售后服务_客户支持_服务与支持_绿盟科技

首页-> 服务与支持-> 客户支持-> 售后服务

服务与支持

网络入侵检测系统(IDS)规则5.6.7升级包列表

名称： eoi.unify.rulepatch.5.6.7.752.rule	版本：5.6.7.752
MD5：2b64c236b63fbfffaca7d7d004d54e36	大小：12.66M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.752。规则新增或更新列表如下: 修改: 10291 Apache HTTP Server畸形Range选项处理远程拒绝服务漏洞注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Modified: 10291 Apache HTTP Server Range Denial of Service Vulnerability Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2018-12-28 01:16:19

名称： eoi.unify.rulepatch.5.6.7.751.rule	版本：5.6.7.751
MD5：4e9fc04d12f215d631d48aea75563379	大小：12.66M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.751。规则新增或更新列表如下: 新增：24365 ThinkPHP 5.x远程命令执行漏洞注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Added: 24365 ThinkPHP 5.x Remote Command Execution Vulnerability Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2018-12-20 17:48:43

名称： eoi.unify.rulepatch.5.6.7.750.rule	版本：5.6.7.750
MD5：0d4b288a79d92c976fb719332380da1c	大小：12.66M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.750。规则新增或更新列表如下: 修改: 30131 Microsoft FrontPage fp30reg.dll漏洞扫描探测注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Modified: 30131 Microsoft FrontPage fp30reg.dll Vulnerability Detection Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2018-12-14 08:28:08

名称： eoi.unify.rulepatch.5.6.7.749.rule	版本：5.6.7.749
MD5：5732140c5bd2a0836c85b6eb431612af	大小：12.65M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.749。规则新增或更新列表如下: 修改: 21274 Microsoft Report Viewer 信息泄露漏洞 (CVE-2011-1976) 注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Modified: 21274 Microsoft Report Viewer Information Disclosure Vulnerability (CVE-2011-1976) Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2018-12-06 17:50:52

名称： eoi.unify.rulepatch.5.6.7.748.rule	版本：5.6.7.748
MD5：5f7a6ce035e5aac59ab30cdb5c152945	大小：12.65M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.748。规则新增或更新列表如下: 修改: 20905 WEBinsta FM login.php远程文件包含攻击注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Modified: 20905 WEBinsta FM login.php Remote File Inclusion Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2018-11-29 18:51:05

名称： eoi.unify.rulepatch.5.6.7.747.rule	版本：5.6.7.747
MD5：45b05383911e489de601c1ccefafd5c5	大小：12.65M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.747。规则新增或更新列表如下: 新增: 24333 Apache Struts2 Commons FileUpload反序列远程代码执行漏洞注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Added: 24333 Apache Struts2 Commons FileUpload Unserialization Remote Code Execution Vulnerability Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2018-11-20 21:05:41

名称： eoi.unify.rulepatch.5.6.7.746.rule	版本：5.6.7.746
MD5：302cd960f93c8e95b4e7f5931a344d5a	大小：12.55M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.746。规则新增或更新列表如下: 修改: 41489 后门程序Doublepulsar通信注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Modified: 41489 Backdoor Doublepulsar Communication Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2018-11-15 18:28:35

名称： eoi.unify.rulepatch.5.6.7.745.rule	版本：5.6.7.745
MD5：286aff7175fd0a136bd2de30586528d6	大小：12.55M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.745。规则新增或更新列表如下: 修改: 20921 Microsoft DirectX SAMI及WAV/AVI文件解析远程代码执行漏洞(MS07-064) 注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Modified: 20921 Microsoft DirectX SAMI and WAV/AVI File Parsing Stack Buffer Overflow Vulnerability(MS07-064) Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2018-11-08 18:04:30

名称： eoi.unify.rulepatch.5.6.7.744.rule	版本：5.6.7.744
MD5：20a4bef7ee513c8c5a03f870ef49e477	大小：12.55M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.744。规则新增或更新列表如下: 修改: 24292 Zoho ManageEngine Desktop Central 任意文件删除注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Modified: 24292 Zoho ManageEngine Desktop Central Arbitrary File Deletion Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2018-11-01 21:10:23

名称： eoi.unify.rulepatch.5.6.7.743.rule	版本：5.6.7.743
MD5：de73a30bc55cdcd00606b08c5b9a434a	大小：12.55M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.743。规则新增或更新列表如下: 修改: 10291 Apache HTTP Server畸形Range选项处理远程拒绝服务漏注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Modified: 10291 Apache HTTP Server Range Denial of Service Vulnerability Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2018-10-25 18:12:09

名称： eoi.unify.rulepatch.5.6.7.742.rule	版本：5.6.7.742
MD5：3b229875ffeb9bafebe59829173dbce4	大小：12.55M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.742。规则新增或更新列表如下: 修改: 30441 Microsoft IIS 5.0 .printer ISAPI扩展映射远程缓冲区溢出攻击注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Modified: 20380 30441 Microsoft IIS 5.0 .printer ISAPI Extension Mapping Remote Buffer Overflow Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2018-10-18 19:04:28

名称： eoi.unify.rulepatch.5.6.7.741.rule	版本：5.6.7.741
MD5：379782d4235d68770a317fbd7a571f81	大小：12.55M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.741。规则新增或更新列表如下: 修改: 20380 Real Networks Helix Universal Server RTSP URI处理远程缓冲区溢出攻击; 注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Update: 20380 Real Networks Helix Universal Server RTSP URI handles remote buffer overflow attacks; Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2018-10-11 18:02:35

名称： eoi.unify.rulepatch.5.6.7.740.rule	版本：5.6.7.740
MD5：850c0c61cf17b839a8f1658403440781	大小：12.55M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.740。规则新增或更新列表如下: 修改: 20569 Oracle 9i/10g XML组件存储过程缓冲区溢出攻击注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Update: 20569 Oracle 9i/10g XML Component Stored Procedure Buffer Overflow Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2018-10-04 20:05:10

名称： eoi.unify.rulepatch.5.6.7.739.rule	版本：5.6.7.739
MD5：95a5a09546ced53ad5c657929e1b3d64	大小：12.55M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.739。规则新增或更新列表如下: 新增: 24263 Apache Hadoop YARN ResourceManager远程命令执行漏洞新增: 24309 Apache ActiveMQ Fileserver文件上传目录遍历漏洞(CVE-2016-3088) 新增: 41618 恶意软件Xbash C2服务器通信新增: 41619 恶意软件Xbash向C2服务器上传扫描结果信息注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Modified: add:24263 Apache Hadoop YARN ResourceManager Remote Command Execution Vulnerability add:24309 Apache ActiveMQ Fileserver File Upload Directory Traversal Vulnerability(CVE-2016-3088) add:41618 Malware Xbash C2 Server Communication add:41619 Malware Xbash uploads scan result information to C2 server Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2018-09-30 19:08:04

名称： eoi.unify.rulepatch.5.6.7.737.rule	版本：5.6.7.737
MD5：f400f6d826ed65256540befd61e97b38	大小：12.54M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.737。规则新增或更新列表如下: 修改: 24292 Zoho ManageEngine Desktop Central 任意文件删除注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Update: 24292 Zoho ManageEngine Desktop Central Arbitrary File Deletion Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2018-09-27 20:43:21

名称： eoi.unify.rulepatch.5.6.7.736.rule	版本：5.6.7.736
MD5：18d16fb7522ffb659d27ff1586238394	大小：12.54M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.736。规则新增或更新列表如下: 新增: 24304 Trend Micro Control Manager SQL注入漏洞(CVE-2018-3602) 注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Added: 24304 Trend Micro Control Manager SQL Injection Vulnerability (CVE-2018-3602) Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2018-09-20 16:38:57

名称： eoi.unify.rulepatch.5.6.7.735.rule	版本：5.6.7.735
MD5：51e94d1d2da206d415e681102ae3400c	大小：12.54M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.735。规则新增或更新列表如下: 新增: 21274 Microsoft Report Viewer 信息泄露漏洞 (CVE-2011-1976) 注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Added: 21274 Microsoft Report Viewer Information Disclosure Vulnerability(CVE-2011-1976) Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2018-09-13 17:04:06

名称： eoi.unify.rulepatch.5.6.7.734.rule	版本：5.6.7.734
MD5：2d5759b0db352895be18536a4b705624	大小：12.54M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.734。规则新增或更新列表如下: 新增: 24302 可疑XML外部实体(XXE)注入攻击尝试注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Added: 24302 Suspicious XML External Entity(XXE) Injection Attempt Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2018-09-06 17:50:58

名称： eoi.unify.rulepatch.5.6.7.733.rule	版本：5.6.7.733
MD5：35df4f5efa691d4207c1f07c0da4bb6b	大小：12.54M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.733。规则新增或更新列表如下: 修改: 50066 RLOGIN服务信任用户认证; 注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Modified: 50066 The RLOGIN service trusts user authentication; Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2018-08-30 23:03:46

名称： eoi.unify.rulepatch.5.6.7.732.rule	版本：5.6.7.732
MD5：834702e2d4e5da1ed3f444aec8b483c9	大小：12.54M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.732。规则新增或更新列表如下: 新增: 24298 Struts2远程命令执行漏洞(CVE-2018-11776)(S2-057) 注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Added: 24298 Struts2 Remote Command Execution Vulnerability(CVE-2018-11776)(S2-057) Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2018-08-23 18:30:07

名称： eoi.unify.rulepatch.5.6.7.730.rule	版本：5.6.7.730
MD5：19f994d377ceba03de41596d1c2771a0	大小：12.42M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.730。规则新增或更新列表如下: 新增: 41601 恶意程序Linux/Fbot.Linux.Agent.fy_a网络通信 41602 恶意程序windows/hellbot_a网络通信注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Modified: 41601 Malicious Program Linux/Fbot.Linux.Agent.fy_a Network Communications 41602 Malicious Program windows/hellbot_a Network Communications Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2018-08-16 22:46:48

名称： eoi.unify.rulepatch.5.6.7.729.rule	版本：5.6.7.729
MD5：7410c189c52f966bd04502967b3535aa	大小：12.33M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.729。规则新增或更新列表如下: 新增: 24289 Zoho ManageEngine ApplicationManager testCredential.do 命令注入(CVE-2018-7890) 修改: 24233 D-Link Router service.cgi 任意代码执行漏洞注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Modified: 24289 Zoho ManageEngine ApplicationManager testCredential.do Command Injection(CVE-2018-7890) 24233 D-Link Router service.cgi Arbitrary Code Execution Vulnerability Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2018-08-09 19:13:26

名称： eoi.unify.rulepatch.5.6.7.727.rule	版本：5.6.7.727
MD5：8a54b4bdcbb10760f2db295947293bb2	大小：12.45M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.727。规则新增或更新列表如下: 修改: 30214 Microsoft IIS .idq ISAPI扩展获取绝对路径攻击注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Modified: 30214 Microsoft IIS .idq ISAPI Extension Absolute Path Disclosure Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2018-08-02 18:09:25

名称： eoi.unify.rulepatch.5.6.7.725.rule	版本：5.6.7.725
MD5：00ee0161ab62400c50c4ed9e3c460ab7	大小：12.45M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.725。规则新增或更新列表如下: 新增: 24284 Cisco Prime Infrastructure和DCNM目录遍历漏洞(CVE-2018-0258) 新增: 24286 WebLogic 任意文件上传远程代码执行漏洞(CVE-2018-2894) 注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Added: 24284 Cisco Prime Infrastructure And DCNM Directory Traversal Vulnerability(CVE-2018-0258) Added: 24286 WebLogic Arbitrary File Upload Remote Code Execution Vulnerability(CVE-2018-2894) Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2018-07-26 18:49:44

名称： eoi.unify.rulepatch.5.6.7.724.rule	版本：5.6.7.724
MD5：7a27d6a64c80868c3173efcbeb6e5ed8	大小：12.44M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.724。规则新增或更新列表如下: 修改: 24174 WebLogic WLS 组件远程命令执行漏洞注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Modified: 24174 WebLogic WLS Component Remote Command Execution Vulnerability Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2018-07-19 18:13:55

名称： eoi.unify.rulepatch.5.6.7.723.rule	版本：5.6.7.723
MD5：0ec4d0cd4202e39470dac7dc8294c572	大小：12.44M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.723。规则新增或更新列表如下: 修改: 30149 Microsoft Index Server .htw读取文件漏洞扫描探测注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Modified: 30149 Microsoft Index Server .htw File Reading Vulnerability Detection Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2018-07-12 20:10:23

名称： eoi.unify.rulepatch.5.6.7.722.rule	版本：5.6.7.722
MD5：fbc681505af653d368728a2051078c7e	大小：12.44M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.722。规则新增或更新列表如下: 修改: 30435 Web服务访问password.txt文件获取数据信息注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Modified: 30435 Web Service password.txt Access Data Disclosure Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2018-07-05 18:22:56

名称： eoi.unify.rulepatch.5.6.7.721.rule	版本：5.6.7.721
MD5：2ed10f902694c8f85d74b62883fe5b26	大小：12.44M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.721。规则新增或更新列表如下: 修改: 20904 MyBB calendar.php脚本远程SQL注入攻击注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Modified: 20904 MyBB calendar.php Script Remote SQL Injection Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2018-06-28 17:30:19

名称： eoi.unify.rulepatch.5.6.7.720.rule	版本：5.6.7.720
MD5：3358681543c3c19e73e4a9fda593a336	大小：12.44M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.720。规则新增或更新列表如下: 修改: 23843 Cisco ASA防火墙SNMP溢出漏洞注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Modified: 23843 Cisco ASA SNMP OID parsing stack buffer overflow Vulnerability Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2018-06-21 19:04:28

名称： eoi.unify.rulepatch.5.6.7.719.rule	版本：5.6.7.719
MD5：a29d65d2c9478cccc3445d86bb47059a	大小：12.44M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.719。规则新增或更新列表如下: 修改: 20905 WEBinsta FM login.php远程文件包含攻击注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Modified: 20905 WEBinsta FM login.php Remote File Inclusion Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2018-06-14 19:29:06

名称： eoi.unify.rulepatch.5.6.7.718.rule	版本：5.6.7.718
MD5：8fbe503b6ec15499d35f43ddfadbf4fd	大小：12.44M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.718。规则新增或更新列表如下: 修改: 20907 WordPress插件远程文件包含攻击注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Modified: 20907 WordPress Plugin Remote File Inclusion Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2018-06-07 18:05:29

名称： eoi.unify.rulepatch.5.6.7.717.rule	版本：5.6.7.717
MD5：c3bc087045ea8a1440904c5a2f60a021	大小：12.44M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.717。规则新增或更新列表如下: 修改: 24255 Web服务远程命令执行攻击修改: 10471 TCP畸形报文圣诞树攻击注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Modified: 24255 Web Service Remote Command Execution Attack Modified: 10471 Christmas Tree Attack Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2018-06-01 09:34:58

名称： eoi.unify.rulepatch.5.6.7.716.rule	版本：5.6.7.716
MD5：8ca241ce50032fc1c5841ed0c14c2daa	大小：12.45M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.716。规则新增或更新列表如下: 新增: 49019 挖矿蠕虫WannaMine下载行为修改: 10471 TCP畸形报文圣诞树攻击注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Added: 49019 Miner Worm WannaMine Download Behavior Modified: 10471 Christmas Tree Attack Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2018-05-24 18:03:19

名称： eoi.unify.rulepatch.5.6.7.715.rule	版本：5.6.7.715
MD5：3f21535573dc2e53579baa53406b9f9f	大小：12.44M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.715。规则新增或更新列表如下: 新增: 24255 Web服务远程命令执行攻击新增: 24259 TBK DVR硬盘录像机认证绕过漏洞注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Added: 24255 Web Service Remote Command Execution Attack Added: 24259 TBK DVR Devices Authentication Bypass Vulnerability Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2018-05-18 08:38:46

名称： eoi.unify.rulepatch.5.6.7.714.rule	版本：5.6.7.714
MD5：06a2a342b5250d0b73112bf496880540	大小：12.44M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.714。规则新增或更新列表如下: 修改: 41523 门罗币挖矿程序网络通信注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Modified: 41523 Monero XMR Mining Programs Communication Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2018-05-10 19:40:40

名称： eoi.unify.rulepatch.5.6.7.713.rule	版本：5.6.7.713
MD5：be0ee0539a7760899e8e7bf5bdf916d1	大小：12.44M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.713。规则新增或更新列表如下: 新增: 24255 Web服务远程命令执行攻击注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Added: 24255 Web Service Remote Command Execution Attack Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2018-05-03 18:25:07

名称： eoi.unify.rulepatch.5.6.7.712.rule	版本：5.6.7.712
MD5：513b13c45c0270942578ca1df4c5f4d9	大小：12.44M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.712。规则新增或更新列表如下: 修改: 21460 木马后门程序Backdoor.ASP.Ace ASP Web访问注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Modified: 21460 木马后门程序Backdoor.ASP.Ace ASP Web访问 Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2018-04-26 18:41:06

名称： eoi.unify.rulepatch.5.6.7.711.rule	版本：5.6.7.711
MD5：3731ebd3825377ee607b3d0a6335b0d4	大小：12.44M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.711。规则新增或更新列表如下: 新增: 24250 Drupal核心远程代码执行漏洞新增: 50546 Allen Bradley Micrologix 1400 Series B Session泄露风险注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Added: 24250 Drupal Core Remote Code Execution Vulnerability Added: 50546 Allen Bradley Micrologix 1400 Series B Session Revelation Risk Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2018-04-19 17:52:52

名称： eoi.unify.rulepatch.5.6.7.710.rule	版本：5.6.7.710
MD5：be949d095ed5c9817d78418c0c1e3a8f	大小：12.44M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.710。规则新增或更新列表如下: 修改: 23614 Oracle Weblogic Server Java反序列化漏洞注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Modified: 23614 Oracle Weblogic Server Java Unserialization Vulnerability Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2018-04-17 22:56:58

