Bounds Read Information Disclosure Vulnerability (CVE-2022-32742)
Web Server Adobe ColdFusion
1011819 - Adobe ColdFusion Authentication Bypass Vulnerability (CVE-2023-29301)
1011820 - Adobe ColdFusion Improper Access Control Vulnerability (CVE-2023-29298)
Web Server HTTPS
1011788* - SNIProxy Stack Buffer Overflow Vulnerability (CVE-2023-25076)
1011842 - Zabbix Cross-Site Scripting Vulnerability (CVE-2023-29452)
Web Server Miscellaneous
1011844 - Atlassian Jira and Jira Service Desk 'Stagil Navigation Menus and Themes' Plugin Directory Traversal Vulnerability (CVE-2023-26255 and CVE-2023-26256)
1011827* - XWiki Cross-Site Scripting Vulnerability (CVE-2023-32071)
Integrity Monitoring Rules:
1011848 - Linux/Unix - Apache Web Server Root Documents Files Modified (ATT&CK T1189)
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.