Rule Update

23-046 (October 24, 2023)


  DESCRIPTION

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

Ivanti Avalanche
1011871 - Ivanti Avalanche XML External Entity Processing Vulnerability (CVE-2023-32567)


Port Mapper Windows
1001033* - Windows Port Mapper Decoder


Unix Samba
1011796* - Linux Kernel KSMBD Denial of Service Vulnerability (CVE-2023-32247)


Web Server HTTPS
1011876 - Progress WS_FTP Server Insecure Deserialization Vulnerability (CVE-2023-40044)


Windows Services RPC Server DCERPC
1010539* - Identified NTLM Brute Force Attempt (ZeroLogon) (CVE-2020-1472)
1010519* - Netlogon Elevation Of Privilege Vulnerability (Zerologon) (CVE-2020-1472)


Zoho ManageEngine AssetExplorer_SupportCenter Plus_ADManager Plus
1011879 - Zoho ManageEngine ADManager Plus Directory Traversal Vulnerability (CVE-2023-39912)


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.