名称： eoi.unify.rulepatch.5.6.7.709.rule	版本：5.6.7.709
MD5：61a7a29d82d80bf2acaaf379745a1e86	大小：12.39M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.709。规则新增或更新列表如下: 新增: 24246 Cisco IOS and IOS XE Software Smart Install 远程代码执行漏洞新增: 10480 Allen Bradley Micrologix 1400 Series B Ethernet功能拒绝服务漏洞新增: 24245 锐捷网关设备远程命令执行漏洞修改: 41386 TrickBot银行木马通信注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Added: 24246 Cisco IOS and IOS XE Software Smart Install Remote Code Execution Vulnerability Added: 10480 Allen Bradley Micrologix 1400 Series B Ethernet Card Malformed Packet Denial of Service Vulnerability Added: 24245 Ruijie Gateway Device Remote Command Execution Vulnerability Modified: 41386 TrickBot Banking Trojan Communication Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2018-04-12 23:28:36

名称： eoi.unify.rulepatch.5.6.7.708.rule	版本：5.6.7.708
MD5：a31435c5ace72b742d3b76043a534a84	大小：12.39M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.708。规则新增或更新列表如下: 修改: 41534 网页包含挖矿脚本代码注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Modified: 41534 Web Page Contains Mining Script Code Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2018-04-05 22:03:11

名称： eoi.unify.rulepatch.5.6.7.707.rule	版本：5.6.7.707
MD5：990b42efae313a53bbf5e0393b90112c	大小：12.39M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.707。规则新增或更新列表如下: 新增: 41542 PHP木马文件phpspy2014上传修改: 23612 Jboss JMX Java反序列化漏洞注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Added: 41542 PHP Trojan File phpspy2014 Uploading Modified: 23612 Jboss JMX Java Unserialization Vulnerability Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2018-03-29 18:22:11

名称： eoi.unify.rulepatch.5.6.7.706.rule	版本：5.6.7.706
MD5：9192aa54d9d239aa0c6198ff8172ae21	大小：12.39M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.706。规则新增或更新列表如下: 修改: 20610 DistCC守护程序远程命令执行攻击注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Modified: 20610 DistCC Daemon Remote Command Execution Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2018-03-22 17:11:26

名称： eoi.unify.rulepatch.5.6.7.705.rule	版本：5.6.7.705
MD5：325270eff02fb07f41c396c100023a9d	大小：12.39M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.705。规则新增或更新列表如下: 修改: 24186 华为HG532路由器远程命令执行漏洞(CVE-2017-17215) 注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Modified: 24186 HUAWEI HG532 Routers Remote Command Execution Vulnerability(CVE-2017-17215) Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2018-03-15 16:34:32

名称： eoi.unify.rulepatch.5.6.7.704.rule	版本：5.6.7.704
MD5：cf54619e1f328cf6b58ca1400083f5f9	大小：12.38M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.704。规则新增或更新列表如下: 新增: 41533 Gafgyt僵尸网络通信行新增: 41534 网页包含挖矿脚本代码修改: 24105 Spring Data REST远程代码执行漏洞(CVE-2017-8046) 修改: 50545 比特币矿机尝试连接矿池服务器注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Added: 41533 Botnet Gafgyt Communication Added: 41534 Web Page Contains Mining Script Code Modified: 24105 Spring Data REST Remote Code Execution Vulnerability(CVE-2017-8046) Modified: 50545 Bitcoin Miners Attempt to Connect the Mining Pool Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2018-03-08 16:57:04

名称： eoi.unify.rulepatch.5.6.7.702.rule	版本：5.6.7.702
MD5：60dfd2cad1ffec499ca6a41c8f80fc72	大小：15.74M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.702。规则新增或更新列表如下: 新增: 24223 NetEx HyperIP 6.1.0 Post-Auth 远程命令执行新增: 24224 CMS Made Simple 2.1.6 远程代码执行漏洞新增: 24225 AsusWRT LAN 未经身份验证的远程代码执行漏洞注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Added: 24223 NetEx HyperIP Post-Auth Command Execution Added: 24223 CMS Made Simple 2.1.6 - Remote Code Execution Vulnerability Added: 24223 AsusWRT LAN Unauthenticated Remote Code Execution Vulnerability Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2018-03-01 18:55:23

名称： eoi.unify.rulepatch.5.6.7.701.rule	版本：5.6.7.701
MD5：72262a446ec99da7d41f304b0a7950bd	大小：15.73M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.701。规则新增或更新列表如下: 修改: 40335 木马后门程序wollf木马建立连接注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Modified: 40335 Backdoor/Trojan wollf Connection Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2018-02-22 18:02:07

名称： eoi.unify.rulepatch.5.6.7.700.rule	版本：5.6.7.700
MD5：60ec7ee728a0aa3b0e8fc86905038a61	大小：15.73M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.700。规则新增或更新列表如下: 修改: 20556 HP OpenView网络节点管理器远程命令执行攻击(CVE-2005-2773) 注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Modified: 20556 HP OpenView Network Node Manager Remote Command Execution(CVE-2005-2773) Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2018-02-15 13:28:02

名称： eoi.unify.rulepatch.5.6.7.699.rule	版本：5.6.7.699
MD5：5d7bfa7c0430e888508628c8180ee502	大小：15.74M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.699。规则新增或更新列表如下: 新增: 24209 施耐德派尔高Sarix Pro摄像头session.cgi程序缓冲区溢出漏洞新增: 24210 施耐德派尔高Sarix enhanced摄像头命令执行漏洞新增: 24213 施耐德派尔高Sarix Pro网络摄像头web界面空帐号密码账号漏洞新增: 24217 施耐德派尔高Sarix Pro网络摄像头import.cgi XML实体注入漏洞新增: 24218 施耐德派尔高Sarix Pro网络摄像头set_param程序system.opkg.remove命令执行漏洞新增: 24219 施耐德派尔高Sarix Pro网络摄像头set_param程序network.ieee8021x.delete_certs命令执行漏洞修改: 23896 Memcached Append/Prepend操作整数溢出漏洞(CVE-2016-8704) 修改: 23897 Memcached Update整数溢出漏洞(CVE-2016-8705) 修改: 23898 Memcached SASL认证整数溢出漏洞(CVE-2016-8706) 注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Added: 24209 Schneider Pelco Sarix Pro camera session.cgi program buffer overflow vulnerability Added: 24210 Schneider Pelco Sarix enhanced Camera Command Execution Vulnerability Added: 24213 Schneider Pelco Sarix Pro webcam's web management interface has an empty username and password account Added: 24217 Schneider Pelco Sarix Pro Webcam import.cgi XML Entity Injection Vulnerability Added: 24218 Schneider Pelco Sarix Pro webcam set_param program system.opkg.remove Command Execution Vulnerability Added: 24219 Schneider Pelco Sarix Pro webcam set_param program network.ieee8021x.delete_certs Command Execution Vulnerability Modified: 23896 Memcached Append/Prepend Operations Integer Overflow Vulnerability(CVE-2016-8704) Modified: 23897 Memcached Update Integer Overflow Vulnerability(CVE-2016-8705) Modified: 23898 Memcached SASL Authentication Integer Overflow Vulnerability(CVE-2016-8706) Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2018-02-08 18:15:24

名称： eoi.unify.rulepatch.5.6.7.698.rule	版本：5.6.7.698
MD5：2a1de449d819e86ba2008cc003e1bc0e	大小：15.72M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.698。规则新增或更新列表如下: 修改: 41523 门罗币挖矿程序网络通信修改: 50545 比特币矿机尝试连接矿池服务器注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Modified: 41523 Monero XMR Mining Programs Communication Modified: 50545 Bitcoin Miners Attempt to Connect the Mining Pool Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2018-02-02 09:20:49

名称： eoi.unify.rulepatch.5.6.7.697.rule	版本：5.6.7.697
MD5：b4e1beaee8691ccdaf363fca700b1ec4	大小：13.39M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.697。规则新增或更新列表如下: 新增: 49017 恶意软件RubyMiner挖矿程序连接服务器新增: 24200 Microsoft Internet Explorer/Edge脚本引擎远程内存破坏漏洞(CVE-2018-0762) 新增: 10471 TCP畸形报文圣诞树攻击修改: 41523 门罗币挖矿程序网络通信修改: 10274 Smurf拒绝服务攻击注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Added: 49017 Malware RubyMiner Connect to Server Added: 24200 Microsoft Internet Explorer/Edge Script Engine Memory Corruption Vulnerability(CVE-2018-0762) Added: 10471 Christmas Tree Attack Modified: 41523 Monero XMR Mining Programs Communication Modified: 10274 Smurf denial of service Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2018-01-25 16:22:11

名称： eoi.unify.rulepatch.5.6.7.696.rule	版本：5.6.7.696
MD5：f4410298c62bfe8e51cc79f3de40ad4c	大小：13.38M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.696。规则新增或更新列表如下: 新增: 24200 Microsoft Internet Explorer/Edge脚本引擎远程内存破坏漏洞(CVE-2018-0762) 新增: 10471 TCP畸形报文圣诞树攻击新增: 24198 Microsoft Edge Scripting Engine内存破坏漏洞(CVE-2018-0776) 新增: 24199 Microsoft Edge Scripting Engine Remote内存破坏漏洞(CVE-2018-0773) 新增: 24197 Microsoft Edge Scripting Engine内存破坏漏洞(CVE-2018-0758) 新增: 24196 Microsoft Edge类型混淆漏洞(CVE-2018-0775) 注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Added: 24200 Microsoft Internet Explorer/Edge Script Engine Memory Corruption Vulnerability(CVE-2018-0762) Added: 10471 Christmas Tree Attack Added: 24198 Microsoft Edge Scripting Engine Memory Corruption Vulnerability(CVE-2018-0776) Added: 24199 Microsoft Edge Scripting Engine Remote Memory Corruption Vulnerability(CVE-2018-0773) Added: 24197 Microsoft Edge Scripting Engine Memory Corruption Vulnerability(CVE-2018-0758) Added: 24196 Microsoft Edge type confusion vulnerability(CVE-2018-0775) Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2018-01-18 18:06:27

名称： eoi.unify.rulepatch.5.6.7.695.rule	版本：5.6.7.695
MD5：e204cd581dada3c3a7dfd017078f6614	大小：13.39M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.695。规则新增或更新列表如下: 新增: 24195 浏览器CPU Spectre 漏洞(CVE-2017-5753 and CVE-2017-5715) 新增: 41525 IoT蠕虫DarkCat传播修改: 24174 WebLogic WLS 组件远程命令执行漏洞注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Added: 24195 Browser CPU Spectre vulnerability(CVE-2017-5753 and CVE-2017-5715) Added: 41525 IoT Worm DarkCat Spreading Modified: 24174 WebLogic WLS Component Remote Command Execution Vulnerability Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2018-01-11 13:46:27

名称： eoi.unify.rulepatch.5.6.7.693.rule	版本：5.6.7.693
MD5：ba397347aa9a54f2afb543c2362bf934	大小：13.38M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.693。规则新增或更新列表如下: 新增: 24186 华为HG532路由器远程命令执行漏洞(CVE-2017-17215) 新增: 24187 vBulletin routestring Unauthenticated远程代码执行漏洞新增: 24189 Realtek rtl81xx SDK远程代码执行漏洞(CVE-2014-8361) 注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Added: 24186 HUAWEI HG532 Routers Remote Command Execution Vulnerability(CVE-2017-17215) Added: 24187 vBulletin routestring Unauthenticated Remote Code Execution Vulnerability Added: 24189 Realtek rtl81xx SDK Remote Code Execution Vulnerability(CVE-2014-8361) Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2018-01-04 16:50:22

名称： eoi.unify.rulepatch.5.6.7.692.rule	版本：5.6.7.692
MD5：d33a8c6b2c6ce2e3e2b276132c8d4ff6	大小：13.31M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.692。规则新增或更新列表如下: 新增: 24163 GoAhead httpd LD_PRELOAD 远程代码执行漏洞修改: 41523 门罗币挖矿程序网络通信注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Added: 24163 GoAhead httpd LD_PRELOAD Remote Code Execution Vulnerability Modified: 41523 Monero XMR Mining Programs Communication Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2017-12-28 16:11:20

名称： eoi.unify.rulepatch.5.6.7.690.rule	版本：5.6.7.690
MD5：b1e90feffb9df4d315c97e079e303122	大小：13.32M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.690。规则新增或更新列表如下: 新增: 24174 WebLogic WLS 组件远程命令执行漏洞新增: 41523 门罗币挖矿程序网络通信注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Added: 24174 WebLogic WLS Component Remote Command Execution Vulnerability Added: 41523 Monero XMR Mining Programs Communication Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2017-12-22 19:55:09

名称： eoi.unify.rulepatch.5.6.7.689.rule	版本：5.6.7.689
MD5：cb0362153966dcc0f62bcb8792d194f5	大小：13.41M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.689。规则新增或更新列表如下: 修改: 40023 木马后门程序DeepThroat木马通信注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Modified: 40023 Backdoor/Trojan DeepThroat Communication Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2017-12-21 18:05:07

名称： eoi.unify.rulepatch.5.6.7.688.rule	版本：5.6.7.688
MD5：cc47eafd183bc30bdc7560d8bb509cf2	大小：13.40M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.688。规则新增或更新列表如下: 新增: 24163 GoAhead httpd LD_PRELOAD 远程代码执行漏洞注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Added: 24163 GoAhead httpd LD_PRELOAD Remote Code Execution Vulnerability Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2017-12-19 20:18:45

名称： eoi.unify.rulepatch.5.6.7.687.rule	版本：5.6.7.687
MD5：2e4caf34b0dbd7b7c21454784bfa8fc4	大小：13.16M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.687。规则新增或更新列表如下: 新增: 41523 门罗币挖矿程序网络通信注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Added: 41523 Monero XMR Mining Programs Communication Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2017-12-14 17:24:39

名称： eoi.unify.rulepatch.5.6.7.686.rule	版本：5.6.7.686
MD5：6c6b536cb840f6790d1b947fb3c1a6f8	大小：13.16M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.686。规则新增或更新列表如下: 新增：24146 JbossAS反序列化远程命令执行漏洞(CVE-2017-12149) 注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Added: 24146 JbossAS Serialized Object Remote Code Execution Vulnerability(CVE-2017-12149) Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2017-12-07 17:36:23

名称： eoi.unify.rulepatch.5.6.7.685.rule	版本：5.6.7.685
MD5：e66c971429e093e653a63d194bb16714	大小：13.15M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.685。规则新增或更新列表如下: 修改: 41498 暗云木马通信注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Modified: 41498 Dark clouds Trojan Communication Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2017-12-01 10:20:31

名称： eoi.unify.rulepatch.5.6.7.684.rule	版本：5.6.7.684
MD5：496d51cad76b64bd5b35f39b467a8b8a	大小：13.15M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.684。规则新增或更新列表如下: 新增: 24123 西门子SICAM RTUs SM-2556 COM 模块跨站脚本执行漏洞注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Added: 24123 Siemens SICAM RTUs SM-2556 COM Modules XSS Vulnerability Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2017-11-23 18:06:00

名称： eoi.unify.rulepatch.5.6.7.683.rule	版本：5.6.7.683
MD5：408339ae3bc28b787b9cacae570568fa	大小：13.14M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.683。规则新增或更新列表如下: 修改: 10190 CA BrightStor ARCserve Backup caloggerd.exe远程拒绝服务攻击注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Modified: 10190 CA BrightStor ARCserve Backup caloggerd.exe Remote Denial of Service Attack Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2017-11-16 18:52:22

名称： eoi.unify.rulepatch.5.6.7.682.rule	版本：5.6.7.682
MD5：468049adb0306656990ac92368bf22a4	大小：13.14M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.682。规则新增或更新列表如下: 新增: 24119 FasterXML Jackson-databind反序列化代码执行漏洞(CVE-2017-15095) 注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Added: 24119 FasterXML Jackson-databind Deserialization Remote Code Execution Vulnerability(CVE-2017-15095) Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2017-11-09 16:41:06

名称： eoi.unify.rulepatch.5.6.7.681.rule	版本：5.6.7.681
MD5：712e75fe8358ded551c7298f661137b2	大小：13.13M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.681。规则新增或更新列表如下: 新增: 50545 比特币矿机尝试连接矿池服务器注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Added: 50545 Bitcoin Miners Attempt to Connect the Mining Pool Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2017-11-02 16:44:12

名称： eoi.unify.rulepatch.5.6.7.680.rule	版本：5.6.7.680
MD5：8101ffe0d84e3a7b6253f014e1b69434	大小：13.14M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.680。规则新增或更新列表如下: 新增: 41521 DownLoader:Win32/flexible恶意程序通信新增: 41522 Spyware:Win32/flexible恶意程序通信修改: 24109 Apache Solr/Lucene信息泄露及远程代码执行漏洞(CVE-2017-12629) 注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Added: 41521 DownLoader:Win32/flexible Communication Added: 41522 Spyware:Win32/flexible Communication Modified: 24109 Apache Solr/Lucene Information Disclosure and Remote Code Execution Vulnerabilities(CVE-2017-12629) Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2017-10-26 18:29:28

名称： eoi.unify.rulepatch.5.6.7.679.rule	版本：5.6.7.679
MD5：3e9b168ae1d478ade99e6e64af7cc6d3	大小：13.14M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.679。规则新增或更新列表如下: 新增: 24109 Apache Solr/Lucene信息泄露及远程代码执行漏洞(CVE-2017-12629) 新增: 41520 恶意程序Downloader:Win32/Carbanak-20171016-2C0CFDC5B5653CB3E8B0F8EEEF55FC32网络通信注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Added: 24109 Apache Solr/Lucene Information Disclosure and Remote Code Execution Vulnerabilities(CVE-2017-12629) Added: 41520 Malicious File Downloader:Win32/Carbanak-20171016-2C0CFDC5B5653CB3E8B0F8EEEF55FC32 Network Communication Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2017-10-19 17:53:09

