Rule Update

22-038 (August 9, 2022)


  DESCRIPTION

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

Microsoft Office
1011506 - Microsoft Excel Memory Corruption Vulnerability (CVE-2008-0114)
1011507 - Microsoft Excel Memory Corruption Vulnerability (CVE-2008-0115)
1011508 - Microsoft Excel Memory Corruption Vulnerability (CVE-2008-0116)


MySQL Cluster NDBD
1011502* - Oracle MySQL Cluster Data Node Buffer Overflow Vulnerability (CVE-2022-21489)


Web Application Ruby Based
1011509 - Grafana Stored Cross-Site Scripting Vulnerability (CVE-2022-31097)


Web Server Common
1000128* - HTTP Protocol Decoding


Web Server HTTPS
1011505 - Node.js HTTP Request Smuggling Vulnerability (CVE-2022-32213)


Web Server Miscellaneous
1011501* - GitLab Stored Cross-Site Scripting Vulnerability (CVE-2022-2230)


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

1003802* - Directory Server - Microsoft Windows Active Directory
1011453* - Microsoft Windows WMI Events - 1