20-044 (September 8, 2020)

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

Apache JServ Protocol
1010361* - Apache Tomcat Local File Inclusion Vulnerability (CVE-2020-1938)


Database IBM Informix Dynamic Server
1010458 - IBM Informix Dynamic Server Directory Traversal Vulnerability


Directory Server LDAP
1010491 - Microsoft Windows Active Directory Information Disclosure Vulnerability (CVE-2020-0664)
1010494 - Microsoft Windows Active Directory Information Disclosure Vulnerability (CVE-2020-0856)


HP Intelligent Management Center (IMC)
1010481* - Apache OFBiz XML-RPC Request Unsafe Deserialization Vulnerability (CVE-2020-9496)


Oracle SQL Net (TNS) Listener
1010475* - Oracle Database Server XML External Entity Injection Vulnerability (CVE-2014-6577)


Trend Micro Deep Security Manager
1010487 - Trend Micro Vulnerability Protection And Deep Security Manager Authentication Bypass Vulnerabilities (CVE-2020-15601 and CVE-2020-15605)


Web Application Common
1010483* - Dolibarr ERP CRM Remote Code Execution Vulnerability (CVE-2019-11200)
1010484* - Dolibarr ERP CRM Remote Code Execution Vulnerability (CVE-2019-11201)
1010344* - ThinkPHP Remote Code Execution Vulnerability (CVE-2019-9082)


Web Application PHP Based
1010212* - LibreNMS Collectd Command Injection Vulnerability (CVE-2019-10669)


Web Client Common
1010493 - Google Chrome WebGL Use After Free Vulnerability (CVE-2020-6492)
1005676* - Identified Download Of XML File With External Entity Reference


Web Server Apache
1010496 - Apache Struts2 File Upload Denial of Service Vulnerability (CVE-2019-0233)


Web Server Common
1010405* - JAWS Remote Code Execution Vulnerability
1010204 - Nagios XI schedulereport.php Command Execution Vulnerability (CVE-2019-20197)


Web Server HTTPS
1010490* - WordPress 'File Manager' Plugin Remote Code Execution Vulnerability
1010492 - rConfig 'configDevice.php' Cross-Site Scripting Vulnerability (CVE-2020-12259)


Web Server Miscellaneous
1010495 - RichFaces Framework Deserialization Vulnerability (CVE-2013-2165)
1010480 - RichFaces Framework Expression Language Injection Vulnerability (CVE-2018-14667)


Web Server Oracle
1010485* - Oracle WebLogic Server IIOP Protocol Insecure Deserialization Vulnerability (CVE-2020-14644)
1010478* - Oracle WebLogic Server T3 Protocol Insecure Deserialization Vulnerability (CVE-2020-14644)


Zoho ManageEngine
1010337* - Zoho ManageEngine OpManager Directory Traversal Vulnerability (CVE-2020-12116)


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.