名称： eoi.unify.rulepatch.5.6.7.678.rule	版本：5.6.7.678
MD5：d1f8afac2e18728ca46f317dc2984d9b	大小：13.14M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.678。规则新增或更新列表如下: 新增: 24106 Apache Tomcat远程代码执行漏洞（CVE-2017-12617）注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Added: 24106 Apache Tomcat remote Code Execution Vulnerability（CVE-2017-12617） Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2017-10-12 18:42:04

名称： eoi.unify.rulepatch.5.6.7.677.rule	版本：5.6.7.677
MD5：8ed5be648ea2bdc8af78f9910b8fdc42	大小：13.14M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.677。规则新增或更新列表如下: 新增: 30700 Microsoft Windows XXE 信息泄露漏洞注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Added: 30700 Microsoft Windows XXE Information Disclosure Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2017-10-05 23:04:19

名称： eoi.unify.rulepatch.5.6.7.676.rule	版本：5.6.7.676
MD5：73942491257f1b1405fcb5a22eabdb92	大小：13.14M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.676。规则新增或更新列表如下: 新增: 24105 Spring Data REST远程代码执行漏洞(CVE-2017-8046) 注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Added: 24105 Spring Data REST Remote Code Execution Vulnerability(CVE-2017-8046) Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2017-09-29 19:02:03

名称： eoi.unify.rulepatch.5.6.7.675.rule	版本：5.6.7.675
MD5：6495dffa82dc779c15231df61d9be86f	大小：11.89M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.675。规则新增或更新列表如下: 修改: 23579 Elasticsearch 目录遍历漏洞注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Modified: 23579 Elasticsearch Path Traversal Vulnerability Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2017-09-28 16:42:29

名称： eoi.unify.rulepatch.5.6.7.674.rule	版本：5.6.7.674
MD5：29574c4623ff9e2e0eb448fb259499a4	大小：11.90M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.674。规则新增或更新列表如下: 新增: 41507 konni木马链接新增: 24101 Apache Tomcat 远程代码执行漏洞（CVE-2017-12615）注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Added: 41507 konni trojan connect Added: 24101 Apache Tomcat Remote Code Execution Vulnerability（CVE-2017-12615） Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2017-09-21 10:21:30

名称： eoi.unify.rulepatch.5.6.7.672.rule	版本：5.6.7.672
MD5：97b3cddf718af1c792a6cad5cb2910df	大小：11.89M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.672。规则新增或更新列表如下: 修改: 24098 Apache Struts2 REST插件远程代码执行漏洞(S2-052) 修改: 41503 NetSarang XShell/Xmanager/Xftp nssock2.dll后门程序通信注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Modified: 24098 Apache Struts2 REST Plugin Remote Code Execution Vulnerability(S2-052) Modified: 41503 NetSarang XShell/Xmanager/Xftp nssock2.dll Backdoor Communication Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2017-09-14 16:44:20

名称： eoi.unify.rulepatch.5.6.7.671.rule	版本：5.6.7.671
MD5：7a2cdcce9d8ea710e9c5d6b49c1e2021	大小：11.89M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.671。规则新增或更新列表如下: 新增: 24098 Apache Struts2 REST插件远程代码执行漏洞(S2-052) 修改: 41503 NetSarang XShell/Xmanager/Xftp nssock2.dll后门程序通信注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Added: 24098 Apache Struts2 REST Plugin Remote Code Execution Vulnerability(S2-052) Modified: 41503 NetSarang XShell/Xmanager/Xftp nssock2.dll Backdoor Communication Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2017-09-06 18:20:44

名称： eoi.unify.rulepatch.5.6.7.669.rule	版本：5.6.7.669
MD5：ccf353a289f63f0c1f65fc8fb2b50ab8	大小：11.88M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.669。规则新增或更新列表如下: 修改: 10190 CA BrightStor ARCserve Backup caloggerd.exe远程拒绝服务攻击注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Modified: 10190 CA BrightStor ARCserve Backup caloggerd.exe Remote Denial of Service Attack Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2017-08-31 16:27:37

名称： eoi.unify.rulepatch.5.6.7.668.rule	版本：5.6.7.668
MD5：9506efa2f7a0b669526e8313450b0495	大小：11.83M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.668。规则新增或更新列表如下: 新增: 41503 Microsoft Edge NetSarang XShell/Xmanager/Xftp nssock2.dll后门程序通信修改: 41388 Mirai僵尸连接服务器注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Added: 41503 NetSarang XShell/Xmanager/Xftp nssock2.dll Backdoor Communication Modified: 41388 Mirai Botnet Connecting to the Server Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2017-08-24 17:05:21

名称： eoi.unify.rulepatch.5.6.7.667.rule	版本：5.6.7.667
MD5：579df10813ed67fb5df1f71de9dea80c	大小：11.83M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.667。规则新增或更新列表如下: 修改: 41388 Mirai僵尸连接服务器注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Modified: 41388 Mirai Botnet Connecting to the Server Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2017-08-17 22:03:55

名称： eoi.unify.rulepatch.5.6.7.666.rule	版本：5.6.7.666
MD5：b150dad8b8a189657c01714ff36994bc	大小：11.83M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.666。规则新增或更新列表如下: 新增: 41503 NetSarang XShell/Xmanager/Xftp nssock2.dll后门程序通信注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Added: 41503 NetSarang XShell/Xmanager/Xftp nssock2.dll Backdoor Communication Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2017-08-14 19:08:36

名称： eoi.unify.rulepatch.5.6.7.664.rule	版本：5.6.7.664
MD5：68f543449df8b89aef88df488a6ba141	大小：11.83M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.664。规则新增或更新列表如下: 修改: 23994 Windows SMB远程代码执行漏洞(Shadow Brokers EternalBlue) 注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Modified: 23994 Windows SMB Remote Code Execution Vulnerability(Shadow Brokers EternalBlue) Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2017-08-10 17:23:26

名称： eoi.unify.rulepatch.5.6.7.663.rule	版本：5.6.7.663
MD5：ec160033595885740fa389567306940c	大小：11.83M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.663。规则新增或更新列表如下: 修改: 23993 Microsoft Office OLE功能远程代码执行漏洞(CVE-2017-0199) 注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Modified: 23993 Microsoft Office OLE Feature Remote Code Execution Vulnerability(CVE-2017-0199) Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2017-08-03 17:31:11

名称： eoi.unify.rulepatch.5.6.7.662.rule	版本：5.6.7.662
MD5：b1e3f31a4583dd5c77764277dc76d4ed	大小：11.82M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.662。规则新增或更新列表如下: 新增: 24082 Microsoft Windows OLE远程代码执行漏洞(CVE-2017-8487)(Englishmansdentis) 注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Added: 24082 Microsoft Windows OLE Remote Code Execution Vulnerability(CVE-2017-8487)(Englishmansdentis) Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2017-07-27 16:45:24

名称： eoi.unify.rulepatch.5.6.7.661.rule	版本：5.6.7.661
MD5：d128561f81999f7530b819f05de41884	大小：11.82M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.661。规则新增或更新列表如下: 新增: 24078 Microsoft Edge 远程内存破坏漏洞(CVE-2017-8605) 新增: 24079 Microsoft Edge 远程代码执行漏洞（CVE-2017-8619）新增: 24080 Microsoft Edge 远程代码执行漏洞(CVE-2017-8617) 注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Added: 24078 Microsoft Edge Remote Memory Corruption Vulnerability(CVE-2017-8605) Added: 24079 Microsoft Edge Remote Code Execution Vulnerability(CVE-2017-8619) Added: 41496 Microsoft Edge Remote Code Execution Vulnerability(CVE-2017-8617) Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2017-07-20 17:25:26

名称： eoi.unify.rulepatch.5.6.7.660.rule	版本：5.6.7.660
MD5：a6474bc6da02e62ce8b99bb2d56395a7	大小：11.82M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.109上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.660。该升级包新增/改进的规则有: 新增：24073 HP Enterprise Operations Orchestration远程代码执行漏洞修改：10453 Apache HTTP Server mod_http2 空指针间接引用漏洞(CVE-2017-7659) 注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.109.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added: 24073 HP Enterprise Operations Orchestration Remote Code Execution Vulnerability Modified: 10453 Apache HTTP Server mod_http2 Null Pointer Dereference Vulnerability(CVE-2017-7659) Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2017-07-14 11:22:50

名称： eoi.unify.rulepatch.5.6.7.659.rule	版本：5.6.7.659
MD5：f165a91ab0708e1660c17a0bb9431155	大小：11.82M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.109上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.659。该升级包新增/改进的规则有: 新增：10453 Apache HTTP Server mod_http2 空指针间接引用漏洞(CVE-2017-7659) 注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.109.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added:10453 Apache HTTP Server mod_http2 Null Pointer Dereference Vulnerability(CVE-2017-7659) Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2017-07-08 00:11:51

名称： eoi.unify.rulepatch.5.6.7.657.rule	版本：5.6.7.657
MD5：af83f76e1006bb636b54a837d68e2c5e	大小：11.82M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.657。规则新增或更新列表如下: 新增: 10451 PHP Exception toString反序列化拒绝服务攻击漏洞新增: 24064 VegaDNS axfr_get.php命令注入漏洞修改: 23614 Oracle Weblogic Server Java反序列化漏洞修改: 23993 Microsoft Office OLE功能远程代码执行漏洞(CVE-2017-0199) 注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Added: 10451 PHP exception toString Unserialization Denial of Service Added: 24064 VegaDNS axfr_get.php Command Injection Vulnerability Modified: 23614 Oracle Weblogic Server Java Unserialization Vulnerability Modified: 23993 Microsoft Office OLE Feature Remote Code Execution Vulnerability(CVE-2017-0199) Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2017-07-06 17:19:07

名称： eoi.unify.rulepatch.5.6.7.656.rule	版本：5.6.7.656
MD5：f782504f5506e5ce30fd1ff462d3b867	大小：11.76M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.656。规则新增或更新列表如下: 新增: 24059 Microsoft Windows LNK远程代码执行漏洞(CVE-2017-8464) 新增: 24060 Microsoft Edge远程内存破坏漏洞(CVE-2017-8496) 新增: 24061 Microsoft Edge远程内存破坏漏洞(CVE-2017-8497) 新增: 24062 Microsoft Internet Explorer/Edge远程内存破坏漏洞(CVE-2017-8524) 注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Added: 24059 Microsoft Windows LNK Remote Code Execution Vulnerability(CVE-2017-8464) Added: 24060 Microsoft Edge Remote Memory Corruption Vulnerability(CVE-2017-8496) Added: 24061 Microsoft Edge Remote Memory Corruption Vulnerability(CVE-2017-8497) Added: 24062 Microsoft Internet Explorer/Edge Remote Memory Corruption Vulnerability(CVE-2017-8524) Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2017-06-29 17:38:06

名称： eoi.unify.rulepatch.5.6.7.655.rule	版本：5.6.7.655
MD5：1fe747c415f84fc337685461716008c3	大小：11.71M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.655。规则新增或更新列表如下: 修改: 23005 POP3S 服务暴力猜测用户口令注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Modified: 23005 POP3S Service User Password Brute Forcce
发布时间：2017-06-22 17:23:43

名称： eoi.unify.rulepatch.5.6.7.654.rule	版本：5.6.7.654
MD5：d94f3bfedf3e87b29286593529c12fe4	大小：11.70M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.654。规则新增或更新列表如下: 新增: 41498 暗云木马通信注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Added: 41498 Dark clouds Trojan Communication
发布时间：2017-06-15 18:28:47

名称： eoi.unify.rulepatch.5.6.7.652.rule	版本：5.6.7.652
MD5：5182444281b63159bf06a66d1561b50f	大小：11.70M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.652。规则新增或更新列表如下: 新增: 24007 Windows 远程桌面代码执行漏洞(Shadow Broker ESTEEMAUDIT) 注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Added: 24007 Windows RDP Code Execution Vulnerability(Shadow Broker ESTEEMAUDIT) Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2017-06-08 18:06:09

名称： eoi.unify.rulepatch.5.6.7.651.rule	版本：5.6.7.651
MD5：d13d500547aa10635d30dd85f3e32d4d	大小：11.70M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.649。规则新增或更新列表如下: 修改: 41496 Blackmoon银行木马通信注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Modified: 41496 Blackmoon Banking Trojan Communication Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2017-06-01 16:38:56

名称： eoi.unify.rulepatch.5.6.7.650.rule	版本：5.6.7.650
MD5：9d192cab87476c816445ff7745b7b4fc	大小：11.70M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.650。规则新增或更新列表如下: 新增: 24005 Samba远程代码执行漏洞(CVE-2017-7494) 注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Added: 24005 Samba Remote Code Execution Vulnerability(CVE-2017-7494) Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2017-05-27 18:32:29

名称： eoi.unify.rulepatch.5.6.7.649.rule	版本：5.6.7.649
MD5：351b3bf067a6efc1580f069a5b9e53aa	大小：11.69M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.649。规则新增或更新列表如下: 新增: 41496 Blackmoon银行木马通信注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Added: 41496 Blackmoon Banking Trojan Communication Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2017-05-25 15:32:48

名称： eoi.unify.rulepatch.5.6.7.648.rule	版本：5.6.7.648
MD5：a3c0385bbae34afdc17fd6af9365e89a	大小：11.69M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.648。规则新增或更新列表如下: 新增: 23999 Microsoft Edge远程内存破坏漏洞(CVE-2017-0236) 新增: 24000 Microsoft Edge远程内存破坏漏洞(CVE-2017-0240) 修改: 40379 DDOS工具TFN主控端向分布端发送指令注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Added: 23999 Microsoft Edge Remote Memory Corruption Vulnerability(CVE-2017-0236) Added: 24000 Microsoft Edge Remote Memory Corruption Vulnerability(CVE-2017-0240) Modified: 40379 DDOS Tool TFN Console Sending Command to Distributed End Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2017-05-18 18:35:31

名称： eoi.unify.rulepatch.5.6.7.647.rule	版本：5.6.7.647
MD5：ebed615f084ab5efb562d3120e0abca5	大小：11.73M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.647。规则新增或更新列表如下: 新增: 41490 artemis僵尸网络肉鸡上线新增: 41491 UUgangT僵尸网络肉鸡上线新增: 41494 WinHelp32僵尸网络肉鸡上线新增: 41495 9527win僵尸网络肉鸡上线注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Added: 41490 Zombies of Botnet artemis Connect to the Server Added: 41491 Zombies of Botnet UUgangT Connect to the Server Added: 41494 Zombies of Botnet WinHelp32 Connect to the Server Added: 41495 Zombies of Botnet 9527win Connect to the Server Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2017-05-11 17:09:36

名称： eoi.unify.rulepatch.5.6.7.646.rule	版本：5.6.7.646
MD5：50118ab7f4a297f6a0f9ad361e89ed68	大小：11.73M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.646。规则新增或更新列表如下: 新增: 23998 WordPress远程命令执行漏洞(PHPMailer) 注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Added: 23998 WordPress Remote Code Execution Vulnerability(PHPMailer) Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2017-05-04 17:45:02

名称： eoi.unify.rulepatch.5.6.7.644.rule	版本：5.6.7.644
MD5：c20edf8d3c9ca2eefde80f2c769c2be0	大小：11.10M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.644。规则新增或更新列表如下: 新增: 23997 Jackson-Databind框架json反序列化代码执行漏洞注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Added: 23997 Jackson-Databind framework json deserialization code execution vulnerability Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2017-04-27 16:49:51

名称： eoi.unify.rulepatch.5.6.7.643.rule	版本：5.6.7.643
MD5：0801e70da5ce6a1c14fb65f49f349d7d	大小：11.10M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.643。规则新增或更新列表如下: 新增: 41489 后门程序Doublepulsar通信新增: 23993 Microsoft Office OLE功能远程代码执行漏洞(CVE-2017-0199) 修改: 41388 Mirai僵尸连接服务器注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Added: 41489 Backdoor Doublepulsar Communication Added: 23993 Microsoft Office OLE Feature Remote Code Execution Vulnerability(CVE-2017-0199) Modified: 41388 Mirai Botnet Connecting to the Server Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2017-04-20 17:28:42

名称： eoi.unify.rulepatch.5.6.7.642.rule	版本：5.6.7.642
MD5：3988a18f90ca68ee14c65a3a63f1b8f6	大小：11.10M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.642。规则新增或更新列表如下: 新增: 23994 Windows SMB远程代码执行漏洞(Shadow Brokers EternalBlue) 注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Added: 23994 Windows SMB Remote Code Execution Vulnerability(Shadow Brokers EternalBlue) Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2017-04-15 23:28:15

名称： eoi.unify.rulepatch.5.6.7.640.rule	版本：5.6.7.640
MD5：08703fb02fe365c5b426bfe3c210c2ee	大小：11.10M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.640。规则新增或更新列表如下: 新增: 41488 felismus木马恶意通信新增: 30695 施耐德Modicon TM221CE16R固件1.3.3.3远程密码信息泄露漏洞注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Added: 41488 Trojan felismus malicious communication Added: 30695 Schneider Modicon TM221CE16R firmware 1.3.3.3 Password Information Disclosure Vulnerability Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2017-04-13 16:09:45

名称： eoi.unify.rulepatch.5.6.7.639.rule	版本：5.6.7.639
MD5：3164034dad3714f711e4159b5aba7c2d	大小：11.10M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.639。规则新增或更新列表如下: 新增: 41487 Shamoon2木马恶意通信注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Added: 41487 Trojan Shamoon2 malicious communication Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2017-04-06 17:36:29

