Rule Update

23-037 (August 29, 2023)


  DESCRIPTION

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

Mail Server Common
1011847 - Identified Img Over SMTP With Base64 Encoding (ATT&CK T1071.003)


Unix Samba
1011797* - Samba Out-Of-Bounds Read Information Disclosure Vulnerability (CVE-2022-32742)


Web Server Adobe ColdFusion
1011819 - Adobe ColdFusion Authentication Bypass Vulnerability (CVE-2023-29301)
1011820 - Adobe ColdFusion Improper Access Control Vulnerability (CVE-2023-29298)


Web Server HTTPS
1011788* - SNIProxy Stack Buffer Overflow Vulnerability (CVE-2023-25076)
1011842 - Zabbix Cross-Site Scripting Vulnerability (CVE-2023-29452)


Web Server Miscellaneous
1011844 - Atlassian Jira and Jira Service Desk 'Stagil Navigation Menus and Themes' Plugin Directory Traversal Vulnerability (CVE-2023-26255 and CVE-2023-26256)
1011827* - XWiki Cross-Site Scripting Vulnerability (CVE-2023-32071)


Integrity Monitoring Rules:

1011848 - Linux/Unix - Apache Web Server Root Documents Files Modified (ATT&CK T1189)


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.