*** EX RELS 03469 Release *** Total number of signatures: 6009 Description ================================================================== In this signature, we addressed the exploits/vulnerabilities and applications as below: Added 11 rule(s): --------------- 1060128 MEDIA SiriusXM access via SSL -1.1 1136645 WEB HPE Intelligent Management Center ByteMessageResource Insecure Deserialization -1.1 (CVE-2019-11956) 1136647 WEB Nagios XI nocscreenapi.php Cross-Site Scripting -1 (CVE-2019-20139) 1136648 WEB Nagios XI nocscreenapi.php Cross-Site Scripting -2 (CVE-2019-20139) 1136649 WEB OpenEMR New.php Command Injection (CVE-2019-3968) 1136656 WEB WiKID 2FA Enterprise Server GetDomainHash Stored Cross-Site Scripting -1 (CVE-2019-17115) 1136658 EXPLOIT D-Link Devices Unauthenticated Remote Command Execution in ssdpcgi (CVE-2019-20215) 1136659 WEB D-Link DIR-859 Unauthenticated Remote Command Execution (CVE-2019-17621) 1136661 EXPLOIT Apache Log4j SocketServer Untrusted Deserialization (CVE-2019-17571) 1162228 MEDIA SiriusXM access via SSL -1.3 1162231 MEDIA SiriusXM access via SSL -1.4 Modified 14 rule(s): --------------- 1051741 FTP FTP MKD Command Buffer Overflow 1060777 UDP port 9080 traffic (eg. Glrpc) 1060780 TCP port 1972 traffic (eg. InterSystems) 1060781 UDP port 1972 traffic (eg. InterSystems) 1061433 TCP port 5852 traffic (eg. OpenDHT) 1063515 MEDIA SiriusXM access via SSL -1.2 1132280 FILE Adobe Acrobat and Reader Memory Corruption (CVE-2016-0931) 1133231 ICMP BlackNurse Attack 1134652 WEB Drupal Core drupalgeddon3 Authenticated Remote Code Execution -5 (CVE-2018-7602) 1135909 WEB SUNNET WMPro Command Injection Vulnerability (CVE-2019-11062) 1136595 FILE Microsoft Windows CryptoAPI Spoofing Vulnerability -1 (CVE-2020-0601) 1136631 WEB ELOG Project ELOG show_uploader_json NULL Pointer Dereference -2 (CVE-2019-3995) 1136635 SMTP OpenSMTPD smtp_session.c Command Execution -1 (CVE-2020-7247) 1160597 SOCIAL Twitter access via SSL -4 Deleted 2 rule(s): --------------- 1053907 P2P Gnutella-Foxy transfer via UDP-1 (old rule) 1064053 MEDIA YoukuVa communicate via TCP -1 (old rule)