名称： eoi.unify.rulepatch.5.6.7.638.rule	版本：5.6.7.638
MD5：ccce02aa1d0775ddf2f94037105f966c	大小：11.10M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.638。规则新增或更新列表如下: 新增: 23992 IIS 6.0远程代码执行漏洞(CVE-2017-7269) 注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Added: 23992 IIS 6.0Remote Code Execution Vulnerability(CVE-2017-7269) Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2017-03-28 17:21:50

名称： eoi.unify.rulepatch.5.6.7.635.rule	版本：5.6.7.635
MD5：dee2d0de47b218c097d63d48b49a12ae	大小：11.10M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.635。规则新增或更新列表如下: 新增: 23991 Fastjson远程代码执行漏洞修改: 23986 Struts2远程命令执行漏洞(s2-045)(s2-046)(CVE-2017-5638) 注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Added: 23991 Fastjson Remote Code Execution Vulnerability Modified: 23986 Struts2 Remote Command Execution Vulnerability(s2-045)(s2-046)(CVE-2017-5638) Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2017-03-21 15:48:56

名称： eoi.unify.rulepatch.5.6.7.633.rule	版本：5.6.7.633
MD5：46e4db6b89c31c1729198a8a1b0608d6	大小：11.09M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.633。规则新增或更新列表如下: 新增: 41484 大华监控设备非授权访问漏洞修改: 23986 Struts2远程命令执行漏洞(s2-045)(CVE-2017-5638) 注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Added: 41484 Dahua DVR/NVR/IP Camera Unauthorized Access Vulnerability Modified: 23986 Struts2 Remote Command Execution Vulnerability(s2-045)(CVE-2017-5638) Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2017-03-16 18:14:33

名称： eoi.unify.rulepatch.5.6.7.631.rule	版本：5.6.7.631
MD5：49a907f93b62d8d484144cbe4c6251a0	大小：11.09M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.631。规则新增或更新列表如下: 修改: 23986 Struts2远程命令执行漏洞(s2-045)(CVE-2017-5638) 注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Modified: 23986 Struts2 Remote Command Execution Vulnerability(s2-045)(CVE-2017-5638) Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2017-03-09 16:29:10

名称： eoi.unify.rulepatch.5.6.7.630.rule	版本：5.6.7.630
MD5：0b0f335d1ab6b6beca6495ef21e2fa9e	大小：11.09M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.630。规则新增或更新列表如下: 修改: 23986 Struts2远程命令执行漏洞(s2-045)(CVE-2017-5638) 注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Modified: 23986 Struts2 Remote Command Execution Vulnerability(s2-045)(CVE-2017-5638) Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2017-03-08 10:19:04

名称： eoi.unify.rulepatch.5.6.7.629.rule	版本：5.6.7.629
MD5：bf43870dc44c03211bd3d5bd5b6d8b3d	大小：11.09M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.629。规则新增或更新列表如下: 新增: 23986 Struts2远程命令执行漏洞(s2-045)(CVE-2017-5638) 新增: 41478 Baidu下载器被捆绑恶意代码注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Added: 23986 Struts2 Remote Command Execution Vulnerability(s2-045)(CVE-2017-5638) Added: 41478 Baidu downloader is bundled with malicious code Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2017-03-07 18:08:04

名称： eoi.unify.rulepatch.5.6.7.627.rule	版本：5.6.7.627
MD5：eecfd73acf4c72e0da2d9cdb10aed627	大小：11.09M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.627。规则新增或更新列表如下: 修改: 10132 Microsoft IIS WebDAV超长请求远程拒绝服务攻击注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Modify: 10132 Microsoft IIS WebDAV Over-long Request Remote Denial of Service Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2017-03-02 18:23:58

名称： eoi.unify.rulepatch.5.6.7.626.rule	版本：5.6.7.626
MD5：e6a1fa9ae02e24b0eb5acb648835cfa0	大小：11.08M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.626。规则新增或更新列表如下: 新增: 23980 大华摄像头远程密码信息泄露漏洞修改: 41388 Mirai僵尸连接服务器注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Added: 23980 DAHUA Camera Password Information Disclosure Vulnerability Modified: 41388 Mirai Botnet Connecting to the Server Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2017-02-23 17:08:39

名称： eoi.unify.rulepatch.5.6.7.625.rule	版本：5.6.7.625
MD5：619c264f3e0dc37bc142dade8c4424d4	大小：11.09M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.625。规则新增或更新列表如下: 修改: 23833 phpMyAdmin远程代码执行漏洞(CVE-2016-5734) 注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Modified: 23833 phpMyAdmin Remote Code Execution Vulnerability(CVE-2016-5734) Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2017-02-16 16:21:13

名称： eoi.unify.rulepatch.5.6.7.624.rule	版本：5.6.7.624
MD5：82e0d5971c0f5375b48d3f11ada5de07	大小：11.09M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.624。规则新增或更新列表如下: 修改: 10135 Microsoft Windows畸形IGMPv3报文远程拒绝服务攻击注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Modify: 10135 Microsoft Windows Malformed IGMPv3 Message Remote Denial of Service Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2017-02-09 18:04:45

名称： eoi.unify.rulepatch.5.6.7.623.rule	版本：5.6.7.623
MD5：29dab45ec69558cc9428471d614ace90	大小：11.08M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.623。规则新增或更新列表如下: 修改: 23833 phpMyAdmin远程代码执行漏洞(CVE-2016-5734) 注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Modified: 23833 phpMyAdmin Remote Code Execution Vulnerability(CVE-2016-5734) Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2017-02-02 14:55:43

名称： eoi.unify.rulepatch.5.6.7.622.rule	版本：5.6.7.622
MD5：ce1ea3c55e93c64a2a12653c3094b79c	大小：11.08M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.622。规则新增或更新列表如下: 新增: 23976 Adobe Flash Player 堆缓冲区溢出漏洞(CVE-2017-2933)(APSB17-02) 新增: 23977 Adobe Flash Player 堆缓冲区溢出漏洞(CVE-2017-2934)(APSB17-02) 新增: 23978 Adobe Flash Player 堆缓冲区溢出漏洞(CVE-2017-2935)(APSB17-02) 注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Added: 23976 Adobe Flash Player Heap Overflow Vulnerability(CVE-2017-2933)(APSB17-02) Added: 23977 Adobe Flash Player Heap Overflow Vulnerability(CVE-2017-2934)(APSB17-02) Added: 23978 Adobe Flash Player Heap Buffer Overflow Vulnerability(CVE-2017-2935)(APSB17-02) Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2017-01-26 16:56:02

名称： eoi.unify.rulepatch.5.6.7.621.rule	版本：5.6.7.621
MD5：2c8d1dd56ab4dc1289665efc7f359878	大小：11.08M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.621。规则新增或更新列表如下: 修改: 40379 DDOS工具TFN主控端向分布端发送指令修改: 40375 DDOS工具Shaft分布端和主控端通信注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Modify: 40379 DDOS Tool TFN Console Sending Command to Distributed End Modify: 40375 Communication Between DDOS Shaft Distributed End and Console Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2017-01-19 13:16:39

名称： eoi.unify.rulepatch.5.6.7.620.rule	版本：5.6.7.620
MD5：236bd13d0830f339c5ff564226d2663c	大小：11.08M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.620。规则新增或更新列表如下: 修改: 23971 HTTP请求X-Forwarded-For字段注入攻击注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Modify: 23971 HTTP Request X-Forwarded-For Field Injection Attack Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2017-01-12 15:24:57

名称： eoi.unify.rulepatch.5.6.7.619.rule	版本：5.6.7.619
MD5：7693a505cc67374136fae86c173f9fe6	大小：11.08M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.619。规则新增或更新列表如下: 修改: 10255 Microsoft IIS FTP服务拒绝服务攻击注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Modify: 10255 Microsoft IIS FTP Service Denial of Service Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2017-01-05 18:52:29

名称： eoi.unify.rulepatch.5.6.7.618.rule	版本：5.6.7.618
MD5：6f0329d2f9d70bb83b16a4ea2f3ef80f	大小：11.08M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.618。规则新增或更新列表如下: 新增：23970 NETGEAR Management System NMS300任意文件上传漏洞新增：23963 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2016-7283)(MS16-144) 新增：23964 Microsoft Edge远程信息泄露漏洞(CVE-2016-7206)(MS16-145) 新增：23965 Microsoft Edge远程内存破坏漏洞(CVE-2016-7286)(MS16-145) 新增：23966 Microsoft Edge远程内存破坏漏洞(CVE-2016-7288)(MS16-145) 新增：23967 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2016-7287)(MS16-144) 注意事项： 1.该升级包升级后需手动重启引擎，会造成网络瞬断，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Added: 23970 NETGEAR Management System NMS300 Arbitrary File Upload Vulnerability Added: 23963 Microsoft Internet Explorer Remote Memory Corruption Vulnerability(CVE-2016-7283)(MS16-144) Added: 23964 Microsoft Edge Information Disclosure Vulnerability(CVE-2016-7206)(MS16-145) Added: 23965 Microsoft Edge Remote Memory Corruption Vulnerability(CVE-2016-7286)(MS16-145) Added: 23966 Microsoft Edge Remote Memory Corruption Vulnerability(CVE-2016-7288)(MS16-145) Added: 23967 Microsoft Internet Explorer Remote Memory Corruption Vulnerability(CVE-2016-7287)(MS16-144) Notes: 1.The engine must be restarted manually after the upgrade package is imported, and this will cause a momentary network interruption, please choose an appropriate time to upgrade.
发布时间：2016-12-29 15:16:14

名称： eoi.unify.rulepatch.5.6.7.617.rule	版本：5.6.7.617
MD5：35b32204086e1a91c90489aa825cadef	大小：11.11M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.617。该升级包新增/改进的规则有: 新增：23956 Windows 图形远程代码执行漏洞(CVE-2016-7272) 新增：23957 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2016-7202) (MS16-144) 新增：23960 Microsoft Edge远程内存破坏漏洞(CVE-2016-7297)(MS16-145) 注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Added: 23956 Microsoft Windows Graphics Component Remote Code Execution Vulnerability(CVE-2016-7272) Added: 23957 Microsoft Edge Scripting Engine Remote Memory Corruption Vulnerability(CVE-2016-7202) (MS16-144) Added: 23960 Microsoft Edge Remote Memory Corruption Vulnerability(CVE-2016-7297)(MS16-145) Announcements: 1. After update the package, the engine will restart automatically, this will don't interrupt sessions, but will cause 3-5 packets loss on ping opereate",please update on a suitable time.
发布时间：2016-12-22 15:34:28

名称： eoi.unify.rulepatch.5.6.7.616.rule	版本：5.6.7.616
MD5：b352a1cc7de2e6cf052f5ae35cb3267b	大小：11.07M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.616。该升级包新增/改进的规则有: 修改：23787 Magento 2.0.6反序列化远程代码执行漏洞(CVE-2016-4010) 注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Modified: 23787 Magento 2.0.6 Unserialize Remote Code Execution Vulnerability(CVE-2016-4010) Announcements: 1. After update the package, the engine will restart automatically, this will don't interrupt sessions, but will cause 3-5 packets loss on ping opereate",please update on a suitable time.
发布时间：2016-12-15 14:52:31

名称： eoi.unify.rulepatch.5.6.7.615.rule	版本：5.6.7.615
MD5：b9c61342b023a089ca66f67d2a84f86e	大小：11.07M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.615。该升级包新增/改进的规则有: 修改：21623 Unreal IRCd 3.2.8.1后门远程访问注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Modified: 21623 Unreal IRCd 3.2.8.1 Backdoor Remote Access Announcements: 1. After update the package, the engine will restart automatically, this will don't interrupt sessions, but will cause 3-5 packets loss on ping opereate",please update on a suitable time.
发布时间：2016-12-08 17:59:30

名称： eoi.unify.rulepatch.5.6.7.614.rule	版本：5.6.7.614
MD5：d5e7d81938605d80baf66e6511df1ca3	大小：11.07M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.614。该升级包新增/改进的规则有: 新增：23930 Firefox/Tor Browser SVG 代码执行漏洞(CVE-2016-9079) 注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Added: 23930 Firefox/Tor Browser SVG Code execution vulnerability(CVE-2016-9079) Announcements: 1. After update the package, the engine will restart automatically, this will don't interrupt sessions, but will cause 3-5 packets loss on ping opereate",please update on a suitable time.
发布时间：2016-12-02 21:46:01

名称： eoi.unify.rulepatch.5.6.7.613.rule	版本：5.6.7.613
MD5：31c03093f96c1d8cf659ebdb71c08752	大小：11.07M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.613。该升级包新增/改进的规则有: 新增：41471 Crane木马通信新增：10441 NTP拒绝服务漏洞(CVE-2016-9312) 修改：41386 TrickBot银行木马通信注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Added: 41471 Trojan.Crane Communication Added: 10441 NTP Denial of Service Vulnerability(CVE-2016-9312) Modified: 41386 TrickBot Banking Trojan Communication Announcements: 1. After update the package, the engine will restart automatically, this will don't interrupt sessions, but will cause 3-5 packets loss on ping opereate",please update on a suitable time.
发布时间：2016-12-01 16:36:15

名称： eoi.unify.rulepatch.5.6.7.612.rule	版本：5.6.7.612
MD5：183d708f213a56aad6c85cae6614e3c4	大小：11.07M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.612。该升级包新增/改进的规则有: 新增：23908 Edge浏览器Chakra引擎prototype_concat类型混乱漏洞(CVE-2016-7242) 注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Added: 23908 Edge_Chakra__array_prototype_concat_Type_Confusion Vulnerability(CVE-2016-7242) Announcements: 1. After update the package, the engine will restart automatically, this will don't interrupt sessions, but will cause 3-5 packets loss on ping opereate",please update on a suitable time.
发布时间：2016-11-24 16:29:48

名称： eoi.unify.rulepatch.5.6.7.611.rule	版本：5.6.7.611
MD5：5091b1cb414095fb45a510adc5339d6d	大小：11.07M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111及以上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.611。该升级包新增/改进的规则有: 新增：23901 Microsoft Internet Explorer和Edge远程内存破坏漏洞(CVE-2016-7196)(MS16-142) 新增：23903 Microsoft Edge远程内存破坏漏洞(CVE-2016-7200)(MS16-129) 新增：23904 Microsoft Edge远程内存破坏漏洞(CVE-2016-7201)(MS16-129) 新增：23905 Microsoft Edge远程内存破坏漏洞(CVE-2016-7203)(MS16-129) 新增：23906 Edge浏览器ntdll_LdrpValidateUserCallTarget栈变量未初始化漏洞(CVE-2016-7198) 注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Added: 23901 Microsoft Internet Explorer and Edge Remote Memory Corruption Vulnerability(CVE-2016-7196)(MS16-142) Added: 23903 Microsoft Edge Scripting Engine Memory Corruption Vulnerability(CVE-2016-7200)(MS16-129) Added: 23904 Microsoft Edge Scripting Engine Remote Memory Corruption Vulnerability(CVE-2016-7201)(MS16-129) Added: 23905 Microsoft Edge Scripting Engine Remote Memory Corruption Vulnerability(CVE-2016-7203)(MS16-129) Added: 23906 Edge_ntdll_LdrpValidateUserCallTarget_Uninitialize_Stack_Variable Vulnerability(CVE-2016-7198) Announcements: 1. After update the package, the engine will restart automatically, this will don't interrupt sessions, but will cause 3-5 packets loss on ping opereate",please update on a suitable time.
发布时间：2016-11-17 16:16:01

名称： eoi.unify.rulepatch.5.6.7.610.rule	版本：5.6.7.610
MD5：a2ae1bdff0d488e1fea0467612981ba0	大小：11.06M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.610。该升级包新增/改进的规则有: 修改：20920 IMAP服务器SEARCH命令超长参数远程缓冲区溢出攻击注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Modified: 20920 IMAP Server SEARCH Command Over-Long Parameter Remote Buffer Overflow Attack Announcements: 1. After update the package, the engine will restart automatically, this will don't interrupt sessions, but will cause 3-5 packets loss on ping opereate", please update on a suitable time.
发布时间：2016-11-10 15:34:54

名称： eoi.unify.rulepatch.5.6.7.609.rule	版本：5.6.7.609
MD5：b1af71b02bb45c1baba03ef7dea40472	大小：11.07M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.111上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.609。该升级包新增/改进的规则有: 新增：41388 Mirai僵尸连接服务器新增：41389 红黑远控受控端与服务器通信新增：41387 远程控制工具hav-rat通信新增：41386 TrickBot银行木马通信新增：41376 1937CN远程控制工具通信新增：41384 僵尸网络程序bluebot客户端连接服务器新增：41383 远程控制工具PcShare通信修改：30034 Traceroute UDP探测网络拓扑操作注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.111.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Added: 41388 Mirai Botnet Connecting to the Server Added: 41389 Remote Control Tool RedBlack Clients Connecting to Server Added: 41387 Remote Control Tool hav-rat Communication Added: 41386 TrickBot Banking Trojan Communication Added: 41376 1937CN Remote Control Tool Communication Added: 41384 Botnet bluebot Client Connecting to Server Added: 41383 Remote Control Tool PcShare Communication Modified: 30034 Traceroute UDP Network Topology Detection Announcements: 1. After update the package, the engine will restart automatically, this will don't interrupt sessions, but will cause 3-5 packets loss on ping opereate", please update on a suitable time.
发布时间：2016-11-03 18:17:33

名称： eoi.unify.rulepatch.5.6.7.608.rule	版本：5.6.7.608
MD5：dea9468e002ee9a41d3445a6fa20c9fd	大小：11.07M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.110上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.608。该升级包新增/改进的规则有: 新增: 23896 Memcached Append/Prepend操作整数溢出漏洞(CVE-2016-8704) 新增: 23897 Memcached Update整数溢出漏洞(CVE-2016-8705) 新增: 23898 Memcached SASL认证整数溢出漏洞(CVE-2016-8706) 注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.110.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Added: 23896 Memcached Append/Prepend Operations Integer Overflow Vulnerability(CVE-2016-8704) Added: 23897 Memcached Update Integer Overflow Vulnerability(CVE-2016-8705) Added: 23898 Memcached SASL Authentication Integer Overflow Vulnerability(CVE-2016-8706) Announcements: 1. After update the package, the engine will restart automatically, this will don't interrupt sessions, but will cause 3-5 packets loss on ping opereate", please update on a suitable time.
发布时间：2016-11-02 21:21:19

