Rule Update

20-046 (September 15, 2020)


  DESCRIPTION

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

Database IBM Informix Dynamic Server
1010458* - IBM Informix Dynamic Server Directory Traversal Vulnerability


Directory Server LDAP
1010491* - Microsoft Windows Active Directory Information Disclosure Vulnerability (CVE-2020-0664)
1010494* - Microsoft Windows Active Directory Information Disclosure Vulnerability (CVE-2020-0856)


Java RMI
1010501 - Oracle Java SE Remote Security Vulnerability Over RMI (CVE-2017-3241)


Trend Micro Deep Security Manager
1010487* - Trend Micro Vulnerability Protection And Deep Security Manager Authentication Bypass Vulnerabilities (CVE-2020-15601 and CVE-2020-15605)


TrendMicro SPLX Web Console
1010512 - Trend Micro ServerProtect For Linux Command Injection Vulnerability (CVE-2020-24561)


UWSGI Protocol
1010500 - Apache HTTP Server Mod_uwsgi Remote Code Execution Vulnerability (CVE-2020-11984)


Web Application PHP Based
1010499 - WordPress 'WP EasyCart Plugin' Shell Upload Vulnerability (CVE-2014-9308)
1010375* - WordPress 10Web Photo Gallery Plugin SQL Injection Vulnerability


Web Client Common
1010510 - Microsoft Visual Studio DDS File Parsing Integer Overflow Remote Code Execution Vulnerability (CVE-2020-16856)
1010509 - Microsoft Visual Studio DDS File Parsing Integer Overflow Remote Code Execution Vulnerability (CVE-2020-16874)
1010517 - Microsoft Windows Camera Codec Out-Of-Bounds Write Remote Code Execution Vulnerability (CVE-2020-0997)
1010507 - Microsoft Windows Codecs Library Remote Code Execution Vulnerability (CVE-2020-1129)
1010506 - Microsoft Windows Jet Database Engine Remote Code Execution Vulnerability (CVE-2020-1039)
1010505 - Microsoft Windows Jet Database Engine Remote Code Execution Vulnerability (CVE-2020-1074)


Web Client Internet Explorer/Edge
1010508 - Microsoft Windows Text Service Module Remote Code Execution Vulnerability (CVE-2020-0908)


Web Server Apache
1010496* - Apache Struts2 File Upload Denial of Service Vulnerability (CVE-2019-0233)


Web Server Common
1010513 - Microsoft Exchange Server DlpUtils Remote Code Execution Vulnerability (CVE-2020-16875)
1010204* - Nagios XI schedulereport.php Command Execution Vulnerability (CVE-2019-20197)


Web Server HTTPS
1010514 - Nagios XI 'command_test.php' Command Injection Vulnerability
1010492* - rConfig 'configDevice.php' Cross-Site Scripting Vulnerability (CVE-2020-12259)


Web Server Miscellaneous
1010495* - RichFaces Framework Deserialization Vulnerability (CVE-2013-2165)
1010480* - RichFaces Framework Expression Language Injection Vulnerability (CVE-2018-14667)


Windows Server DCERPC
1010519 - Microsoft Windows Netlogon Elevation Of Privilege Vulnerability (CVE-2020-1472)


Integrity Monitoring Rules:

1010515 - Trend Micro ServerProtect For Linux Command Execution Vulnerability (CVE-2020-24561)


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.