ruleUpdate
20-024 (19 de maja de 2020)
Publish Date: 19 de maja de 2020
DESCRIPTION
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
OpenSSL
1010280 - OpenSSL SSL_check_chain NULL Pointer Dereference Vulnerability (CVE-2020-1967) - Server
Oracle E-Business Suite Web Interface
1010251* - Oracle E-Business Suite Human Resources SQL Injection Vulnerability (CVE-2020-2882 and CVE-2020-2956)
SSL/TLS Server
1010258* - Microsoft Windows Transport Layer Security Denial of Service Vulnerability (CVE-2020-1118) - Server
SolarWinds Dameware Mini Remote Control
1010269 - SolarWinds DameWare 'SigPubkeyLen' Heap Buffer Overflow Vulnerability (CVE-2020-5734)
Telnet Server
1010241* - netkit telnetd Buffer Overflow Vulnerability (CVE-2020-10188)
Trend Micro OfficeScan
1010181* - Trend Micro Apex One And OfficeScan Server Directory Traversal Vulnerability (CVE-2020-8599)
Web Application Common
1010260 - Electron nodeIntegration Security Bypass Remote Code Execution Vulnerability (CVE-2018-1000136)
Web Application PHP Based
1010236* - PHP 'php_wddx_process_data' Function Illegal Memory Access Vulnerability (CVE-2016-7129)
1010247* - PHP 'simplestring_addn' Function Out Of Bounds Write Vulnerability (CVE-2016-6296)
1010250* - PHP 'spl_ptr_heap_insert' Function Use After Free Vulnerability (CVE-2015-4116)
1010246* - PHP WDDX Deserialization Use After Free Vulnerability (CVE-2016-3141)
1010281 - Rank Math Wordpress SEO Plugin 'updateMeta' Privilege Escalation Vulnerability (CVE-2020-11514)
Web Client Common
1010193* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB20-13)
1010279 - Microsoft Graphics Component Information Disclosure Vulnerability (CVE-2020-0987)
1010273 - Microsoft Windows Jet Database Engine Remote Code Execution Vulnerability (CVE-2020-1051)
1010274 - Microsoft Windows Jet Database Engine Remote Code Execution Vulnerability (CVE-2020-1174)
1010278 - Microsoft Windows Jet Database Engine Remote Code Execution Vulnerability (CVE-2020-1175)
1010276 - Microsoft Windows Jet Database Engine Remote Code Execution Vulnerability (CVE-2020-1176)
1010271 - Microsoft Windows Media Foundation Memory Corruption Vulnerabilities (CVE-2020-1028 and CVE-2020-1126)
1010272 - Microsoft Windows Media Foundation Memory Corruption Vulnerability (CVE-2020-1150)
1010207* - Microsoft Windows Multiple Type1 Font Parsing Remote Code Execution Vulnerabilities (CVE-2020-1020 and CVE-2020-0938)
Web Client Internet Explorer/Edge
1010270 - Microsoft Edge PDF Remote Code Execution Vulnerability (CVE-2020-1096)
1010254* - Microsoft Internet Explorer JScript Remote Code Execution Vulnerability (CVE-2020-1062)
Web Server Common
1010235* - Cisco Data Center Network Manager 'createLanFabric' Command Injection Vulnerability (CVE-2019-15978)
1010243* - Cisco Data Center Network Manager 'importTS' Command Injection Vulnerability (CVE-2019-15979)
1010169* - Cisco Data Center Network Manager REST API Authentication Bypass Vulnerability (CVE-2019-15975)
1010173* - Cisco Data Center Network Manager REST API SQL Injection Vulnerability (CVE-2019-15984)
1010264 - dotCMS CMSFilter Improper Access Control RCE Vulnerability (CVE-2020-6754)
Web Server Oracle
1010242* - Oracle WebLogic Server Insecure Deserialization Vulnerability (CVE-2020-2798)
1010253* - Oracle WebLogic Server T3 Protocol Deserialization Of Untrusted Data Vulnerability (CVE-2020-2883)
1010275 - Oracle WebLogic Server T3 Protocol Insecure Deserialization Vulnerability (CVE-2020-2963)
Web Server SharePoint
1010277 - Microsoft SharePoint Remote Code Execution Vulnerability (CVE-2020-1102)
ZeroMQ Message Transport Protocol (ZMTP)