名称： eoi.unify.rulepatch.5.6.7.606.rule	版本：5.6.7.606
MD5：3edb9b5c162274f24c245267108f1f8f	大小：10.78M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.110上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.606。该升级包新增/改进的规则有: 新增：23883 Adobe Reader DC XFA maxChars 释放后重利用漏洞(CVE-2016-6946) 新增：23884 Adobe Flash Player远程代码执行漏洞(CVE-2016-6981)(apsb16-32)(MS16-127) 新增：23885 Adobe Flash Player内存破坏漏洞(CVE-2016-6986)(apsb16-32)(MS16-127) 注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.110.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Added: 23883 Adobe Reader DC XFA maxChars Use-After-Free Remote Code Execution Vulnerability(CVE-2016-6946) Added: 23884 Adobe Flash Player Remote Code Execution Vulnerability(CVE-2016-6981)(apsb16-32)(MS16-127) Added: 23885 Adobe Flash SWF Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability(CVE-2016-6986)(apsb16-32)(MS16-127) Announcements: 1. After update the package, the engine will restart automatically, this will don't interrupt sessions, but will cause 3-5 packets loss on ping opereate", please update on a suitable time.
发布时间：2016-10-27 15:25:08

名称： eoi.unify.rulepatch.5.6.7.605.rule	版本：5.6.7.605
MD5：d12a7356d377a5496e727f4782eacaaf	大小：10.76M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.110上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.605。该升级包新增/改进的规则有: 新增：10439 OpenSSH KEXINIT请求内存耗尽漏洞(CVE-2016-8858) 注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.110.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Added: 10439 OpenSSH KEXINIT Request Memory exhaustion Vulnerability(CVE-2016-8858) Announcements: 1. After update the package, the engine will restart automatically, this will don't interrupt sessions, but will cause 3-5 packets loss on ping opereate", please update on a suitable time.
发布时间：2016-10-20 21:13:51

名称： eoi.unify.rulepatch.5.6.7.604.rule	版本：5.6.7.604
MD5：0c0e16fc791f5608b0471225d3940de5	大小：10.76M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.110上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.604。该升级包新增/改进的规则有: 新增：23875 IE vb脚本 VbsStrComp类型混乱漏洞(CVE-2016-3385) 新增：23874 Microsoft Edge Scripting Engine远程代码执行漏洞(CVE-2016-7189) 注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.110.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Added: 23875 IE_vbscript_VbsStrComp_Type_Confusion Vulnerability(CVE-2016-3385) Added: 23874 Microsoft Edge Scripting Engine Remote Code Execution Vulnerability(CVE-2016-7189) Announcements: 1. After update the package, the engine will restart automatically, this will don't interrupt sessions, but will cause 3-5 packets loss on ping opereate", please update on a suitable time.
发布时间：2016-10-20 15:07:19

名称： eoi.unify.rulepatch.5.6.7.603.rule	版本：5.6.7.603
MD5：c7543e3fd8262887fe62f0b6d9c895a2	大小：10.77M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.110上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.603。该升级包新增/改进的规则有: 新增: 10438 ISC BIND buffer.c拒绝服务漏洞(CVE-2016-2776) 注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.110.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Added: 10438 ISC BIND buffer.c Denial of Service Vulnerability(CVE-2016-2776) Announcements: 1. After update the package, the engine will restart automatically, this will don't interrupt sessions, but will cause 3-5 packets loss on ping opereate", please update on a suitable time.
发布时间：2016-10-14 21:36:47

名称： eoi.unify.rulepatch.5.6.7.602.rule	版本：5.6.7.602
MD5：809a2d6c10e71074b88f080081f1b4b8	大小：10.77M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.110上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.602。该升级包新增/改进的规则有: 修改: 10291 Apache HTTP Server畸形Range选项处理远程拒绝服务漏洞注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.110.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Modify: 10291 Apache HTTP Server Range Denial of Service Vulnerability Announcements: 1. After update the package, the engine will restart automatically, this will don't interrupt sessions, but will cause 3-5 packets loss on ping opereate", please update on a suitable time.
发布时间：2016-10-13 15:20:17

名称： eoi.unify.rulepatch.5.6.7.601.rule	版本：5.6.7.601
MD5：69ab16399679aecb0425a03d37c78c66	大小：10.77M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.110上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.601。该升级包新增/改进的规则有: 新增：23859 齐博CMS splitword.php后门注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.110.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Added: 23859 qiboCMS splitword.php webshell Announcements: 1. After update the package, the engine will restart automatically, this will don't interrupt sessions, but will cause 3-5 packets loss on ping opereate", please update on a suitable time.
发布时间：2016-10-06 11:49:20

名称： eoi.unify.rulepatch.5.6.7.600.rule	版本：5.6.7.600
MD5：d7a3b4f4829fb496427f7eff7c403b17	大小：10.77M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.110上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.600。该升级包新增/改进的规则有: 新增：23860 MuJS JavaScript解释器越界读取漏洞新增：41381 恶意勒索软件传输新增：23858 Microsoft Edge Remote内存破坏漏洞(CVE-2016-3377) 注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.110.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Added: 23860 MuJS JavaScript Interpreter Out-of-Bound Read Vulnerability Added: 41381 Malicious Ransomware Transmission Added: 23858 Microsoft Edge Remote Memory Corruption Vulnerability(CVE-2016-3377) Announcements: 1. After update the package, the engine will restart automatically, this will don't interrupt sessions, but will cause 3-5 packets loss on ping opereate", please update on a suitable time.
发布时间：2016-09-29 16:30:26

名称： eoi.unify.rulepatch.5.6.7.599.rule	版本：5.6.7.599
MD5：9a895eaec8aea14e1ceb94b04c2c26c1	大小：10.77M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.109上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.599。该升级包新增/改进的规则有: 新增：23853 Microsoft Edge Remote内存破坏漏洞(CVE-2016-3294) 新增：23854 Microsoft Internet Explorer and Edge Remote内存破坏漏洞(CVE-2016-3295) 新增：23855 Microsoft VBScript Remote内存破坏漏洞(CVE-2016-3375) 新增：23857 Microsoft Internet Explorer/Edge内存破坏漏洞(CVE-2016-3297)(MS16-104) 新增：23851 SugarCRM REST Unserialize PHP代码执行漏洞注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.109.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Added: 23853 Microsoft Edge Remote Memory Corruption Vulnerability(CVE-2016-3294) Added: 23854 Microsoft Internet Explorer and Edge Remote Memory Corruption Vulnerability(CVE-2016-3295) Added: 23855 Microsoft VBScript Remote Memory Corruption Vulnerability(CVE-2016-3375) Added: 23857 Microsoft Internet Explorer/Edge Memory Corruption Vulnerability(CVE-2016-3297)(MS16-104) Added: 23851 SugarCRM REST Unserialize PHP Code Execution Vulnerability Announcements: 1. After update the package, the engine will restart automatically, this will don't interrupt sessions, but will cause 3-5 packets loss on ping opereate", please update on a suitable time.
发布时间：2016-09-22 16:09:52

名称： eoi.unify.rulepatch.5.6.7.598.rule	版本：5.6.7.598
MD5：114be29480218efa5a23d096a55da2de	大小：10.76M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.109上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.598。该升级包新增/改进的规则有: 新增：23852 Mysql远程Root代码执行漏洞(CVE-2016-6662) 注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.109.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Added: 23852 Mysql Remote Root Code Execution Vulnerability(CVE-2016-6662) Announcements: 1. After update the package, the engine will restart automatically, this will don't interrupt sessions, but will cause 3-5 packets loss on ping opereate", please update on a suitable time.
发布时间：2016-09-13 21:46:09

名称： eoi.unify.rulepatch.5.6.7.597.rule	版本：5.6.7.597
MD5：c780001f9e6d07e6661c9044c9cc7acd	大小：10.78M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.109上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.597。该升级包新增/改进的规则有: 修改: 30214 Microsoft IIS .idq ISAPI扩展获取绝对路径攻击注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.109.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Modified: 30214 Microsoft IIS .idq ISAPI Extension Absolute Path Disclosure Announcements: 1. After update the package, the engine will restart automatically, this will don't interrupt sessions, but will cause 3-5 packets loss on ping opereate", please update on a suitable time.
发布时间：2016-09-08 15:57:51

名称： eoi.unify.rulepatch.5.6.7.596.rule	版本：5.6.7.596
MD5：4fb320ae3486753235216e535319ba37	大小：10.77M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.109上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.596。该升级包新增/改进的规则有: 新增：41375 鬼影DDoS工具受控端上线通信新增：23846 天融信防火墙cookie字段溢出漏洞新增：23850 SugarCRM PHP代码执行漏洞新增：23849 IRC通讯木马后门程序PHP木马新增：23845 天融信防火墙maincgi.cgi参数命令执行漏洞新增：23847 天融信防火墙cookie cid参数命令注入漏洞新增：23844 天融信Topsec防火墙管理端口溢出漏洞新增：23843 Cisco ASA防火墙SNMP溢出漏洞注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.109.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Added: 41375 Guiying DDoS Tools Client Lauch Communication Added: 23846 Topsec Firewall Cookie Buffer Overflow Vulnerability Added: 23850 SugarCRM PHP Code Injection Vulnerability Added: 23849 Trojan/Backdoor IRC PHP trojan Added: 23845 Topsec Firewall maincgi.cgi Command Execution Vulnerability Added: 23847 Topsec Firewall cookie cid Command Injection Vulnerability Added: 23844 Topsec Firewall Manage Port Buffer Overflow Vulnerability Added: 23843 Cisco ASA SNMP OID parsing stack buffer overflow Vulnerability Announcements: 1. After update the package, the engine will restart automatically, this will don't interrupt sessions, but will cause 3-5 packets loss on ping opereate", please update on a suitable time.
发布时间：2016-09-01 17:13:26

名称： eoi.unify.rulepatch.5.6.7.595.rule	版本：5.6.7.595
MD5：4f8eb2e990fda924b9bf39b40815da4f	大小：10.76M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.109上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.595。该升级包新增/改进的规则有: 修改：23828 Drupal RESTWS Module 7.x PHP远程代码执行漏洞注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.109.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Modified: 23828 Drupal RESTWS Module 7.x Remote PHP Code Execution Vulnerability Announcements: 1. After update the package, the engine will restart automatically, this will don't interrupt sessions, but will cause 3-5 packets loss on ping opereate", please update on a suitable time.
发布时间：2016-08-25 15:49:36

名称： eoi.unify.rulepatch.5.6.7.594.rule	版本：5.6.7.594
MD5：7706f8b3bec5913276e538b3b07a4a50	大小：10.76M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.109上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.594。该升级包新增/改进的规则有: 新增：23842 Zabbix SQL注入漏洞注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.109.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Added: 23842 Zabbix SQL Injection Vulnerability Announcements: 1. After update the package, the engine will restart automatically, this will don't interrupt sessions, but will cause 3-5 packets loss on ping opereate", please update on a suitable time.
发布时间：2016-08-18 19:49:54

名称： eoi.unify.rulepatch.5.6.7.593.rule	版本：5.6.7.593
MD5：6d14e3d2b5c841de38fdaf4aef85314a	大小：10.76M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.109上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.593。该升级包新增/改进的规则有: 新增：23835 Microsoft Internet Explorer内存破坏漏洞(CVE-2016-3288)(MS16-095) 新增：23836 Microsoft Internet Explorer内存破坏漏洞(CVE-2016-3290)(MS16-095) 新增：23837 Microsoft Internet Explorer内存破坏漏洞(CVE-2016-3322)(MS16-095)(MS16-096) 新增：23838 Microsoft Edge内存破坏漏洞(CVE-2016-3289)(MS16-096) 新增：23839 Microsoft Edge内存破坏漏洞(CVE-2016-3293)(MS16-096) 新增：23840 Microsoft Internet Explorer/Edge信息泄露漏洞(CVE-2016-3327)(MS16-095)(MS16-096) 新增：30685 Microsoft Internet Explorer本地文件名信息泄露漏洞(CVE-2016-3321)(MS16-095) 新增：41368 iSpySoft变种间谍软件窃取用户信息新增：41370 木马后门程序流萤firefly反向连接新增：41372 木马后门程序XOR.DDoS连接控制服务器新增：41373 远程控制木马大灰狼连接C&C服务器新增：41374 疑似IRC botnet通信修改：21125 Microsoft Word RTF文件解析栈溢出漏洞修改：22796 Apache Struts远程代码执行漏洞 (CVE-2013-2251) 修改：41310 Bill Gates僵尸网络通讯修改：41328 DNS回应包长度异常修改：41339 Locky 勒索软件恶意通信注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.109.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added: 23835 Microsoft Internet Explorer Remote Memory Corruption Vulnerability(CVE-2016-3288)(MS16-095) Added: 23836 Microsoft Internet Explorer Remote Memory Corruption Vulnerability(CVE-2016-3290)(MS16-095) Added: 23837 Microsoft Internet Explorer and Edge Remote Memory Corruption Vulnerability(CVE-2016-3322)(MS16-095)(MS16-096) Added: 23838 Microsoft Edge Memory Corruption Vulnerability(CVE-2016-3289)(MS16-096) Added: 23839 Microsoft Edge Memory Corruption Vulnerability(CVE-2016-3293)(MS16-096) Added: 23840 Microsoft Internet Explorer and Edge Information Disclosure Vulnerability(CVE-2016-3327)(MS16-095)(MS16-096) Added: 30685 Microsoft Internet Explorer Local File Name Information Disclosure Vulnerability(CVE-2016-3321)(MS16-095) Added: 41368 iSpySoft Variant Spyware Stealing User Information Added: 41370 Trojan firefly Reverse connection Added: 41372 Trojan.XOR.DDos Connecting the C&C Server Added: 41373 Remote Control Trojan Dahuilang Connecting the C&C Server Added: 41374 Suspicious IRC Botnet Communication Modified: 21125 Microsoft Word RTF File Parsing Stack Buffer Overflow Vulnerability Modified: 22796 Apache Struts Remote Code Execution(CVE-2013-2251) Modified: 41310 Bill Gates BotNet Communication Modified: 41328 DNS Response Packet Overlong Modified: 41339 Locky ransomeware malicious communication
发布时间：2016-08-18 16:13:17

名称： eoi.unify.rulepatch.5.6.7.592.rule	版本：5.6.7.592
MD5：bec322c5df13f961ad8cd7823b2a967c	大小：10.74M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.109上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.592。该升级包新增/改进的规则有: 新增：23834 IPS Community Suite PHP远程代码执行漏洞(CVE-2016-6174) 新增：23833 phpMyAdmin远程代码执行漏洞(CVE-2016-5734) 新增：41367 JavaScript脚本木马下载器下载行为修改：23816 Ruby on Rails ActionPack Inline ERB代码执行漏洞(CVE-2016-2098) NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.109.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Added: 23834 IPS Community Suite PHP Code Injection Vulnerability(CVE-2016-6174) Added: 23833 phpMyAdmin Remote Code Execution Vulnerability(CVE-2016-5734) Added: 41367 Trojan-Downloader.JS Downloading Modified: 23816 Ruby on Rails ActionPack Inline ERB Code Execution Vulnerability(CVE-2016-2098)
发布时间：2016-08-11 16:18:29

名称： eoi.unify.rulepatch.5.6.7.591.rule	版本：5.6.7.591
MD5：7d34e308ea7a115b8bd81c0774a76331	大小：10.72M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.109上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.591。该升级包新增/改进的规则有: 新增：23831 微软浏览器欺骗漏洞(CVE-2016-3274)(MS16-084/85) 新增：23830 Centreon Web Useralias命令执行漏洞新增：23829 Microsoft Internet Explorer内存破坏漏洞(CVE-2016-3242)(MS16-084) 新增：23828 Drupal RESTWS Module 7.x PHP远程代码执行漏洞注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.109.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added: 23831 Microsoft Internet Explorer/Edge Spoofing Vulnerability(CVE-2016-3274)(MS16-084/85) Added: 23830 Centreon Web Useralias Command Execution Vulnerability Added: 23829 Microsoft Internet Explorer Memory Corruption Vulnerability(CVE-2016 -3242)(MS16-084) Added: 23828 Drupal RESTWS Module 7.x Remote PHP Code Execution Vulnerability
发布时间：2016-08-04 16:45:58

名称： eoi.unify.rulepatch.5.6.7.590.rule	版本：5.6.7.590
MD5：7e6962fec1386c6162a1d3ef2957ce8e	大小：10.72M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.109上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.590。该升级包新增/改进的规则有: 新增：41365 可疑僵尸网络通信新增：23825 Microsoft Internet Explorer信息泄露漏洞(CVE-2016-3261)(MS16-084) 新增：23822 微软浏览器内存破坏漏洞(CVE-2016-3259)(MS16-084/85) 新增：23823 微软浏览器脚本引擎信息泄露漏洞(CVE-2016-3271)(MS16-085) 新增：23824 微软浏览器信息泄露漏洞(CVE-2016-3277)(MS16-084/85) 新增：23821 Microsoft Edge 安全功能绕过漏洞(CVE-2016-3244)(MS16-085) 新增：23820 Microsoft Internet Explorer内存破坏漏洞(CVE-2016-3241)(MS16-084) 注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.109.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added: 41365 Suspicious Botnet Communication Added: 23825 Microsoft Internet Explorer Information Disclosure Vulnerability(CVE-2016-3261)(MS16-084) Added: 23822 Microsoft Internet Explorer and Edge Remote Memory Corruption Vulnerability(CVE-2016-3259)(MS16-084/85) Added: 23823 Microsoft Edge Scripting Engine Information Disclosure Vulnerability(CVE-2016-3271)(MS16-085) Added: 23824 Microsoft Edge and Internet Explorer Information Disclosure Vulnerability(CVE-2016-3277)(MS16-084/85) Added: 23821 Microsoft Edge ASLR Security Bypass Vulnerability(CVE-2016-3244)(MS16-085) Added: 23820 Microsoft Internet Explorer Remote Memory Corruption Vulnerability(CVE-2016-3241)(MS16-084)
发布时间：2016-07-28 14:23:17

