Rule Update

20-021 (April 28, 2020)


* indicates a new version of an existing rule

Deep Packet Inspection Rules:

HP System Management Homepage
1010221* - HPE System Management Homepage Remote Denial of Service Vulnerability (CVE-2017-12545)

Jenkins Remoting
1010233 - Jenkins JRMP Java Library Deserialization Remote Code Execution Vulnerability (CVE-2016-0788)

1010237 - Memcached 'try_read_command_binary' Stack Buffer Overflow Vulnerability (CVE-2020-10931)

Redis Server
1010231* - Redis Cron Remote Code Execution Vulnerability

Web Application Common
1010219 - Centreon formMibs.php Command Injection Vulnerability (CVE-2019-15298)
1005933* - Identified Directory Traversal Sequence In Uri Query Parameter
1010225* - Liferay Portal Untrusted Deserialization Vulnerability (CVE-2020-7961)
1010217* - rConfig '' SQL Injection Vulnerability (CVE-2020-10220)

Web Application PHP Based
1010245 - PHP 'ext/snmp/snmp.c' Use After Free Vulnerability (CVE-2016-6295)
1010234 - PHP 'get_headers()' NULL Byte Injection Vulnerability (CVE-2020-7066)

Web Client Common
1010182* - Google Chrome Type Confusion Vulnerability (CVE-2020-6418)
1010244 - Microsoft Remote Desktop Connection Manager Information Disclosure Vulnerability (CVE-2020-0765)
1010224 - Microsoft Windows Media Foundation Remote Code Execution Vulnerability (CVE-2019-1430)

Web Server Miscellaneous
1009942* - GNOME 'libsoup' HTTP Chunked Encoding Remote Code Execution Vulnerability (CVE-2017-2885)

Web Server Oracle
1010223* - Oracle WebLogic Java Messaging Service Unspecified Vulnerability (CVE-2016-0638)

Web Server SharePoint
1010238 - Microsoft Office SharePoint Cross Site Scripting Vulnerability (CVE-2020-0693)
1010227* - Microsoft SharePoint Scorecards Deserialization Of Untrusted Data Remote Code Execution Vulnerability (CVE-2020-0931)
1010228* - Microsoft SharePoint TypeConverter Deserialization of Untrusted Data Remote Code Execution Vulnerability (CVE-2020-0932)

Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.

Log Inspection Rules:

1005468* - Web Application - Wordpress

Featured Stories