*** NK8 RELS 3490 Release *** Total number of signatures: 3089 Description ================================================================== In this signature, we addressed the exploits/vulnerabilities and applications as below: Added 13 rule(s): --------------- 1137167 WEB Gila CMS Image Upload Remote Code Execution (CVE-2020-5514) 1137168 FILE Eaton HMiSoft VU3 wTextLen Stack Buffer Overflow (CVE-2020-10639) 1137209 FILE Eaton HMiSoft VU3 wMailToLen Stack Buffer Overflow (CVE-2020-10639) 1137210 WEB Cisco Data Center Network Manager saveZoneInputFileToServer Directory Traversal -1 (CVE-2019-15980) 1137212 WEB Cisco Data Center Network Manager storeFileContentInFS Directory Traversal -1 (CVE-2019-15980) 1137213 FILE Eaton HMiSoft VU3 LinkSize Stack Buffer Overflow (CVE-2020-10639) 1137216 FILE Eaton HMiSoft VU3 wTitleTextLen Stack Buffer Overflow (CVE-2020-10639) 1137218 WEB Comtrend VR-3033 Authenticated Command Injection (CVE-2020-10173) 1137223 WEB Apache Dubbo Remote Code Execution Vulnerability -1.1 (CVE-2020-1948) 1137224 WEB Apache Dubbo Remote Code Execution Vulnerability -1.2 (CVE-2020-1948) 1137225 WEB Apache Dubbo Remote Code Execution Vulnerability -1.3 (CVE-2020-1948) 1137226 WEB Apache Dubbo Remote Code Execution Vulnerability -1.4 (CVE-2020-1948) 1137227 WEB Netgear R6700v3 Unauthenticated LAN Admin Password Reset (CVE-2020-10924) Modified 0 rule(s): --------------- Deleted 12 rule(s): --------------- 1058966 NTP Network Time Protocol Amplification Distributed Denial of Service (CVE-2013-5211) (old rule) 1133231 ICMP BlackNurse Attack (old rule) 1133325 SSL OpenSSL SSL3_AL_WARNING Denial of Service (CVE-2016-8610) (old rule) 1133462 SNMP Simple Network Management Protocol GETBULK Reflection Denial of Service Vulnerability (old rule) 1134071 DNS Dnsmasq Lack of Free Denial of Service -1.1 (CVE-2017-14495) (old rule) 1134206 DNS Dnsmasq Lack of Free Denial of Service -1.2 (CVE-2017-14495) (old rule) 1134360 DNS Dnsmasq Lack of Free Denial of Service -1.3 (CVE-2017-14495) (old rule) 1134913 WEB ManageEngine Applications Manager Remote Code Execution -2 (CVE-2018-7890) (old rule) 1135658 SSH Redis Unauthorized HTTP Activity -1 (old rule) 1135660 SSH Redis Unauthorized HTTP Activity -2 (old rule) 1135661 SSH Redis Unauthorized Reverse Connect (old rule) 1135919 EXPLOIT Redis HyperLogLog hllCount Stack Buffer Overflow (CVE-2019-10193) (old rule)