名称： eoi.unify.rulepatch.5.6.7.589.rule	版本：5.6.7.589
MD5：bd91dd44f71db1b880b66b8fdb7eb42a	大小：10.72M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.109上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.589。该升级包新增/改进的规则有: 修改: 20358 Samba服务器call_trans2open远程缓冲区溢出攻击注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.109.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Modified: 20358 Samba Server call_trans2open Remote Buffer Overflow
发布时间：2016-07-21 16:33:13

名称： eoi.unify.rulepatch.5.6.7.588.rule	版本：5.6.7.588
MD5：ef32ced9d31e6dca8b26df03b8f52bf1	大小：10.72M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.109上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.588。该升级包新增/改进的规则有: 新增：23816 Ruby on Rails ActionPack Inline ERB代码执行漏洞(CVE-2016-2098) 新增：23818 Spring Boot框架SPEL表达式注入漏洞修改：41086 木马后门程序 China Chopper asp WebShell控制命令修改：41085 木马后门程序China Chopper aspx WebShell 控制命令修改：41088 木马后门程序 China Chopper php WebShell控制命令注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.109.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added：23816 Ruby on Rails ActionPack Inline ERB Code Execution Vulnerability(CVE-2016-2098) Added：23818 Spring Boot Framework SPEL Expressions Injection Vulnerability Modified：41086 Suspicious Webshell China Chopper asp Control Command Modified：41085 Suspicious Webshell China Chopper aspx Control Command Modified：41087 Suspicious Webshell China Chopper php Control Command
发布时间：2016-07-14 16:59:03

名称： eoi.unify.rulepatch.5.6.7.587.rule	版本：5.6.7.587
MD5：6ad527cb4917787b8e59146d8bdf6836	大小：10.72M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.109上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.587。该升级包新增/改进的规则有: 新增：23817 wget下载重定向任意文件写入漏洞(CVE-2016-4971) 注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.109.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added: 23817 wget Download Redirection Arbitrary Files Written Vulnerability(CVE-2016-4971)
发布时间：2016-07-12 18:02:45

名称： eoi.unify.rulepatch.5.6.7.585.rule	版本：5.6.7.585
MD5：e0b78f995319f7109b7e21a04e98c7a3	大小：10.71M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.109上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.585。该升级包新增/改进的规则有: 新增：23805 MyLittleForum v2.3.5 PHP命令注入漏洞新增：23806 木马后门程序JSP一句话木马注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.109.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added: 23805 MyLittleForum v2.3.5 PHP Command Injection Vulnerability Added: 23806 Trojan/Backdoor General JSP trojan
发布时间：2016-07-07 15:11:40

名称： eoi.unify.rulepatch.5.6.7.584.rule	版本：5.6.7.584
MD5：fece777bff7c2dab09dddb497b2776f6	大小：10.71M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.109上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.584。该升级包新增/改进的规则有: 新增：23803 Wolfcms 0.8.2 任意PHP文件上传漏洞新增：23802 SAP NetWeaver Java AS XXE注入漏洞(CVE-2016-3974) 新增：23797 Microsoft Internet Explorer内存破坏漏洞(CVE-2016-0199)(MS16-063) 新增：23796 phpwind哈希长度扩展攻击新增：23798 Microsoft Edge 安全功能绕过漏洞(CVE-2016-3198)(MS16-068) 新增：23799 Microsoft Edge 内存破坏漏洞(CVE-2016-3222)(MS16-068) 修改：41086 木马后门程序 China Chopper asp WebShell控制命令修改：41085 木马后门程序China Chopper aspx WebShell 控制命令修改：41088 木马后门程序 China Chopper php WebShell控制命令注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.109.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added: 23803 Wolfcms 0.8.2 Arbitrary PHP File Upload Vulnerability Added: 23802 SAP NetWeaver Java AS XXE Injection Vulnerability(CVE-2016-3974) Added: 23797 Microsoft Internet Explorer Memory Corruption Vulnerability(CVE-2016-0199)(MS16-063) Added: 23796 phpwind hash length attack hashpump getshell Added: 23798 Microsoft Edge Content Security Policy Bypass Vulnerability(CVE-2016-3198)(MS16-068) Added: 23799 Microsoft Edge Memory Corruption Vulnerability(CVE-2016-3222)(MS16-068) Modified：41086 Suspicious Webshell China Chopper asp Control Command Modified：41085 Suspicious Webshell China Chopper aspx Control Command Modified：41087 Suspicious Webshell China Chopper php Control Command
发布时间：2016-06-30 15:28:46

名称： eoi.unify.rulepatch.5.6.7.583.rule	版本：5.6.7.583
MD5：c87d54aefa342d1505e2d224088d3823	大小：10.70M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.109上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.583。该升级包新增/改进的规则有: 新增：23788 ESC 8832 Data Controller会话劫持漏洞新增：23789 Paessler PRTG Network Monitor本地文件读取漏洞新增：23790 Apache Continuum 1.4.2任意命令执行漏洞新增：23793 Microsoft Internet Explorer Scripting Engine远程内存破坏漏洞(CVE-2016-3210) 新增：23791 Microsoft Internet Explorer内存破坏漏洞(CVE-2016-0200) 新增：23792 Microsoft Edge脚本引擎内存破坏漏洞(CVE-2016-3199) 注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级 NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.109.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added: 23788 ESC 8832 Data Controller Session Hijack Vulnerability Added: 23789 Paessler PRTG Network Monitor 14.4.12.3282 XXE Injection Added: 23790 Apache Continuum 1.4.2 Arbitrary Command Execution Vulnerability Added: 23793 Microsoft Internet Explorer Scripting Engine Remote Memory Corruption Vulnerability(CVE-2016-3210) Added: 23791 Microsoft Internet Explorer Remote Memory Corruption Vulnerability(CVE-2016-0200) Added: 23792 Microsoft Edge Scripting Engine Remote Memory Corruption Vulnerability(CVE-2016-3199)
发布时间：2016-06-23 16:10:32

名称： eoi.unify.rulepatch.5.6.7.582.rule	版本：5.6.7.582
MD5：4850e19c9c1d829a7784c91dac519a0f	大小：10.71M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.109上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.582。该升级包新增/改进的规则有: 新增：23795 Microsoft Windows WPAD权限提升漏洞(BadTunnel漏洞) (CVE-2016-3213)(MS16-063)(MS16-077) 注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级 NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.109.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added: 23795 Microsoft Windows WPAD Privilege Escalation Vulnerability(BadTunnel) (CVE-2016-3213)(MS16-063)(MS16-077)
发布时间：2016-06-17 21:38:17

名称： eoi.unify.rulepatch.5.6.7.580.rule	版本：5.6.7.580
MD5：178ea1488f7a819b5651dbf62ac8baaf	大小：10.70M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.109上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.580。该升级包新增/改进的规则有: 新增：23794 Apache Struts远程代码执行漏洞(S2-033)(S2-037) 注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.109.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added: 23794 Apache Struts Remote Code Execute Vulnerability(S2-033)(S2-037)
发布时间：2016-06-16 15:15:51

名称： eoi.unify.rulepatch.5.6.7.578.rule	版本：5.6.7.578
MD5：cc2248d757b6402e2cbde758a733c551	大小：10.70M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.109上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.578。该升级包新增/改进的规则有: 新增：23784 JobScript远程代码执行漏洞新增：23785 HP Data Protector A.09.00任意命令执行漏洞新增：23786 Real Estate Portal v4.1远程代码执行漏洞注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.109.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added: 23784 JobScript Remote Code Execution Vulnerability Added: 23785 HP Data Protector A.09.00 Arbitrary Command Execution Vulnerability Added: 23786 Real Estate Portal v4.1 Remote Code Execution Vulnerability
发布时间：2016-06-09 16:09:14

名称： eoi.unify.rulepatch.5.6.7.577.rule	版本：5.6.7.577
MD5：efb504d88b85f3600e2303d1a61f858b	大小：10.69M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.109上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.577。该升级包新增/改进的规则有: 修改：23777 GraphicsMagick和ImageMagick远程命令执行漏洞注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.109.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Modified: 23777 GraphicsMagick and ImageMagick Remote code execution vulnerability
发布时间：2016-05-31 18:12:56

名称： eoi.unify.rulepatch.5.6.7.575.rule	版本：5.6.7.575
MD5：9e8a65c243676f5d874b7b9c843c28ef	大小：10.67M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.109上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.575。该升级包新增/改进的规则有: 新增：23782 Microsoft IE/Edge内存破坏漏洞(CVE-2016-0192)(MS16-052/051) 修改：22796 Apache Struts多个前缀参数远程代码执行漏洞(CVE-2013-2251) 修改：21374 Apache Struts远程命令执行漏洞注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.109.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added: 23782 Microsoft IE/Edge Memory Corruption Vulnerability(CVE-2016-0192)(MS16-052/051) Modified: 22796 Apache Struts Remote Code Execution(CVE-2013-2251) Modified: 21374 Apache Struts Remote Command Execution Vulnerability
发布时间：2016-05-26 15:33:00

名称： eoi.unify.rulepatch.5.6.7.574.rule	版本：5.6.7.574
MD5：55351f92c064bf7862b3c0676987d1d5	大小：10.67M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.109上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.574。该升级包新增/改进的规则有: 新增：23778 Microsoft Edge脚本引擎内存破坏漏洞(CVE-2016-0191)(MS16-052) 新增：23779 Microsoft Edge脚本引擎内存破坏漏洞(CVE-2016-0193)(MS16-052) 注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.109.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added: 23778 Microsoft Edge Scripting Engine Remote Memory Corruption Vulnerability(CVE-2016-0191)(MS16-052) Added: 23779 Microsoft Edge Scripting Engine Remote Memory Corruption Vulnerability(CVE-2016-0193)(MS16-052)
发布时间：2016-05-19 16:42:04

名称： eoi.unify.rulepatch.5.6.7.573.rule	版本：5.6.7.573
MD5：a608f7a5c81c605817a77e30c23ec82f	大小：10.60M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.109上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.573。该升级包新增/改进的规则有: 新增：41355 Qakbot恶意通信注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.109.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added: 41355 Qakbot malicious communication
发布时间：2016-05-13 14:13:41

名称： eoi.unify.rulepatch.5.6.7.572.rule	版本：5.6.7.572
MD5：e528a5eb02cf5712ccb67b294b8015e0	大小：10.60M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.109上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.572。该升级包新增/改进的规则有: 修改：23777 ImageMagick远程命令执行漏洞(CVE-2016-3714) 注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.109.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Modified: 23777 ImageMagick Remote code execution vulnerability(CVE-2016-3714)
发布时间：2016-05-06 13:29:55

名称： eoi.unify.rulepatch.5.6.7.571.rule	版本：5.6.7.571
MD5：a365c5564a5249946cc7112a6ea52bb4	大小：10.60M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.107上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.571。该升级包新增/改进的规则有: 新增：23777 ImageMagick远程命令执行漏洞(CVE-2016-3714) 注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.107.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added: 23777 ImageMagick Remote code execution vulnerability(CVE-2016-3714)
发布时间：2016-05-05 21:28:16

名称： eoi.unify.rulepatch.5.6.7.570.rule	版本：5.6.7.570
MD5：bf0d787170a8415b0eee89b219317c0f	大小：10.60M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.107上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.570。该升级包新增/改进的规则有: 新增：23772 Microsoft Edge 内存破坏漏洞(CVE-2016-0155)(MS16-038) 新增：23773 Advantech WebAccess Dashboard Viewer文件上传漏洞新增：23774 Microsoft Edge 权限提升漏洞(CVE-2016-0158)(MS16-038) 新增：23775 Microsoft Internet Explorer内存破坏漏洞(CVE-2016-0164)(MS16-037) 注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.107.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added: 23772 Microsoft Edge Memory Corruption Vulnerability(CVE-2016-0155)(MS16-038) Added: 23773 Advantech WebAccess Dashboard Viewer Arbitrary File Upload Vulnerability Added: 23774 Microsoft Edge Remote Privilege Escalation Vulnerability(CVE-2016-0158)(MS16-038) Added: 23775 Microsoft Internet Explorer Remote Memory Corruption Vulnerability(CVE-2016-0164)(MS16-037)
发布时间：2016-05-05 16:32:21

名称： eoi.unify.rulepatch.5.6.7.569.rule	版本：5.6.7.569
MD5：2ea57dbf671c60f86f33717116a5a804	大小：10.58M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.107上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.569。该升级包新增/改进的规则有: 新增：23763 WordPress Robo Gallery 2.0.14代码执行漏洞新增：23764 Joomla SimpleImageUpload任意文件上传漏洞新增：23767 Oracle Application Testing Suite UploadFileAction Servlet远程代码执行漏洞新增：23768 PostScript畸形文件头缓冲区溢出漏洞新增：23769 论坛杀手(Net-Worm.Perl.Santy.a)蠕虫病毒攻击新增：23770 Adobe Flash缓冲区溢出漏洞新增：41347 C99 PHP Webshell访问新增：23766 Dell KACE K1000文件上传漏洞修改: 21374 Apache Struts远程命令执行漏洞注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.107.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added: 23763 WordPress Robo Gallery 2.0.14 Code Execution Vulnerability Added: 23764 Joomla SimpleImageUpload Arbitrary File Upload Vulnerability Added: 23767 Oracle Application Testing Suite UploadFileAction Servlet Remote Code Execution Vulnerability Added: 23768 PostScript Malformed File Header Buffer Overflow Vulnerability Added: 23769 Net-Worm.Perl.Santy.a Attacking Added: 23770 Adobe Flash Buffer Overflow Vulnerability Added: 41347 C99 PHP Webshell Access Added: 23766 Dell KACE K1000 File Upload Vulnerability Modified: 21374 Apache Struts Remote Command Execution Vulnerability
发布时间：2016-04-27 21:51:48

名称： eoi.unify.rulepatch.5.6.7.567.rule	版本：5.6.7.567
MD5：ecf6641d3ce74e37808cbd69e6e1db1e	大小：10.58M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.107上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.567。该升级包新增/改进的规则有: 新增：41348 黑暗幽灵木马恶意通信注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.107.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added: 41348 Trojan DCM malicious communication
发布时间：2016-04-20 23:38:45

名称： eoi.unify.rulepatch.5.6.7.565.rule	版本：5.6.7.565
MD5：439953f544f2d4dc2a56945a589f55f6	大小：10.57M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.107上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.565。该升级包新增/改进的规则有: 新增：23761 MeshCMS 3.6远程命令执行漏洞新增：23762 Wordpress Plugin HB Audio Gallery Lite 任意文件下载漏洞修改：41339 Locky 勒索软件恶意通信注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.107.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added: 23761 MeshCMS 3.6 Remote Command Execution Vulnerability Added: 23762 Wordpress Plugin HB Audio Gallery Lite Arbitrary File Download Vulnerability Modified: 41339 Locky ransomeware malicious communication
发布时间：2016-04-14 17:10:33

名称： eoi.unify.rulepatch.5.6.7.564.rule	版本：5.6.7.564
MD5：fe44375a8d4d85101f3252fd68fffa95	大小：10.57M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.107上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.564。该升级包新增/改进的规则有: 新增：23757 Apache Jetspeed目录穿越漏洞新增：23758 Apache Jetspeed用户管理REST API未授权访问漏洞新增：23756 多种安防监控系统存在远程代码执行漏洞新增：23755 Sysax Multi Server 6.50 HTTP文件共享SEH溢出RCE利用新增：41340 疑似恶意勒索软件通信注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.107.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added: 23757 Apache Jetspeed Directory Traversal Vulnerabiliy Added: 23758 Apache Jetspeed User Manager REST API Unauthorized Access Vulnerability Added: 23756 Multiple CCTV-DVR Systems Remote Command Execution Vulnerability Added: 23755 Sysax Multi Server 6.50 HTTP File Share SEH Overflow RCE Exploit Added: 41340 Suspicious Malicious Ransomware Communication
发布时间：2016-04-07 15:50:00

名称： eoi.unify.rulepatch.5.6.7.563.rule	版本：5.6.7.563
MD5：76d2e49dab9ba23f310530a350612d65	大小：10.57M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.107上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.563。该升级包新增/改进的规则有: 新增：41341 僵尸网络程序KTN-RM(Linux/Remaiten)连接服务器注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.107.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added: 41341 Botnet Malware KTN-RM(Linux/Remaiten) Connecting to the Server
发布时间：2016-04-01 21:18:28

名称： eoi.unify.rulepatch.5.6.7.561.rule	版本：5.6.7.561
MD5：f8e7c3710274951cd6d778f45d373222	大小：10.56M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.107上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.561。该升级包新增/改进的规则有: 修改: 40382 DDOS工具Mstream主控端探测分布端新增: 41336 远程控制工具PSEXEC建立连接新增: 23752 Wordpress Site Import Plugin 1.0.1本地和远程文件包含漏洞新增: 23753 Microsoft Office畸形EPS文件漏洞(CVE-2015-2545)(MS15-099) 新增: 23754 Zenphoto 1.4.11远程文件包含漏洞注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.107.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Modified: 40382 DDOS Tool Mstream Console and Distributed End Detection Added: 41336 Remote Control Tool PSEXEC Establish Connections Added: 23752 Wordpress Site Import Plugin 1.0.1 Local and Remote File Inclusion Vulnerability Added: 23753 Microsoft Office Malformed EPS File Vulnerability(CVE-2015-2545)(MS15-099) Added: 23754 Zenphoto 1.4.11 Remote File Inclusion Vulnerability
发布时间：2016-03-31 16:23:52

