21-031 (06 Juli 2021)

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

Directory Server LDAP
1011008* - OpenLDAP Integer Underflow Vulnerability (CVE-2020-36221)


Oracle E-Business Suite Web Interface
1010999* - Oracle E-Business Suite Denial Of Service Vulnerability (CVE-2021-2189)
1011019 - Oracle E-Business Suite Denial Of Service Vulnerability (CVE-2021-2190)


Port Mapper Windows
1001033* - Windows Port Mapper Decoder


Web Application Common
1005934* - Identified Suspicious Command Injection Attack


Web Application PHP Based
1010982* - WordPress 'wpDiscuz' Plugin Remote Code Execution Vulnerability (CVE-2020-24186)


Web Server Apache
1010997* - Apache Pulsar JSON Web Token Authentication Bypass Vulnerability Over HTTP (CVE-2021-22160)


Web Server HTTPS
1011015* - WordPress 'Poll, Survey, Questionnaire and Voting system' Plugin Blind SQL Injection Vulnerability


Windows SMB Server
1011018* - Identified DCERPC AddPrinterDriverEx Call Over SMB Protocol


Windows Services RPC Server DCERPC
1011016* - Identified DCERPC AddPrinterDriverEx Call Over TCP Protocol


Zoho ManageEngine
1011020 - Zoho ManageEngine Applications Manager Stored Cross-Site Scripting Vulnerability
1011012* - Zoho ManageEngine Applications Manager URL Monitor SQL Injection Vulnerability


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.