Rule Update
20-029 (23 giugno 2020)
Publish Date: 23 giugno 2020
Descrizione
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Directory Server LDAP
1010321* - OpenLDAP slapd Nested Filter Stack Overflow Vulnerability (CVE-2020-12243)
Docker Daemon
1010326 - Identified Docker Daemon Remote API Call
IBM WebSphere Application Server
1010343 - IBM WebSphere UploadFileArgument Deserialization Vulnerability (CVE-2020-4448)
IBM WebSphere Application Server IIOP protocol
1010348 - IBM WebSphere Application Server IIOP Deserialization Vulnerabilities (CVE-2020-4449 and CVE-2020-4450)
Oracle E-Business Suite Web Interface
1010325 - Oracle E-Business Suite Advanced Outbound Telephony Calendar Cross Site Scripting Vulnerability (CVE-2020-2852)
Suspicious Client Application Activity
1010327 - Identified Potential Malicious Client Traffic
Suspicious Server Application Activity
1010328 - Identified Potential Malicious Server Traffic
Web Application Common
1010339 - Netty HTTP Request Smuggling Vulnerability (CVE-2019-20444)
Web Application PHP Based
1010338 - PHP-Fusion Administration Banner Stored Cross-Site Scripting Vulnerability (CVE-2020-12438)
Web Client Common
1010333 - Microsoft Windows .NET Core Remote Code Execution Vulnerability (CVE-2020-0605)
Web Server Common
1010322 - Oracle Business Intelligence AMF Deserialization Remote Code Execution Vulnerability (CVE-2020-2950)
1010351 - vBulletin Improper Access Control Vulnerability (CVE-2020-12720)
Web Server Miscellaneous
1010347 - Eclipse Jetty Chunk Length Parsing Integer Overflow Vulnerability (CVE-2017-7657)
1010346 - Eclipse Jetty HTTP/0.9 Handler Request Smuggling Vulnerability (CVE-2017-7656)
Windows SMB Client
1006994* - Executable File Download On Network Share Detected
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
1002831* - Unix - Syslog
Deep Packet Inspection Rules:
Directory Server LDAP
1010321* - OpenLDAP slapd Nested Filter Stack Overflow Vulnerability (CVE-2020-12243)
Docker Daemon
1010326 - Identified Docker Daemon Remote API Call
IBM WebSphere Application Server
1010343 - IBM WebSphere UploadFileArgument Deserialization Vulnerability (CVE-2020-4448)
IBM WebSphere Application Server IIOP protocol
1010348 - IBM WebSphere Application Server IIOP Deserialization Vulnerabilities (CVE-2020-4449 and CVE-2020-4450)
Oracle E-Business Suite Web Interface
1010325 - Oracle E-Business Suite Advanced Outbound Telephony Calendar Cross Site Scripting Vulnerability (CVE-2020-2852)
Suspicious Client Application Activity
1010327 - Identified Potential Malicious Client Traffic
Suspicious Server Application Activity
1010328 - Identified Potential Malicious Server Traffic
Web Application Common
1010339 - Netty HTTP Request Smuggling Vulnerability (CVE-2019-20444)
Web Application PHP Based
1010338 - PHP-Fusion Administration Banner Stored Cross-Site Scripting Vulnerability (CVE-2020-12438)
Web Client Common
1010333 - Microsoft Windows .NET Core Remote Code Execution Vulnerability (CVE-2020-0605)
Web Server Common
1010322 - Oracle Business Intelligence AMF Deserialization Remote Code Execution Vulnerability (CVE-2020-2950)
1010351 - vBulletin Improper Access Control Vulnerability (CVE-2020-12720)
Web Server Miscellaneous
1010347 - Eclipse Jetty Chunk Length Parsing Integer Overflow Vulnerability (CVE-2017-7657)
1010346 - Eclipse Jetty HTTP/0.9 Handler Request Smuggling Vulnerability (CVE-2017-7656)
Windows SMB Client
1006994* - Executable File Download On Network Share Detected
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
1002831* - Unix - Syslog