名称： eoi.unify.rulepatch.5.6.7.560.rule	版本：5.6.7.560
MD5：7941e819544eaacd2f96e4529fc3df78	大小：10.56M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.107上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.560。该升级包新增/改进的规则有: 修改: 41339 Locky 勒索软件恶意通信注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.107.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Modify: 41339 Locky ransomeware malicious communication
发布时间：2016-03-24 21:18:40

名称： eoi.unify.rulepatch.5.6.7.559.rule	版本：5.6.7.559
MD5：f181d2164bfc4410dde7f1b40cbe1505	大小：10.55M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.107上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.559。该升级包新增/改进的规则有: 新增: 41339 Locky 勒索软件恶意通信注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.107.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added: 41339 Locky ransomeware malicious communication
发布时间：2016-03-23 23:18:21

名称： eoi.unify.rulepatch.5.6.7.557.rule	版本：5.6.7.557
MD5：2a3a97fab920476b23ea73835e4e6bcf	大小：10.54M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.107上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.557。该升级包新增/改进的规则有：新增: 23751 Microsoft Edge内存破坏漏洞(CVE-2016-0124)(MS16-024) 新增: 23741 Microsoft 浏览器内存破坏漏洞(CVE-2016-0110) 新增: 23746 Microsoft Internet Explorer内存破坏漏洞(CVE-2016-0111)(MS16-023) 新增: 23747 Microsoft Internet Explorer SNeighborPosi释放后重利用远程代码执行漏洞(CVE-2016-0109)(MS16-023) 新增: 23745 Microsoft Internet Explorer 10缓冲区溢出漏洞(CVE-2016-0104) 新增: 23743 PHP Utility Belt远程代码执行漏洞新增: 23750 Microsoft Internet Explorer 释放后重利用远程代码执行漏洞(CVE-2016-0114)(MS16-023) 新增: 23749 Microsoft Edge GetLineBoxForReuse远程代码执行漏洞(CVE-2016-0123) (MS16-024) 新增: 23742 Microsoft Internet Explorer内存破坏漏洞(CVE-2016-0113) 新增: 23740 Microsoft 浏览器内存破坏漏洞(CVE-2016-0105) 新增: 23748 Microsoft Internet Explorer setAttribute释放后重利用信息泄露漏洞(CVE-2016-0112)（MS16-023）新增: 23744 Microsoft Internet Explorer CDataset RemoveItem信息泄露漏洞(CVE-2016-0106)(MS16-023) 新增: 23739 Open-Xchange Guard PGP私钥检索信息泄露漏洞(CVE-2015-8542) 新增: 41335 Trojan.Downloader.Rozena 恶意通信注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.107.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added: 23751 Microsoft Edge Memory Corruption Vulnerability(CVE-2016-0124)(MS16-024) Added: 23741 Microsoft Browser Memory Corruption Vulnerability(CVE-2016-0110) Added: 23746 Microsoft Internet Explorer Memory Corruption Vulnerability(CVE-2016-0111)(MS16-023) Added: 23747 Microsoft Internet Explorer SNeighborPosi Use After Free Remote Code Execution Vulnerability(CVE-2016-0109)(MS16-023) Added: 23745 Microsoft Internet Explorer 10 buffer overflow Vulnerability(CVE-2016-0104) Added: 23743 PHP Utility Belt Remote Code Execution Vulnerability Added: 23750 Microsoft Internet Explorer Use-After-Free Remote Code Execution Vulnerability(CVE-2016-0114)(MS16-023) Added: 23749 Microsoft Edge GetLineBoxForReuse Remote Code Execution Vulnerability(CVE-2016-0123) (MS16-024) Added: 23742 Microsoft Internet Explorer Memory Corruption Vulnerability(CVE-2016-0113) Added: 23740 Microsoft Browser Memory Corruption Vulnerability(CVE-2016-0105) Added: 23748 Microsoft Internet Explorer setAttribute Use After Free Remote Code Execution Vulnerability(CVE-2016-0112)（MS16-023） Added: 23744 Microsoft Internet Explorer CDataset RemoveItem Information Disclosure Vulnerability(CVE-2016-0106)(MS16-023) Added: 23739 Open-Xchange Guard PGP Private Key Retrieval Information Disclosure Vulnerability(CVE-2015-8542) Added: 41335 Trojan.Downloader.Rozena malicious communication
发布时间：2016-03-17 16:30:53

名称： eoi.unify.rulepatch.5.6.7.556.rule	版本：5.6.7.556
MD5：2ccdfffaae6e4a628b562b8961487bf1	大小：10.53M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.107上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.556。该升级包新增/改进的规则有：新增: 41329 Trojan.GenericKD.3044676 恶意通信新增: 23735 Cisco ASA Software IKEv1/IKEv2缓冲区溢出漏洞新增: 23734 MetInfo 5.1.7任意文件包含漏洞新增: 41330 Trojan.Win32.Zbot.iuk 恶意通信新增: 23733 D-Link DCS-930L Authenticated 远程命令执行漏洞新增: 10415 Microsoft Network Policy Server RADIUS拒绝服务漏洞(CVE-2016-0050)(MS16-021) 新增: 23736 NETGEAR ProSafe Network Management System 300任意文件上传漏洞(CVE-2016-1525) 新增: 41331 Trojan.Ransom.Bitman.kcp 恶意通信新增: 41332 Trojan.Agent.BQHF 恶意通信新增: 41333 Trojan.Ransom.Bitman.kwk 恶意通信新增: 41334 Trojan.forucon.bme 恶意通信注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.107.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added: 41329 Trojan.GenericKD.3044676 malicious communication Added: 23735 Cisco ASA Software IKEv1 and IKEv2 Buffer Overflow Vulnerability Added: 23734 MetInfo 5.1.7 Arbitrary File Inclusion Vulnerability Added: 41330 Trojan.Win32.Zbot.iuk malicious communication Added: 23733 D-Link DCS-930L Authenticated Remote Command Execution Vulnerability Added: 10415 Microsoft Network Policy Server RADIUS Denial of Service Vulnerability(CVE-2016-0050)(MS16-021) Added: 23736 NETGEAR ProSafe Network Management System 300 Arbitrary File Upload Vulnerability(CVE-2016-1525) Added: 41331 Trojan.Ransom.Bitman.kcp malicious communication Added: 41332 Trojan.Agent.BQHF malicious communication Added: 41333 Trojan.Ransom.Bitman.kwk malicious communication Added: 41334 Trojan.forucon.bme malicious communication
发布时间：2016-03-10 16:08:14

名称： eoi.unify.rulepatch.5.6.7.555.rule	版本：5.6.7.555
MD5：9babdbc8fa1ef864c62f4367b47b3773	大小：10.53M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.107上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.555。该升级包新增/改进的规则有：新增: 23737 OpenSSl SSLv2 DROWN攻击(CVE-2016-0800) 新增: 23738 Jenkins Java反序列化漏洞(CVE-2016-0792) 注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.107.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added: 23737 OpenSSl SSLv2 DROWN Attack(CVE-2016-0800) Added: 23738 Jenkins Java Unserialization Vulnerability(CVE-2016-0792)
发布时间：2016-03-02 22:42:53

名称： eoi.unify.rulepatch.5.6.7.553.rule	版本：5.6.7.553
MD5：62964952ce5cb30a009c4f8d8a7cde8b	大小：10.53M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.107上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.553。该升级包新增/改进的规则有：新增: 23729 Microsoft IE远程内存破坏漏洞(CVE-2016-0063) 新增: 41328 DNS回应包长度异常新增: 23730 Microsoft Internet Explorer内存破坏漏洞(CVE-2016-0067)(MS16-009) 新增: 23731 Microsoft Browser IE内存破坏漏洞(CVE-2016-0060) 新增: 23732 Microsoft Edge ASLR 绕过漏洞(CVE-2016-0080) 注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.107.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added:23729 Microsoft Internet Explorer Remote Memory Corruption Vulnerability(CVE-2016-0063) Added:41328 DNS Response Packet Overlong Added:23730 Microsoft Internet Explorer Memory Corruption Vulnerability(CVE-2016-0067)(MS16-009) Added:23731 Microsoft Browser IE Memory Corruption Vulnerability(CVE-2016-0060) Added:23732 Microsoft Edge ASLR Bypass Vulnerability(CVE-2016-0080)
发布时间：2016-02-25 16:26:32

名称： eoi.unify.rulepatch.5.6.7.552.rule	版本：5.6.7.552
MD5：068f7fc82af25a3b8dd48361727c0dc4	大小：10.52M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.107上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.552。该升级包新增/改进的规则有：新增: 41327 Trojan.GenericKD.2994738 恶意通信新增: 41323 Trojan.Win32.Zlader 恶意通信注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.107.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added: 41327 Trojan.GenericKD.2994738 malicious communication Added: 41323 Trojan.Win32.Zlader malicious communication
发布时间：2016-02-18 15:48:22

名称： eoi.unify.rulepatch.5.6.7.551.rule	版本：5.6.7.551
MD5：b6cec9ea8061064750b07699b23303d7	大小：10.52M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.107上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.551。该升级包新增/改进的规则有：新增: 41322 Trojan.GenericKD.2994078 恶意通信新增: 41326 Trojan.Heur.LP.aq5@a0xTOg 恶意通信注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.107.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added: 41322 Trojan.GenericKD.2994078 malicious communication Added: 41326 Trojan.Heur.LP.aq5@a0xTOg malicious communication
发布时间：2016-02-11 13:37:08

名称： eoi.unify.rulepatch.5.6.7.550.rule	版本：5.6.7.550
MD5：41226afd2aff19f387a6b47cd8c868e7	大小：10.52M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.107上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.550。该升级包新增/改进的规则有：新增: 30684 联想茄子快传 ShareIT 信息泄露漏洞新增: 41324 Trojan.GenericKD.2993536 恶意通信新增: 41325 Trojan.GenericKD.2998289 恶意通信新增: 10413 HTML5 history.pushState拒绝服务攻击注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.107.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added: 30684 Lenovo ShareIT Information Disclosure Added: 41324 Trojan.GenericKD.2993536 malicious communication Added: 41325 Trojan.GenericKD.2998289 malicious communication Added: 10413 HTML5 history.pushState Denial of Service Attack
发布时间：2016-02-04 12:22:10

名称： eoi.unify.rulepatch.5.6.7.549.rule	版本：5.6.7.549
MD5：101a1733dbe4f1ba002f80fd90889b3d	大小：10.52M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.107上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.549。该升级包新增/改进的规则有：新增: 23727 Gwolle Guestbook WordPress插件远程文件包含漏洞(CVE-2015-8351) 新增: 41320 Trojan.GenericKD.2984067 恶意通信新增: 41317 Trojan.Win32.Banker.qeo 恶意通信新增: 41318 Trojan.Agent.BPSY 恶意通信新增: 41319 Trojan.GenericKD.2986749 恶意通信新增: 41312 Trojan.Win32.Banker.kqr 恶意通信新增: 41321 Trojan.GenericKD.2986731 恶意通信新增: 41313 Trojan.Win32.Banker.lgb 恶意通信新增: 41314 Trojan.Win32.Banker.kxq 恶意通信新增: 41315 Trojan.Win32.Banker.mir 恶意通信新增: 41316 Trojan.Win32.Banker.3693056 恶意通信新增: 23726 owncloud信息泄露漏洞(CVE-2015-1499) 新增: 41310 Bill Gates僵尸网络通讯新增: 23724 SevOne NMS Remote Root利用新增: 23725 应用服务器glassfish任意文件读取漏洞注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.107.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added: 23727 WordPress Gwolle Guestbook Plugin Remote File Inclusion (CVE-2015-8351) Added: 41320 Trojan.GenericKD.2984067 malicious communication Added: 41317 Trojan.Win32.Banker.qeo malicious communication Added: 41318 Trojan.Agent.BPSY malicious communication Added: 41319 Trojan.GenericKD.2986749 malicious communication Added: 41312 Trojan.Win32.Banker.kqr malicious communication Added: 41321 Trojan.GenericKD.2986731 malicious communication Added: 41313 Trojan.Win32.Banker.lgb malicious communication Added: 41314 Trojan.Win32.Banker.kxq malicious communication Added: 41315 Trojan.Win32.Banker.mir malicious communication Added: 41316 Trojan.Win32.Banker.3693056 malicious communication Added: 23726 owncloud Information Disclosure Vulnerability (CVE-2015-1499) Added: 41310 Bill Gates BotNet Communication Added: 23724 SevOne NMS Remote Root Exploit Added: 23725 Application server Glassfish Directory Traversal Vulnerability
发布时间：2016-01-28 17:10:33

名称： eoi.unify.rulepatch.5.6.7.548.rule	版本：5.6.7.548
MD5：f4dd703d64028ff43bf26c5e0e8cc235	大小：10.50M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.107上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.548。该升级包新增/改进的规则有：新增: 23723 Ipswitch WhatsUp Gold 远程代码执行漏洞新增: 23721 Microsoft Edge TextData类型混淆信息泄露漏洞(CVE-2016-0003)(MS16-002) 新增: 23720 D-Link DCS-931L文件上传漏洞新增: 41299 Backdoor.Win32.Androm.izgs 恶意通信新增: 41300 Trojan.GenericKD.2972491 恶意通信新增: 41301 Trojan.GenericKD.2971542 恶意通信新增: 41302 Trojan.Win32.Banker.acvi 恶意通信新增: 41303 Trojan.Strictor.24290 恶意通信新增: 41304 Trojan.Heur.PT.FmJdbCI2YAk 恶意通信新增: 41305 Trojan.GenericKD.2972826 恶意通信新增: 41306 Backdoor.Win32.Zegost.msysn 恶意通信新增: 41307 Trojan-Banker.Win32.BestaFera.git 恶意通信注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.107.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added: 23723 Ipswitch WhatsUp Gold Remote Code Execution Vulnerability Added: 23721 Microsoft Edge Memory Corruption Vulnerability(CVE-2016-0003)(MS16-002) Added: 23720 D-Link DCS-931L File Upload Vulnerability Added: 41299 Backdoor.Win32.Androm.izgs malicious communication Added: 41300 Trojan.GenericKD.2972491 malicious communication Added: 41301 Trojan.GenericKD.2971542 malicious communication Added: 41302 Trojan.Win32.Banker.acvi malicious communication Added: 41303 Trojan.Strictor.24290 malicious communication Added: 41304 Trojan.Heur.PT.FmJdbCI2YAk malicious communication Added: 41305 Trojan.GenericKD.2972826 malicious communication Added: 41306 Backdoor.Win32.Zegost.msysn malicious communication Added: 41307 Trojan-Banker.Win32.BestaFera.git malicious communication
发布时间：2016-01-21 15:21:55

名称： eoi.unify.rulepatch.5.6.7.547.rule	版本：5.6.7.547
MD5：57cf140508c1b03a79c4142f11c33620	大小：10.50M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.107上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.547。该升级包新增/改进的规则有：新增: 41309 黑暗力量(Black Energy)木马通信注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.107.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added: 41309 Trojan.BlackEnergy Communication
发布时间：2016-01-16 12:14:02

名称： eoi.unify.rulepatch.5.6.7.545.rule	版本：5.6.7.545
MD5：0c32061db856d41fb8dc047bb504cbac	大小：10.49M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.107上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.545。该升级包新增/改进的规则有：新增: 41297 Trojan.GenericKD.2942632 收集信息新增: 41298 Trojan.GenericKD.2942632 获取恶意文件注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.105.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added: 41297 Trojan.GenericKD.2942632 collect info Added: 41298 Trojan.GenericKD.2942632 get malicious files
发布时间：2016-01-14 17:44:09

名称： eoi.unify.rulepatch.5.6.7.544.rule	版本：5.6.7.544
MD5：5b286837f2471113073c2a144c7cf76a	大小：10.48M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.105上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.544。该升级包新增/改进的规则有：修改: 23580 Zpanel 10.1.0未经身份验证远程代码执行漏洞注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.105.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Modified: 23580 Zpanel 10.1.0 Remote Unauthenticated Code Execution Vulnerability
发布时间：2016-01-07 14:20:22

名称： eoi.unify.rulepatch.5.6.7.543.rule	版本：5.6.7.543
MD5：c1401657e04b3303d21ff990194fd4dd	大小：10.48M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.105上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.543。该升级包新增/改进的规则有：新增: 41295 Worm.Win32.Viking.4125C284 恶意通信新增: 41296 Worm.Brontok.A 恶意通信修改: 23614 Oracle Weblogic Server Java反序列化漏洞注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.105.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added: 41295 Worm.Win32.Viking.4125C284 malicious communication Added: 41296 Worm.Brontok.A malicious communication Modified: 23614 Oracle Weblogic Server Java Unserialization Vulnerability
发布时间：2015-12-31 16:26:10

