Rule Update

20-017 (April 7, 2020)


* indicates a new version of an existing rule

Deep Packet Inspection Rules:

HP Intelligent Management Center Dbman
1010213 - HPE Intelligent Management Center 'dbman' RestartDB Command Injection Vulnerability (CVE-2017-5816)

Mail Server Common
1010001* - Dovecot And Pigeonhole Remote Code Execution Vulnerability (CVE-2019-11500)

NTP Server Linux
1008320* - Network Time Protocol Daemon 'peer_xmit' Mode Denial Of Service Vulnerability (CVE-2017-6464)

Solr Service
1010203 - Apache Solr VelocityResponseWriter Remote Code Execution Vulnerability (CVE-2019-17558)

Web Application Common
1010183* - Microsoft Exchange Validation Key Remote Code Execution Vulnerability (CVE-2020-0688)
1010215 - rConfig Network Device Configuration Tool AjaxAddTemplate.php Command Injection Vulnerability (CVE-2020-10221)

Web Server Common
1010162 - Cisco Data Center Network Manager Directory Traversal Vulnerability (CVE-2019-15980)

Web Server Squid
1010177* - Squid Proxy HTTP Request Processing Buffer Overflow Vulnerability (CVE-2020-8450)

Windows Services RPC Server DCERPC
1003766* - Local Security Authority Subsystem Service Integer Overflow Vulnerability

Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.

Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.