23-055 (December 12, 2023)

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

CentOS Web Panel
1011887* - Control Web Panel Command Injection Remote Code Execution Vulnerability (CVE-2023-42123)


NTP Server Linux
1009492* - NTPsec 'ntpd ctl_getitem' Out Of Bounds Read Vulnerability (CVE-2019-6443)
1009620* - NTPsec ntpd 'write_variables' Denial Of Service Vulnerability (CVE-2019-6445)


SolarWinds Access Rights Manager
1011890* - SolarWinds Access Rights Manager Directory Traversal Vulnerability (CVE-2023-35185)
1011891* - SolarWinds Access Rights Manager Directory Traversal Vulnerability (CVE-2023-35187)


Web Client Common
1011922 - Adobe Acrobat And Reader Remote Code Execution Vulnerability (CVE-2023-44371)


Web Server HTTPS
1011917 - Adobe RoboHelp Server Information Disclosure Vulnerability (CVE-2023-22272)
1011919 - Adobe RoboHelp Server Path Traversal Vulnerability (CVE-2023-22273)
1011916 - Adobe RoboHelp Server SQL Injection Vulnerability (CVE-2023-22275)


Zoho ManageEngine Recovery Manager Plus
1011923 - Zoho ManageEngine Recovery Manager Plus Command Injection Vulnerability (CVE-2023-48646)


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

1003447* - Web Server - Apache