1010267* - SaltStack Salt Directory Traversal Vulnerability (CVE-2020-11652)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
OpenSSL
1010280 - OpenSSL SSL_check_chain NULL Pointer Dereference Vulnerability (CVE-2020-1967) - Server
Oracle E-Business Suite Web Interface
1010251* - Oracle E-Business Suite Human Resources SQL Injection Vulnerability (CVE-2020-2882 and CVE-2020-2956)
SSL/TLS Server
1010258* - Microsoft Windows Transport Layer Security Denial of Service Vulnerability (CVE-2020-1118) - Server
SolarWinds Dameware Mini Remote Control
1010269 - SolarWinds DameWare 'SigPubkeyLen' Heap Buffer Overflow Vulnerability (CVE-2020-5734)
Telnet Server
1010241* - netkit telnetd Buffer Overflow Vulnerability (CVE-2020-10188)
Trend Micro OfficeScan
1010181* - Trend Micro Apex One And OfficeScan Server Directory Traversal Vulnerability (CVE-2020-8599)
Web Application Common
1010260 - Electron nodeIntegration Security Bypass Remote Code Execution Vulnerability (CVE-2018-1000136)
Web Application PHP Based
1010236* - PHP 'php_wddx_process_data' Function Illegal Memory Access Vulnerability (CVE-2016-7129)
1010247* - PHP 'simplestring_addn' Function Out Of Bounds Write Vulnerability (CVE-2016-6296)
1010250* - PHP 'spl_ptr_heap_insert' Function Use After Free Vulnerability (CVE-2015-4116)
1010246* - PHP WDDX Deserialization Use After Free Vulnerability (CVE-2016-3141)
1010281 - Rank Math Wordpress SEO Plugin 'updateMeta' Privilege Escalation Vulnerability (CVE-2020-11514)
Web Client Common
1010193* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB20-13)
1010279 - Microsoft Graphics Component Information Disclosure Vulnerability (CVE-2020-0987)
1010273 - Microsoft Windows Jet Database Engine Remote Code Execution Vulnerability (CVE-2020-1051)
1010274 - Microsoft Windows Jet Database Engine Remote Code Execution Vulnerability (CVE-2020-1174)
1010278 - Microsoft Windows Jet Database Engine Remote Code Execution Vulnerability (CVE-2020-1175)
1010276 - Microsoft Windows Jet Database Engine Remote Code Execution Vulnerability (CVE-2020-1176)
1010271 - Microsoft Windows Media Foundation Memory Corruption Vulnerabilities (CVE-2020-1028 and CVE-2020-1126)
1010272 - Microsoft Windows Media Foundation Memory Corruption Vulnerability (CVE-2020-1150)
1010207* - Microsoft Windows Multiple Type1 Font Parsing Remote Code Execution Vulnerabilities (CVE-2020-1020 and CVE-2020-0938)
Web Client Internet Explorer/Edge
1010270 - Microsoft Edge PDF Remote Code Execution Vulnerability (CVE-2020-1096)
1010254* - Microsoft Internet Explorer JScript Remote Code Execution Vulnerability (CVE-2020-1062)
Web Server Common
1010235* - Cisco Data Center Network Manager 'createLanFabric' Command Injection Vulnerability (CVE-2019-15978)
1010243* - Cisco Data Center Network Manager 'importTS' Command Injection Vulnerability (CVE-2019-15979)
1010169* - Cisco Data Center Network Manager REST API Authentication Bypass Vulnerability (CVE-2019-15975)
1010173* - Cisco Data Center Network Manager REST API SQL Injection Vulnerability (CVE-2019-15984)
1010264 - dotCMS CMSFilter Improper Access Control RCE Vulnerability (CVE-2020-6754)
Web Server Oracle
1010242* - Oracle WebLogic Server Insecure Deserialization Vulnerability (CVE-2020-2798)
1010253* - Oracle WebLogic Server T3 Protocol Deserialization Of Untrusted Data Vulnerability (CVE-2020-2883)
1010275 - Oracle WebLogic Server T3 Protocol Insecure Deserialization Vulnerability (CVE-2020-2963)
Web Server SharePoint
1010277 - Microsoft SharePoint Remote Code Execution Vulnerability (CVE-2020-1102)
ZeroMQ Message Transport Protocol (ZMTP)
1010267* - SaltStack Salt Directory Traversal Vulnerability (CVE-2020-11652)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.