Rule Update

19-053 (October 22, 2019)


  DESCRIPTION

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

DCERPC Services
1010025* - Microsoft Windows NTLM Tampering Vulnerability (CVE-2019-1166)


HP Intelligent Management Center Dbman
1010022 - HPE Intelligent Management Center Information Disclosure Vulnerability (CVE-2019-5392)


Mail Server Over SSL/TLS
1010010* - Exim Remote Code Execution Vulnerability (CVE-2019-16928)


Redis Server
1009967* - Redis Unauthenticated Code Execution Vulnerability


SolarWinds Dameware Mini Remote Control
1009999* - SolarWinds DameWare Mini Remote Control CltDHPubKeyLen Out Of Bounds Read Vulnerability (CVE-2019-3956)
1010005* - SolarWinds DameWare Mini Remote Control RsaSignatureLen Out Of Bounds Read Vulnerability (CVE-2019-3957)


Web Application Common
1010023 - October CMS Upload Protection Bypass Code Execution Vulnerability (CVE-2017-1000119)
1010035 - PHP EXIF Uninitialized Read Vulnerability (CVE-2019-9640)


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.