ruleUpdate
23-046 (24 octobre 2023)
Publish Date: 24 octobre 2023
Description
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Ivanti Avalanche
1011871 - Ivanti Avalanche XML External Entity Processing Vulnerability (CVE-2023-32567)
Port Mapper Windows
1001033* - Windows Port Mapper Decoder
Unix Samba
1011796* - Linux Kernel KSMBD Denial of Service Vulnerability (CVE-2023-32247)
Web Server HTTPS
1011876 - Progress WS_FTP Server Insecure Deserialization Vulnerability (CVE-2023-40044)
Windows Services RPC Server DCERPC
1010539* - Identified NTLM Brute Force Attempt (ZeroLogon) (CVE-2020-1472)
1010519* - Netlogon Elevation Of Privilege Vulnerability (Zerologon) (CVE-2020-1472)
Zoho ManageEngine AssetExplorer_SupportCenter Plus_ADManager Plus
1011879 - Zoho ManageEngine ADManager Plus Directory Traversal Vulnerability (CVE-2023-39912)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
Ivanti Avalanche
1011871 - Ivanti Avalanche XML External Entity Processing Vulnerability (CVE-2023-32567)
Port Mapper Windows
1001033* - Windows Port Mapper Decoder
Unix Samba
1011796* - Linux Kernel KSMBD Denial of Service Vulnerability (CVE-2023-32247)
Web Server HTTPS
1011876 - Progress WS_FTP Server Insecure Deserialization Vulnerability (CVE-2023-40044)
Windows Services RPC Server DCERPC
1010539* - Identified NTLM Brute Force Attempt (ZeroLogon) (CVE-2020-1472)
1010519* - Netlogon Elevation Of Privilege Vulnerability (Zerologon) (CVE-2020-1472)
Zoho ManageEngine AssetExplorer_SupportCenter Plus_ADManager Plus
1011879 - Zoho ManageEngine ADManager Plus Directory Traversal Vulnerability (CVE-2023-39912)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.