ruleUpdate
15-029 (08 września 2015)
DESCRIPTION
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Application Control For Download Manager
1004902* - Application Control For JDownloader
Database MySQL
1004901* - Identified Suspicious Remote Login To MySQL Server Without Password
1005063* - Restrict MySQL Database Access
Mail Server Common
1000883* - SMTP Header Length Restriction
Microsoft Office
1007039 - Microsoft Graphics Component Buffer Overflow Vulnerability (CVE-2015-2510)
1006939* - Microsoft Office Memory Corruption Vulnerability (CVE-2015-2469)
1007040 - Microsoft Office Memory Corruption Vulnerability (CVE-2015-2520)
1007050 - Microsoft Office Memory Corruption Vulnerability (CVE-2015-2521)
1007051 - Microsoft Office Memory Corruption Vulnerability (CVE-2015-2523)
Novell Configuration Management Preboot Policy Service
1006792* - Novell ZENworks Configuration Management Stack Buffer Overflow Vulnerability
Suspicious Server Application Activity
1004735* - Detected IP Messenger Server Traffic
1001164* - Detected Terminal Services (RDP) Server Traffic
Unix SSH
1000798* - Unix OpenSSH sshd Identical Blocks DoS
Web Application PHP Based
1005465* - Identified Access To WordPress Sensitive Files
1005915* - phpLDAPadmin 'query_engine' Remote PHP Code Injection Vulnerability
1005947* - phpMyAdmin 'setup.php' PHP Code Injection Vulnerability
Web Client Common
1007023 - Adobe Flash Player Cross Domain Information Disclosure Vulnerability (CVE-2015-5116)
1007022 - Adobe Flash Player DefineBitsLossless Memory Corruption Vulnerability (CVE-2015-3093)
1006409* - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2014-8460)
1005676* - Identified Download Of XML File With External Entity Reference
1006532* - Identified Malicious Adobe Flash SWF File - 1
1007029 - Microsoft Windows Journal Remote Code Execution Vulnerability (CVE-2015-2513)
1006950* - Microsoft Windows OpenType Font Parsing Vulnerability (CVE-2015-2462)
1007052 - Microsoft Windows OpenType Font Parsing Vulnerability (CVE-2015-2506)
1007047 - Windows Media Center Remote Code Execution Vulnerability (CVE-2015-2509)
1006927 - libtiff bmp2tiff Denial Of Service Vulnerability (CVE-2014-9330)
Web Client Internet Explorer
1007041 - Microsoft Internet Explorer Information Disclosure Vulnerability (CVE-2015-2483)
1006929* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2443)
1006931* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2446)
1007024 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2485)
1007025 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2486)
1007026 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2487)
1007028 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2490)
1007030 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2491)
1007043 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2492)
1007045 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2498)
1007046 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2499)
1007048 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2500)
1007049 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2501)
1007044 - Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CVE-2015-2493)
Web Server Miscellaneous
1006908* - Novell ZENworks Configuration Management UploadServlet Remote Code Execution Vulnerabilities
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
Application Control For Download Manager
1004902* - Application Control For JDownloader
Database MySQL
1004901* - Identified Suspicious Remote Login To MySQL Server Without Password
1005063* - Restrict MySQL Database Access
Mail Server Common
1000883* - SMTP Header Length Restriction
Microsoft Office
1007039 - Microsoft Graphics Component Buffer Overflow Vulnerability (CVE-2015-2510)
1006939* - Microsoft Office Memory Corruption Vulnerability (CVE-2015-2469)
1007040 - Microsoft Office Memory Corruption Vulnerability (CVE-2015-2520)
1007050 - Microsoft Office Memory Corruption Vulnerability (CVE-2015-2521)
1007051 - Microsoft Office Memory Corruption Vulnerability (CVE-2015-2523)
Novell Configuration Management Preboot Policy Service
1006792* - Novell ZENworks Configuration Management Stack Buffer Overflow Vulnerability
Suspicious Server Application Activity
1004735* - Detected IP Messenger Server Traffic
1001164* - Detected Terminal Services (RDP) Server Traffic
Unix SSH
1000798* - Unix OpenSSH sshd Identical Blocks DoS
Web Application PHP Based
1005465* - Identified Access To WordPress Sensitive Files
1005915* - phpLDAPadmin 'query_engine' Remote PHP Code Injection Vulnerability
1005947* - phpMyAdmin 'setup.php' PHP Code Injection Vulnerability
Web Client Common
1007023 - Adobe Flash Player Cross Domain Information Disclosure Vulnerability (CVE-2015-5116)
1007022 - Adobe Flash Player DefineBitsLossless Memory Corruption Vulnerability (CVE-2015-3093)
1006409* - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2014-8460)
1005676* - Identified Download Of XML File With External Entity Reference
1006532* - Identified Malicious Adobe Flash SWF File - 1
1007029 - Microsoft Windows Journal Remote Code Execution Vulnerability (CVE-2015-2513)
1006950* - Microsoft Windows OpenType Font Parsing Vulnerability (CVE-2015-2462)
1007052 - Microsoft Windows OpenType Font Parsing Vulnerability (CVE-2015-2506)
1007047 - Windows Media Center Remote Code Execution Vulnerability (CVE-2015-2509)
1006927 - libtiff bmp2tiff Denial Of Service Vulnerability (CVE-2014-9330)
Web Client Internet Explorer
1007041 - Microsoft Internet Explorer Information Disclosure Vulnerability (CVE-2015-2483)
1006929* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2443)
1006931* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2446)
1007024 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2485)
1007025 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2486)
1007026 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2487)
1007028 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2490)
1007030 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2491)
1007043 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2492)
1007045 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2498)
1007046 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2499)
1007048 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2500)
1007049 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2501)
1007044 - Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CVE-2015-2493)
Web Server Miscellaneous
1006908* - Novell ZENworks Configuration Management UploadServlet Remote Code Execution Vulnerabilities
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.