Rule Update
20-054 (27 ottobre 2020)
Publish Date: 27 ottobre 2020
Descrizione
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Asterisk Manager Interface
1010300* - Identified Asterisk 'Originate' Action With 'Originate' Application System Command Execution
DNS Server
1010577 - ISC BIND TSIG Authentication Bypass Vulnerability (CVE-2017-3143)
Microsoft Office
1010526 - Microsoft Excel Remote Code Execution Vulnerability (CVE-2020-1594)
Web Application Common
1010543 - GNUBoard 'ajax.autosave.php' SQL Injection Vulnerability (CVE-2014-2339)
1010542 - GNUBoard 'tb.php' SQL Injection Vulnerability (CVE-2011-4066)
1010545 - GNUBoard Local File Inclusion Vulnerability (EDB-ID-7927)
1010546 - GNUBoard Local/Remote File Inclusion Vulnerability (CVE-2009-0290)
1010547 - GNUBoard Remote Code Execution Vulnerability (KVE-2018-0449 and KVE-2018-0441)
1010544 - GNUBoard SQL Injection Vulnerability (EDB-ID-7927)
1010557* - Yaws Web Server Command Injection Vulnerability (CVE-2020-24916)
Web Application PHP Based
1009544* - WordPress Image Remote Code Execution Vulnerability (CVE-2019-8942)
Web Client Common
1010583 - Google Chrome CSP Bypass Vulnerability (CVE-2020-6519)
1010584 - Google Chrome FreeType Font File Buffer Overflow Vulnerability (CVE-2020-15999)
1010574 - Google Chrome Heap Corruption Vulnerability (CVE-2020-6514)
1010576 - Google Chrome Type Confusion Vulnerability (CVE-2020-6468)
1009483* - Linux APT Remote Code Execution Vulnerability (CVE-2019-3462)
Web Server Common
1010578 - MobileIron MDM Remote Code Execution Vulnerability (CVE-2020-15505)
1010560 - Yaws Web Server XML External Entity Injection Vulnerability (CVE-2020-24379)
Web Server Oracle
1010253* - Oracle WebLogic Server T3 Protocol Deserialization Of Untrusted Data Vulnerability (CVE-2020-2883)
Web Server SharePoint
1010573* - Microsoft SharePoint Server Remote Code Execution Vulnerability (CVE-2020-16952)
Zoho ManageEngine
1010563 - Zoho ManageEngine Applications Manager Arbitrary File Upload Vulnerability (CVE-2020-14008)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
Asterisk Manager Interface
1010300* - Identified Asterisk 'Originate' Action With 'Originate' Application System Command Execution
DNS Server
1010577 - ISC BIND TSIG Authentication Bypass Vulnerability (CVE-2017-3143)
Microsoft Office
1010526 - Microsoft Excel Remote Code Execution Vulnerability (CVE-2020-1594)
Web Application Common
1010543 - GNUBoard 'ajax.autosave.php' SQL Injection Vulnerability (CVE-2014-2339)
1010542 - GNUBoard 'tb.php' SQL Injection Vulnerability (CVE-2011-4066)
1010545 - GNUBoard Local File Inclusion Vulnerability (EDB-ID-7927)
1010546 - GNUBoard Local/Remote File Inclusion Vulnerability (CVE-2009-0290)
1010547 - GNUBoard Remote Code Execution Vulnerability (KVE-2018-0449 and KVE-2018-0441)
1010544 - GNUBoard SQL Injection Vulnerability (EDB-ID-7927)
1010557* - Yaws Web Server Command Injection Vulnerability (CVE-2020-24916)
Web Application PHP Based
1009544* - WordPress Image Remote Code Execution Vulnerability (CVE-2019-8942)
Web Client Common
1010583 - Google Chrome CSP Bypass Vulnerability (CVE-2020-6519)
1010584 - Google Chrome FreeType Font File Buffer Overflow Vulnerability (CVE-2020-15999)
1010574 - Google Chrome Heap Corruption Vulnerability (CVE-2020-6514)
1010576 - Google Chrome Type Confusion Vulnerability (CVE-2020-6468)
1009483* - Linux APT Remote Code Execution Vulnerability (CVE-2019-3462)
Web Server Common
1010578 - MobileIron MDM Remote Code Execution Vulnerability (CVE-2020-15505)
1010560 - Yaws Web Server XML External Entity Injection Vulnerability (CVE-2020-24379)
Web Server Oracle
1010253* - Oracle WebLogic Server T3 Protocol Deserialization Of Untrusted Data Vulnerability (CVE-2020-2883)
Web Server SharePoint
1010573* - Microsoft SharePoint Server Remote Code Execution Vulnerability (CVE-2020-16952)
Zoho ManageEngine
1010563 - Zoho ManageEngine Applications Manager Arbitrary File Upload Vulnerability (CVE-2020-14008)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.