*** NK8 RELS 3479 Release *** Total number of signatures: 3128 Description ================================================================== In this signature, we addressed the exploits/vulnerabilities and applications as below: Added 17 rule(s): --------------- 1136721 WEB CentOS Web Panel 0.9.8.763 Cross-Site Scripting (CVE-2019-7646) 1136760 EXPLOIT Memcached try_read_command_binary Stack Buffer Overflow (CVE-2020-10931) 1136840 WEB SQL Injection Attempt -97.1 1136841 WEB SQL Injection Attempt -97.2 1136842 WEB Trend Micro Apex One and OfficeScan Directory Traversal -1 (CVE-2020-8599) 1136843 WEB Cisco Data Center Network Manager persistUserInfo SQL Injection -1.1 (CVE-2019-15984) 1136844 WEB SQL Injection Attempt -98 1136845 WEB SQL Injection Attempt -99 1136846 WEB SQL Injection Attempt -100 1136847 WEB SQL Injection Attempt -101 1136853 WEB Apache ShardingSphere SnakeYAML Insecure Deserialization (CVE-2020-1947) 1136858 WEB Cisco Data Center Network Manager persistUserInfo SQL Injection -1.2 (CVE-2019-15984) 1136859 EXPLOIT Pivotal Spring Framework spring-messaging Module STOMP Remote Code Execution -4 (CVE-2018-1270) 1136860 EXPLOIT Eclipse Mosquitto message broker Denial of Service (CVE-2018-12543) 1136872 WEB Trend Micro Apex One and OfficeScan CVE-2020-8470 Directory Traversal -1.1 1136873 WEB Cisco UCS Director downloadFile Directory Traversal -1.a (CVE-2020-3250) 1136887 WEB Trend Micro Apex One and OfficeScan CVE-2020-8470 Directory Traversal -1.2 Modified 7 rule(s): --------------- 1133159 LDAP Microsoft Windows Domain User Code Execution (CVE-2016-3368) 1134343 WEB SQL Injection Attempt -86 1136712 WEB Microsoft Exchange Server Validation Key Remote Code Execution -1.a (CVE-2020-0688) 1136723 SMB Microsoft Windows SMB Server SMBv3 Buffer Overflow -1 (CVE-2020-0796) 1136761 SMB Microsoft Windows SMB Server SMBv3 Buffer Overflow -2 (CVE-2020-0796) 1136786 FTP uftpd FTP Server PORT Command Handling Stack Buffer Overflow -1.1 (CVE-2020-5204) 1136787 FTP uftpd FTP Server PORT Command Handling Stack Buffer Overflow -1.2 (CVE-2020-5204) Deleted 35 rule(s): --------------- 1131547 WEB-ACTIVEX Panasonic Security API SDK GetInfoString Stack Buffer Overflow -1 (CVE-2015-4647) (old rule) 1131560 WEB Wavelink Emulation License Server HTTP Header Processing Buffer Overflow -1 (CVE-2015-4059) (old rule) 1131568 EXPLOIT EMC AutoStart ftagent Opcode 85 Subcode 33 SQL Injection (CVE-2015-0538) (old rule) 1131574 WEB Symantec Endpoint Protection ConsoleServlet ResetPassword Policy Bypass -2 (CVE-2015-1486) (old rule) 1131575 SSH Sysax Multi Server SSH Component Denial Of Service -1 (old rule) 1131582 WEB Oracle Endeca Information Discovery Integrator ETL Server CopyFile Directory Traversal (CVE-2015-2604) (old rule) 1131583 SMTP IBM Lotus Domino BMP Parsing Integer Overflow - 1.1 (CVE-2015-1902) (old rule) 1131584 SMTP IBM Lotus Domino BMP Parsing Integer Overflow - 1.2 (CVE-2015-1902) (old rule) 1131590 SSH OpenSSH kbdint_next_device Policy Bypass -1 (CVE-2015-5600) (old rule) 1131594 WEB pfSense WebGUI Zone Parameter Cross-Site Scripting -1 (CVE-2015-4029) (old rule) 1131608 SSL OpenSSL X509_cmp_time Denial of Service -1 (CVE-2015-1789) (old rule) 1131635 WEB-CLIENT Microsoft Internet Explorer Memory Corruption Vulnerability -2 (CVE-2014-8966) (old rule) 1131754 WEB SQL injection attempt -73.a (old rule) 1131755 WEB WordPress MailChimp Subscribe Forms PHP Code Execution -1 (old rule) 1131757 ICS Schneider Electric InduSoft Web Studio Remote Agent Remote Code Execution (CVE-2015-7374) (old rule) 1131806 WEB GE MDS PulseNET Hidden Support Account Remote Code Execution (CVE-2015-6456) (old rule) 1131929 WEB-CLIENT Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-6087) (old rule) 1131930 WEB-CLIENT Microsoft Internet Explorer Internet Explorer Information Disclosure Vulnerability (CVE-2015-6086) (old rule) 1131937 WEB-CLIENT Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-6078) (old rule) 1132004 EXPLOIT IBM Tivoli Storage Manager FastBack Serve Opcode 1331 rmdir Command Injection (CVE-2015-1923) (old rule) 1132114 ICS Advantech WebAccess AspVCObj.AspDataDriven ActiveX FileProcess Stack Buffer Overflow -1 (CVE-2014-9208) (old rule) 1132123 EXPLOIT MIT Kerberos 5 build_principal_va Denial of Service -1 (CVE-2015-2697) (old rule) 1132132 WEB-CLIENT Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-6160) (old rule) 1132136 WEB-CLIENT Microsoft Internet Explorer Information Disclosure Vulnerability (CVE-2015-6157) (old rule) 1132155 EXPLOIT IBM Tivoli Storage Manager FastBack Server Opcode 1329 Buffer Overflow (CVE-2015-1924) (old rule) 1132160 EXPLOIT VMware vCenter Server JMX Remote Code Execution (CVE-2015-2342) (old rule) 1132162 EXPLOIT Jenkins CLI RMI Java Deserialization Vulnerability (CVE-2015-8103) (old rule) 1132188 EXPLOIT IBM Tivoli Storage Manager FastBack Server Opcode 1301 Format String Vulnerability (CVE-2015-1986) (old rule) 1132203 WEB-CLIENT Microsoft .NET Framework CVE-2015-6115 ASLR Security Bypass -3 (CVE-2015-6115) (old rule) 1132204 WEB-CLIENT Microsoft .NET Framework CVE-2015-6115 ASLR Security Bypass -4 (CVE-2015-6115) (old rule) 1132246 WEB Novell GroupWise WebAccess Cross-Site Scripting -1 (CVE-2014-0611) (old rule) 1132280 FILE Adobe Acrobat and Reader Memory Corruption (CVE-2016-0931) (old rule) 1132283 FILE Adobe Acrobat and Reader Security Bypass (CVE-2016-0943) (old rule) 1132290 FILE Microsoft Office Memory Corruption Vulnerability -1 (CVE-2016-0022) (old rule) 1132292 FILE Microsoft Windows msdaora.dll Insecure Library Loading -1 (CVE-2016-0041) (old rule)