Rule Update
21-031 (July 6, 2021)
DESCRIPTION
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Directory Server LDAP
1011008* - OpenLDAP Integer Underflow Vulnerability (CVE-2020-36221)
Oracle E-Business Suite Web Interface
1010999* - Oracle E-Business Suite Denial Of Service Vulnerability (CVE-2021-2189)
1011019 - Oracle E-Business Suite Denial Of Service Vulnerability (CVE-2021-2190)
Port Mapper Windows
1001033* - Windows Port Mapper Decoder
Web Application Common
1005934* - Identified Suspicious Command Injection Attack
Web Application PHP Based
1010982* - WordPress 'wpDiscuz' Plugin Remote Code Execution Vulnerability (CVE-2020-24186)
Web Server Apache
1010997* - Apache Pulsar JSON Web Token Authentication Bypass Vulnerability Over HTTP (CVE-2021-22160)
Web Server HTTPS
1011015* - WordPress 'Poll, Survey, Questionnaire and Voting system' Plugin Blind SQL Injection Vulnerability
Windows SMB Server
1011018* - Identified DCERPC AddPrinterDriverEx Call Over SMB Protocol
Windows Services RPC Server DCERPC
1011016* - Identified DCERPC AddPrinterDriverEx Call Over TCP Protocol
Zoho ManageEngine
1011020 - Zoho ManageEngine Applications Manager Stored Cross-Site Scripting Vulnerability
1011012* - Zoho ManageEngine Applications Manager URL Monitor SQL Injection Vulnerability
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
Directory Server LDAP
1011008* - OpenLDAP Integer Underflow Vulnerability (CVE-2020-36221)
Oracle E-Business Suite Web Interface
1010999* - Oracle E-Business Suite Denial Of Service Vulnerability (CVE-2021-2189)
1011019 - Oracle E-Business Suite Denial Of Service Vulnerability (CVE-2021-2190)
Port Mapper Windows
1001033* - Windows Port Mapper Decoder
Web Application Common
1005934* - Identified Suspicious Command Injection Attack
Web Application PHP Based
1010982* - WordPress 'wpDiscuz' Plugin Remote Code Execution Vulnerability (CVE-2020-24186)
Web Server Apache
1010997* - Apache Pulsar JSON Web Token Authentication Bypass Vulnerability Over HTTP (CVE-2021-22160)
Web Server HTTPS
1011015* - WordPress 'Poll, Survey, Questionnaire and Voting system' Plugin Blind SQL Injection Vulnerability
Windows SMB Server
1011018* - Identified DCERPC AddPrinterDriverEx Call Over SMB Protocol
Windows Services RPC Server DCERPC
1011016* - Identified DCERPC AddPrinterDriverEx Call Over TCP Protocol
Zoho ManageEngine
1011020 - Zoho ManageEngine Applications Manager Stored Cross-Site Scripting Vulnerability
1011012* - Zoho ManageEngine Applications Manager URL Monitor SQL Injection Vulnerability
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.