Rule Update
DPIルール他更新情報:20-046(2020年9月15日)
2020年9月15日
概要
* は既存ルールの新バージョンを示します。
DPI(Deep Packet Inspection) ルール:
Database IBM Informix Dynamic Server
1010458* - IBM Informix Dynamic Server Directory Traversal Vulnerability
ディレクトリサーバ LDAP
1010491* - Microsoft Windows Active Directory Information Disclosure Vulnerability (CVE-2020-0664)
1010494* - Microsoft Windows Active Directory Information Disclosure Vulnerability (CVE-2020-0856)
Java RMI
1010501 - Oracle Java SE Remote Security Vulnerability Over RMI (CVE-2017-3241)
Trend Micro Deep Security Manager
1010487* - Trend Micro Vulnerability Protection And Deep Security Manager Authentication Bypass Vulnerabilities (CVE-2020-15601 and CVE-2020-15605)
TrendMicro SPLX Web Console
1010512 - Trend Micro ServerProtect For Linux Command Injection Vulnerability (CVE-2020-24561)
UWSGI Protocol
1010500 - Apache HTTP Server Mod_uwsgi Remote Code Execution Vulnerability (CVE-2020-11984)
Webアプリケーション PHP
1010499 - WordPress 'WP EasyCart Plugin' Shell Upload Vulnerability (CVE-2014-9308)
1010375* - WordPress 10Web Photo Gallery Plugin SQL Injection Vulnerability
Webクライアント 共通
1010510 - Microsoft Visual Studio DDS File Parsing Integer Overflow Remote Code Execution Vulnerability (CVE-2020-16856)
1010509 - Microsoft Visual Studio DDS File Parsing Integer Overflow Remote Code Execution Vulnerability (CVE-2020-16874)
1010517 - Microsoft Windows Camera Codec Out-Of-Bounds Write Remote Code Execution Vulnerability (CVE-2020-0997)
1010507 - Microsoft Windows Codecs Library Remote Code Execution Vulnerability (CVE-2020-1129)
1010506 - Microsoft Windows Jet Database Engine Remote Code Execution Vulnerability (CVE-2020-1039)
1010505 - Microsoft Windows Jet Database Engine Remote Code Execution Vulnerability (CVE-2020-1074)
Webクライアント Internet Explorer/Edge
1010508 - Microsoft Windows Text Service Module Remote Code Execution Vulnerability (CVE-2020-0908)
Webサーバ Apache
1010496* - Apache Struts2 File Upload Denial of Service Vulnerability (CVE-2019-0233)
Webサーバ 共通
1010513 - Microsoft Exchange Server DlpUtils Remote Code Execution Vulnerability (CVE-2020-16875)
1010204* - Nagios XI schedulereport.php Command Execution Vulnerability (CVE-2019-20197)
Webサーバ HTTPS
1010514 - Nagios XI 'command_test.php' Command Injection Vulnerability
1010492* - rConfig 'configDevice.php' Cross-Site Scripting Vulnerability (CVE-2020-12259)
Webサーバ その他
1010495* - RichFaces Framework Deserialization Vulnerability (CVE-2013-2165)
1010480* - RichFaces Framework Expression Language Injection Vulnerability (CVE-2018-14667)
Windowsサーバ DCERPC
1010519 - Microsoft Windows Netlogon Elevation Of Privilege Vulnerability (CVE-2020-1472)
変更監視(Integrity Monitoring)ルール:
1010515 - Trend Micro ServerProtect For Linux Command Execution Vulnerability (CVE-2020-24561)
セキュリティログ監視(Log Inspection)ルール:
今回のセキュリティアップデートには、新規のセキュリティログ監視ルールおよび更新は含まれておりません。
DPI(Deep Packet Inspection) ルール:
Database IBM Informix Dynamic Server
1010458* - IBM Informix Dynamic Server Directory Traversal Vulnerability
ディレクトリサーバ LDAP
1010491* - Microsoft Windows Active Directory Information Disclosure Vulnerability (CVE-2020-0664)
1010494* - Microsoft Windows Active Directory Information Disclosure Vulnerability (CVE-2020-0856)
Java RMI
1010501 - Oracle Java SE Remote Security Vulnerability Over RMI (CVE-2017-3241)
Trend Micro Deep Security Manager
1010487* - Trend Micro Vulnerability Protection And Deep Security Manager Authentication Bypass Vulnerabilities (CVE-2020-15601 and CVE-2020-15605)
TrendMicro SPLX Web Console
1010512 - Trend Micro ServerProtect For Linux Command Injection Vulnerability (CVE-2020-24561)
UWSGI Protocol
1010500 - Apache HTTP Server Mod_uwsgi Remote Code Execution Vulnerability (CVE-2020-11984)
Webアプリケーション PHP
1010499 - WordPress 'WP EasyCart Plugin' Shell Upload Vulnerability (CVE-2014-9308)
1010375* - WordPress 10Web Photo Gallery Plugin SQL Injection Vulnerability
Webクライアント 共通
1010510 - Microsoft Visual Studio DDS File Parsing Integer Overflow Remote Code Execution Vulnerability (CVE-2020-16856)
1010509 - Microsoft Visual Studio DDS File Parsing Integer Overflow Remote Code Execution Vulnerability (CVE-2020-16874)
1010517 - Microsoft Windows Camera Codec Out-Of-Bounds Write Remote Code Execution Vulnerability (CVE-2020-0997)
1010507 - Microsoft Windows Codecs Library Remote Code Execution Vulnerability (CVE-2020-1129)
1010506 - Microsoft Windows Jet Database Engine Remote Code Execution Vulnerability (CVE-2020-1039)
1010505 - Microsoft Windows Jet Database Engine Remote Code Execution Vulnerability (CVE-2020-1074)
Webクライアント Internet Explorer/Edge
1010508 - Microsoft Windows Text Service Module Remote Code Execution Vulnerability (CVE-2020-0908)
Webサーバ Apache
1010496* - Apache Struts2 File Upload Denial of Service Vulnerability (CVE-2019-0233)
Webサーバ 共通
1010513 - Microsoft Exchange Server DlpUtils Remote Code Execution Vulnerability (CVE-2020-16875)
1010204* - Nagios XI schedulereport.php Command Execution Vulnerability (CVE-2019-20197)
Webサーバ HTTPS
1010514 - Nagios XI 'command_test.php' Command Injection Vulnerability
1010492* - rConfig 'configDevice.php' Cross-Site Scripting Vulnerability (CVE-2020-12259)
Webサーバ その他
1010495* - RichFaces Framework Deserialization Vulnerability (CVE-2013-2165)
1010480* - RichFaces Framework Expression Language Injection Vulnerability (CVE-2018-14667)
Windowsサーバ DCERPC
1010519 - Microsoft Windows Netlogon Elevation Of Privilege Vulnerability (CVE-2020-1472)
変更監視(Integrity Monitoring)ルール:
1010515 - Trend Micro ServerProtect For Linux Command Execution Vulnerability (CVE-2020-24561)
セキュリティログ監視(Log Inspection)ルール:
今回のセキュリティアップデートには、新規のセキュリティログ監視ルールおよび更新は含まれておりません。