Rule Update

20-054 (October 27, 2020)


* indicates a new version of an existing rule

Deep Packet Inspection Rules:

Asterisk Manager Interface
1010300* - Identified Asterisk 'Originate' Action With 'Originate' Application System Command Execution

DNS Server
1010577 - ISC BIND TSIG Authentication Bypass Vulnerability (CVE-2017-3143)

Microsoft Office
1010526 - Microsoft Excel Remote Code Execution Vulnerability (CVE-2020-1594)

Web Application Common
1010543 - GNUBoard 'ajax.autosave.php' SQL Injection Vulnerability (CVE-2014-2339)
1010542 - GNUBoard 'tb.php' SQL Injection Vulnerability (CVE-2011-4066)
1010545 - GNUBoard Local File Inclusion Vulnerability (EDB-ID-7927)
1010546 - GNUBoard Local/Remote File Inclusion Vulnerability (CVE-2009-0290)
1010547 - GNUBoard Remote Code Execution Vulnerability (KVE-2018-0449 and KVE-2018-0441)
1010544 - GNUBoard SQL Injection Vulnerability (EDB-ID-7927)
1010557* - Yaws Web Server Command Injection Vulnerability (CVE-2020-24916)

Web Application PHP Based
1009544* - WordPress Image Remote Code Execution Vulnerability (CVE-2019-8942)

Web Client Common
1010583 - Google Chrome CSP Bypass Vulnerability (CVE-2020-6519)
1010584 - Google Chrome FreeType Font File Buffer Overflow Vulnerability (CVE-2020-15999)
1010574 - Google Chrome Heap Corruption Vulnerability (CVE-2020-6514)
1010576 - Google Chrome Type Confusion Vulnerability (CVE-2020-6468)
1009483* - Linux APT Remote Code Execution Vulnerability (CVE-2019-3462)

Web Server Common
1010578 - MobileIron MDM Remote Code Execution Vulnerability (CVE-2020-15505)
1010560 - Yaws Web Server XML External Entity Injection Vulnerability (CVE-2020-24379)

Web Server Oracle
1010253* - Oracle WebLogic Server T3 Protocol Deserialization Of Untrusted Data Vulnerability (CVE-2020-2883)

Web Server SharePoint
1010573* - Microsoft SharePoint Server Remote Code Execution Vulnerability (CVE-2020-16952)

Zoho ManageEngine
1010563 - Zoho ManageEngine Applications Manager Arbitrary File Upload Vulnerability (CVE-2020-14008)

Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.

Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.