Rule Update
DPIルール他更新情報:24-020(2024年4月16日)
2024年4月16日
概要
* は既存ルールの新バージョンを示します。
DPI(Deep Packet Inspection) ルール:
Arcserve Unified Data Protection
1012012 - Arcserve Unified Data Protection Directory Traversal Vulnerability (CVE-2024-0800)
DCERPCサービス
1002937* - Integer Overflow In IPP Service Vulnerability
1003824* - License Logging Server Heap Overflow Vulnerability
1003015* - Microsoft SMB Credential Reflection Vulnerability
1002931* - Microsoft Windows SMB Buffer Underflow Vulnerability
1008445* - Microsoft Windows Search Remote Code Execution Vulnerability (CVE-2017-8543)
1000972* - Microsoft Windows svcctl ChangeServiceConfig2A() Memory Corruption Vulnerability
1003564* - Print Spooler Load Library Vulnerability
1003985* - SMB Memory Corruption Vulnerability
1003979* - SMB Null Pointer Vulnerability
1003978* - SMB Pathname Overflow Vulnerability
1002975* - Server Service Vulnerability (wkssvc)
1003676* - Workstation Service Memory Corruption Vulnerability
DCERPCサービス - クライアント
1004053* - Microsoft Windows CHM Notepad Remote Code Execution
1004094* - SMB Client Memory Allocation Vulnerability
1003973* - SMB Client Pool Corruption Vulnerability
1003980* - SMB Client Race Condition Vulnerability
1004096* - SMB Client Response Parsing Vulnerability
1004095* - SMB Client Transaction Vulnerability
1003014* - SMB Credential Reflection Vulnerability
DNSクライアント
1003189* - Malware AGENT.BTZ Domain Blocker
1000468* - Microsoft Word Malformed Object Pointer Remote Code Execution
1003133* - Pointer Reference Memory Corruption Vulnerability Domain Blocker
Telnetクライアント
1003687* - Telnet Credential Reflection Vulnerability
Trend Micro Mobile Security Server
1011957* - Trend Micro Mobile Security Server Cross-Site Scripting Vulnerability (CVE-2023-41176)
1011964* - Trend Micro Mobile Security Server Cross-Site Scripting Vulnerability (CVE-2023-41177)
1011963* - Trend Micro Mobile Security Server Cross-Site Scripting Vulnerability (CVE-2023-41178)
Webアプリケーション 共通
1010344* - ThinkPHP Remote Code Execution Vulnerability (CVE-2019-9082 and CVE-2018-20062)
Webアプリケーション PHP
1012015 - Joomla! CMS Cross-Site Scripting Vulnerability (CVE-2024-21726)
Webアプリケーション Tomcat
1012016 - Bonita Authorization Bypass Vulnerability (CVE-2022-25237)
Webサーバ HTTPS
1011953* - Trend Micro Apex Central Cross-Site Scripting Vulnerability (CVE-2023-52327)
1011952* - Trend Micro Apex Central Cross-Site Scripting Vulnerability (CVE-2023-52328)
1011951* - Trend Micro Apex Central Cross-Site Scripting Vulnerability (CVE-2023-52330)
変更監視(Integrity Monitoring)ルール:
今回のセキュリティアップデートには、新規の変更監視ルールおよび更新は含まれておりません。
セキュリティログ監視(Log Inspection)ルール:
1008619* - Application - Docker
DPI(Deep Packet Inspection) ルール:
Arcserve Unified Data Protection
1012012 - Arcserve Unified Data Protection Directory Traversal Vulnerability (CVE-2024-0800)
DCERPCサービス
1002937* - Integer Overflow In IPP Service Vulnerability
1003824* - License Logging Server Heap Overflow Vulnerability
1003015* - Microsoft SMB Credential Reflection Vulnerability
1002931* - Microsoft Windows SMB Buffer Underflow Vulnerability
1008445* - Microsoft Windows Search Remote Code Execution Vulnerability (CVE-2017-8543)
1000972* - Microsoft Windows svcctl ChangeServiceConfig2A() Memory Corruption Vulnerability
1003564* - Print Spooler Load Library Vulnerability
1003985* - SMB Memory Corruption Vulnerability
1003979* - SMB Null Pointer Vulnerability
1003978* - SMB Pathname Overflow Vulnerability
1002975* - Server Service Vulnerability (wkssvc)
1003676* - Workstation Service Memory Corruption Vulnerability
DCERPCサービス - クライアント
1004053* - Microsoft Windows CHM Notepad Remote Code Execution
1004094* - SMB Client Memory Allocation Vulnerability
1003973* - SMB Client Pool Corruption Vulnerability
1003980* - SMB Client Race Condition Vulnerability
1004096* - SMB Client Response Parsing Vulnerability
1004095* - SMB Client Transaction Vulnerability
1003014* - SMB Credential Reflection Vulnerability
DNSクライアント
1003189* - Malware AGENT.BTZ Domain Blocker
1000468* - Microsoft Word Malformed Object Pointer Remote Code Execution
1003133* - Pointer Reference Memory Corruption Vulnerability Domain Blocker
Telnetクライアント
1003687* - Telnet Credential Reflection Vulnerability
Trend Micro Mobile Security Server
1011957* - Trend Micro Mobile Security Server Cross-Site Scripting Vulnerability (CVE-2023-41176)
1011964* - Trend Micro Mobile Security Server Cross-Site Scripting Vulnerability (CVE-2023-41177)
1011963* - Trend Micro Mobile Security Server Cross-Site Scripting Vulnerability (CVE-2023-41178)
Webアプリケーション 共通
1010344* - ThinkPHP Remote Code Execution Vulnerability (CVE-2019-9082 and CVE-2018-20062)
Webアプリケーション PHP
1012015 - Joomla! CMS Cross-Site Scripting Vulnerability (CVE-2024-21726)
Webアプリケーション Tomcat
1012016 - Bonita Authorization Bypass Vulnerability (CVE-2022-25237)
Webサーバ HTTPS
1011953* - Trend Micro Apex Central Cross-Site Scripting Vulnerability (CVE-2023-52327)
1011952* - Trend Micro Apex Central Cross-Site Scripting Vulnerability (CVE-2023-52328)
1011951* - Trend Micro Apex Central Cross-Site Scripting Vulnerability (CVE-2023-52330)
変更監視(Integrity Monitoring)ルール:
今回のセキュリティアップデートには、新規の変更監視ルールおよび更新は含まれておりません。
セキュリティログ監視(Log Inspection)ルール:
1008619* - Application - Docker