名称： eoi.unify.rulepatch.5.6.7.542.rule	版本：5.6.7.542
MD5：e4b8c6a32f72979b49b04896848d34fa	大小：10.48M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.105上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.542。该升级包新增/改进的规则有：新增：23684 Juniper NetScreenOS系统未授权登录后门新增：41291 Trojan.Kazy.290327 恶意通信新增：41290 Trojan.Generic.8406478 恶意通信新增：41292 Trojan.Variant.Symmi.13690 恶意通信新增：41293 Worm.Win32.Viking.bb 恶意通信新增：23680 Microsoft Edge 权限提升漏洞(CVE-2015-6170)(MS15-125) 新增：23676 Microsoft IE 脚本引擎内存破坏漏洞(CVE-2015-6136)(MS15-124) 新增：23678 Microsoft IE 远程内存破坏漏洞(CVE-2015-6150)(MS15-124) 新增：23671 Microsoft IE 远程内存破坏漏洞(CVE-2015-6147)(MS15-124) 新增：23679 Microsoft IE 远程内存破坏漏洞(CVE-2015-6156)(MS15-124) 新增：23672 Microsoft IE 远程内存破坏漏洞(CVE-2015-6152)(MS15-124) 新增：23673 Microsoft IE及Edge远程内存破坏漏洞(CVE-2015-6159)(MS15-125) 新增：23665 Microsoft Internet Explorer 内存破坏漏洞(CVE-2015-6134) 新增：23675 Microsoft Windows信息泄露漏洞(CVE-2015-6127) 新增：23667 Microsoft IE 远程内存破坏漏洞(CVE-2015-6149)(MS15-124) 新增：23668 Microsoft IE及Edge远程内存破坏漏洞(CVE-2015-6154)(MS15-125) 新增：23669 Microsoft IE Mutation Observer释放后重利用远程代码执行漏洞(CVE-2015-6160)(MS15-124) 新增：23670 Microsoft IE/Edge 远程内存破坏漏洞(CVE-2015-6140)(MS15-124) 新增：23666 Microsoft IE/Edge 远程内存破坏漏洞(MS15-124) 新增：23674 Microsoft Internet Explorer 内存损坏漏洞(CVE-2015-6083)(MS15-124) 新增：41289 Android AndroidKungFu Malware 命令控制新增：41288 Worm.Win32.Viking.mi 新增：23663 F5 iControl iCall Script Root命令执行漏洞(CVE-2015-3628) 新增：23664 phpFileManager 0.9.8远程代码执行漏洞(CVE-2015-5958) 新增：23660 Atlassian HipChat for Jira插件快速模板注入漏洞(CVE-2015-5603) 新增：23661 Piwigo install.php脚本目录遍历漏洞新增：23659 多个ManageEngine产品任意文件上传漏洞（CVE-2014-5006）新增：23681 ManageEngine Desktop Central 9 文件上传Servlet ConnectionId 漏洞(CVE-2015-8249) 注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.105.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added: 23684 Juniper NetScreenOS System Backdoor Authentication Backdoor Added: 41291 Trojan.Kazy.290327 malicious communication Added: 41290 Trojan.Generic.8406478 malicious communication Added: 41292 Trojan.Variant.Symmi.13690 malicious communication Added: 41293 Worm.Win32.Viking.bb malicious communication Added: 23680 Microsoft Edge Elevated Privileges Vulnerability(CVE-2015-6170)(MS15-125) Added: 23676 Microsoft IE Script Engine Memory Corruption Vulnerability(CVE-2015-6136)(MS15-124) Added: 23678 Microsoft IE Remote Memory Corruption Vulnerability(CVE-2015-6150)(MS15-124) Added: 23671 Microsoft Internet Explorer Remote Memory Corruption Vulnerability(CVE-2015-6147)(MS15-124) Added: 23679 Microsoft IE Remote Memory Corruption Vulnerability(CVE-2015-6156)(MS15-124) Added: 23672 Microsoft Internet Explorer Remote Memory Corruption Vulnerability(CVE-2015-6152)(MS15-124) Added: 23673 Microsoft Internet Explorer and Edge Remote Memory Corruption Vulnerability(CVE-2015-6159)(MS15-125) Added: 23665 Microsoft Internet Explorer Remote Memory Corruption Vulnerability(CVE-2015-6134) Added: 23675 Microsoft Windows Information Disclosure Vulnerability(CVE-2015-6127) Added: 23667 Microsoft Internet Explorer Remote Memory Corruption Vulnerability(CVE-2015-6149)(ms15-124) Added: 23668 Microsoft Internet Explorer Remote Memory Corruption Vulnerability(CVE-2015-6154)(ms15-125) Added: 23669 Microsoft IE Mutation Observer Use After Free Remote Code Execution Vulnerability(CVE-2015-6160)(MS15-124) Added: 23670 Microsoft Internet Explorer and Edge Remote Memory Corruption Vulnerability(CVE-2015-6140)(MS15-124) Added: 23666 Microsoft Internet Explorer Remote Memory Corruption Vulnerability(ms15-124) Added: 23674 Microsoft Internet Explorer Memory Corruption Vulnerability(CVE-2015-6083)(MS15-124) Added: 41289 Android AndroidKungFu Malware Command and Control Added: 41288 Worm.Win32.Viking.mi Added: 23663 F5 iControl iCall Script Root Command Execution Vulnerability(CVE-2015-3628) Added: 23664 phpFileManager 0.9.8 Remote Command Execution Vulnerability(CVE-2015-5958) Added: 23660 Atlassian HipChat for Jira Plugin Velocity Template Injection Vulnerability(CVE-2015-5603) Added: 23661 Piwigo install.php Script Path Traversal Vulnerability Added: 23659 ManageEngine Desktop Central StatusUpdate Arbitrary File Upload(CVE-2014-5006) Added: 23681 ManageEngine Desktop Central 9 FileUploadServlet ConnectionId Vulnerability(CVE-2015-8249)
发布时间：2015-12-22 15:10:47

名称： eoi.unify.rulepatch.5.6.7.540.rule	版本：5.6.7.540
MD5：e9175962765db2f6be16d924dd31e330	大小：10.48M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.105上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.540。该升级包新增/改进的规则有：新增：23682 Joomla反序列化远程命令执行漏洞注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.105.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added: 23682 Joomla Unserialize Remote Code Execution Vulnerability
发布时间：2015-12-16 14:47:26

名称： eoi.unify.rulepatch.5.6.7.538.rule	版本：5.6.7.538
MD5：2e1d8adc9f7a4cc08411d6e4573510d0	大小：10.46M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.105上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.538。该升级包新增/改进的规则有：新增：23654 Easy File Sharing Web Server 7.2 - 远程溢出漏洞新增：23655 WordPress theme parallelus-salutation任意文件下载漏洞新增：41283 webshell三剑客之jspspy命令执行新增：41284 webshell三剑客之phpspy命令执行新增：41285 Trojan.Dalexis.Gen.1 恶意通信新增：41286 Trojan.Generic.13058195 utilmall 恶意通信新增：41287 Trojan.Generic.13058195 cyutil 恶意通信新增：23656 Oracle BeeHive 2 voice-servlet processEvaluation()漏洞新增：23657 Limesurvey Unauthenticated文件下载漏洞修改：40297 Web服务"../"路径串目录遍历攻击注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.105.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added:23654 Easy File Sharing Web Server 7.2 - Remote SEH Buffer Overflow Added:23655 WordPress theme parallelus-salutation Arbitrary File Download Vulnerability Added:41283 webshell The Three Musketeers (jspspy Command Execution) Added:41284 webshell ( The Three Musketeers) phpspy Command Execution Added:41285 Trojan.Dalexis.Gen.1 malicious communication Added:41286 Trojan.Generic.13058195 utilmall malicious communication Added:41287 Trojan.Generic.13058195 cyutil malicious communication Added:23656 Oracle BeeHive 2 voice-servlet processEvaluation() Vulnerability Added:23657 Limesurvey Unauthenticated File Download Vulnerability Modified:40297 Web Service Directory Traversal Attack
发布时间：2015-12-10 14:40:33

名称： eoi.unify.rulepatch.5.6.7.537.rule	版本：5.6.7.537
MD5：d2ef9a2748b23f9fcbc5ebbbde55039d	大小：10.45M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.105上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.537。该升级包新增/改进的规则有：新增：23615 Joomla com_autostand文件上传漏洞新增：23616 Joomla com_media远程代码执行漏洞新增：41281 Trojan.IPZ.7 获取恶意信息新增：41282 Trojan.Win32.Teslacrypt.380928 获取恶意信息注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.105.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added：23615 Joomla com_autostand File Upload Vulnerability Added：23616 Joomla com_media Remote File Upload Vulnerability Added：41281 Trojan.IPZ.7 Get malicious info Added：41282 Trojan.Win32.Teslacrypt.380928 Get malicious info
发布时间：2015-12-03 16:58:06

名称： eoi.unify.rulepatch.5.6.7.536.rule	版本：5.6.7.536
MD5：3417356f7fd40162224585d7975a935b	大小：10.44M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.105上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.536。该升级包新增/改进的规则有：新增：23612 Jboss JMX Java反序列化漏洞新增：41280 Trojan.Filecoder.gr.nl 勒索软件新增：23614 Oracle Weblogic Server Java反序列化漏洞新增：23613 IBM Websphere Java反序列化漏洞新增：41278 Trojan.MSIL.NetSeal 恶意通信新增：41279 Trojan.Win32.Fareit.gi 恶意通信新增：23605 Microsoft Internet Explorer内存破坏漏洞(CVE-2015-6066)(MS15-112) 新增：23606 Microsoft Internet Explorer内存破坏漏洞(CVE-2015-6070)(MS15-112) 新增：23607 Microsoft Internet Explorer内存破坏漏洞(CVE-2015-6071)(MS15-112) 新增：23604 Microsoft Internet Explorer内存破坏漏洞(CVE-2015-6065)(MS15-112) 新增：23608 Microsoft Internet Explorer内存破坏漏洞(CVE-2015-6075)(MS15-112) 新增：23609 Microsoft Internet Explorer内存破坏漏洞(CVE-2015-6076)(MS15-112) 新增：23610 Microsoft Internet Explorer内存破坏漏洞(CVE-2015-6078)(MS15-112) 新增：23603 Microsoft Internet Explorer内存破坏漏洞(CVE-2015-6064)(MS15-112) 修改: 22486 PhpTax pfilez Parameter Exec 远程代码注入漏洞注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.105.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added：23612 Jboss JMX Java Unserialization Vulnerability Added：41280 Trojan.Filecoder.gr.nl Nransomware Added：23614 Oracle Weblogic Server Java Unserialization Vulnerability Added：23613 IBM Websphere Java Unserialization Vulnerability Added：41278 Trojan.MSIL.NetSeal malicious communication Added：41279 Trojan.Win32.Fareit.gi malicious communication Added：23605 Microsoft Internet Explorer Memory Corruption Vulnerability(CVE-2015-6066)(MS15-112) Added：23606 Microsoft Internet Explorer Memory Corruption Vulnerability(CVE-2015-6070)(MS15-112) Added：23607 Microsoft Internet Explorer Memory Corruption Vulnerability(CVE-2015-6071)(MS15-112) Added：23604 Microsoft Internet Explorer Memory Corruption Vulnerability(CVE-2015-6065)(MS15-112) Added：23608 Microsoft Internet Explorer Memory Corruption Vulnerability(CVE-2015-6075)(MS15-112) Added：23609 Microsoft Internet Explorer Memory Corruption Vulnerability(CVE-2015-6076)(MS15-112) Added：23610 Microsoft Internet Explorer Memory Corruption Vulnerability(CVE-2015-6078)(MS15-112) Added：23603 Microsoft Internet Explorer Memory Corruption Vulnerability(CVE-2015-6064)(MS15-112) Modified: 22486 PhpTax pfilez Parameter Exec Remote Code Injection
发布时间：2015-11-26 14:06:22

名称： eoi.unify.rulepatch.5.6.7.535.rule	版本：5.6.7.535
MD5：32e7d9e5001544fce99f3cc1ab7c0724	大小：10.44M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.105上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.535。该升级包新增/改进的规则有：新增：23593 Apache Jackrabbit XML外部实体信息泄露漏洞新增：23595 Huawei HG532路由器路径遍历漏洞新增：23598 Microsoft Internet Explorer内存破坏漏洞(CVE-2015-6079)(MS15-112) 新增：23599 Microsoft Internet Explorer内存破坏漏洞(CVE-2015-6081)(MS15-112) 新增：23600 Microsoft Internet Explorer内存破坏漏洞(CVE-2015-6084)(MS15-112) 新增：23601 Microsoft Internet Explorer ASLR绕过漏洞(CVE-2015-6088)(MS15-112) 新增：23602 Microsoft Internet Explorer脚本引擎内存破坏漏洞(CVE-2015-6089)(MS15-112) 新增：41277 ZeroAccess 节点恶意流量修改：10388 Apache Tomcat哈希碰撞拒绝服务漏洞注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.105.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added:23593 Apache Jackrabbit XML External Entity Information Disclosure Vulnerability Added:23595 Huawei HG532 Router Device Directory Traversal Vulnerability Added:23598 Microsoft Internet Explorer Memory Corruption Vulnerability(CVE-2015-6079)(MS15-112) Added:23599 Microsoft Internet Explorer Memory Corruption Vulnerability(CVE-2015-6081)(MS15-112) Added:23600 Microsoft Internet Explorer Memory Corruption Vulnerability(CVE-2015-6084)(MS15-112) Added:23601 Microsoft Internet Explorer ASLR Bypass Vulnerability(CVE-2015-6088)(MS15-112) Added:23602 Microsoft Internet Explorer Script Engine Memory Corruption Vulnerability(CVE-2015-6089)(MS15-112) Added:41277 ZeroAccess Supernode malicious Traffic Modified:10388 Apache Tomcat Hash Collision Denial of Service Vulnerability
发布时间：2015-11-19 15:47:40

名称： eoi.unify.rulepatch.5.6.7.534.rule	版本：5.6.7.534
MD5：d6cc2d01864e02448caeed75098515b5	大小：10.44M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.105上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.534。该升级包新增/改进的规则有：新增：23597 Redis未授权访问远程获得服务器权限漏洞新增：23594 vBulletin论坛平台预授权远程代码执行漏洞注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.105.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added:23597 Redis Unauthorized Access obtain Remote server permission Vulnerability Added:23594 vBulletin Platform PreAuth Remote Code Execution Vulnerability
发布时间：2015-11-13 15:04:10

名称： eoi.unify.rulepatch.5.6.7.533.rule	版本：5.6.7.533
MD5：b765073b9d94eb70cd1543bfa31dce4c	大小：10.42M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.105上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.533。该升级包新增/改进的规则有：新增：23585 Redis 未授权访问漏洞新增：23584 Memcached 未授权访问漏洞新增：23583 articleFR 3.0.7 任意文件读取漏洞新增：41263 Trojan.Mikey.22923 恶意通信新增：41264 Trojan.Win32.Tinba 恶意通信新增：41265 Backdoor.Win32.Pex 恶意通信新增：41261 Trojan.Ransom.CRYPAURA.D 恶意通信新增：41266 Trojan.Win32.Delf.QEZ 恶意通信新增：23582 Th3 MMA mma.php Backdoor任意文件上传漏洞新增：41262 Trojan.Kazy.608877 恶意通信新增：41246 Trojan.Win32.Tepfer.pws 恶意通信新增：41247 Trojan.Dropper.ZAccess.tc 恶意通信新增：23592 WebPagetest多个输入验证漏洞新增：41271 Trojan.Kazy.2137 恶意通信新增：41267 Trojan.Variant.Mikey.27069 勒索软件新增：41268 Trojan.GenericKD.2779333 恶意通信新增：41269 Trojan.Kazy.307404 恶意通信新增：41270 Trojan.W32.Napolar.A 恶意通信新增：41248 Trojan.GenericKD.2829208 恶意通信新增：23586 PHPCMS V9 api.php Authkey 信息泄漏漏洞新增：23587 ThinkPHP framework 任意代码执行漏洞新增：23590 JBoss DeploymentFileRepository代码执行漏洞新增：23591 XODA 任意PHP文件上传漏洞新增：23589 Mongodb未授权访问漏洞注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.105.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added:23585 Redis Unauthorized Access Vulnerability Added:23584 Memcached Unauthorized Access Vulnerability Added:23583 articleFR 3.0.7 Arbitrary File Read Added:41263 Trojan.Mikey.22923 malicious communication Added:41264 Trojan.Win32.Tinba malicious communication Added:41265 Backdoor.Win32.Pex malicious communication Added:41261 Trojan.Ransom.CRYPAURA.D malicious communication Added:41266 Trojan.Win32.Delf.QEZ malicious communication Added:23582 Th3 MMA mma.php Backdoor Arbitrary File Upload Vulnerability Added:41262 Trojan.Kazy.608877 malicious communication Added:41246 Trojan.Win32.Tepfer.pws malicious communication Added:41247 Trojan.Dropper.ZAccess.tc malicious communication Added:23592 WebPagetest Multiple File Upload Vulnerability Added:41271 Trojan.Kazy.2137 malicious communication Added:41267 Trojan.Variant.Mikey.27069 Nransomware Added:41268 Trojan.GenericKD.2779333 malicious communication Added:41269 Trojan.Kazy.307404 malicious communication Added:41270 Trojan.W32.Napolar.A malicious communication Added:41248 Trojan.GenericKD.2829208 malicious communication Added:23586 PHPCMS V9 api.php Authkey Information Disclosure Vulnerability Added:23587 ThinkPHP framework Code Execution Added:23590 JBoss DeploymentFileRepository Code Execution Added:23591 XODA Arbitrary PHP File Upload Vulnerability Added:23589 Mongodb Unauthorized Access Vulnerability
发布时间：2015-11-12 14:26:07

名称： eoi.unify.rulepatch.5.6.7.532.rule	版本：5.6.7.532
MD5：aeac723232e42e2edb6fa84127f151c6	大小：10.42M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.105上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.532。该升级包新增/改进的规则有：新增：41275 百度moplus SDK虫洞(WormHole)漏洞注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.105.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added:41275 Baidu moplus SDK WormHole Vulnerability
发布时间：2015-11-05 15:45:47

名称： eoi.unify.rulepatch.5.6.7.530.rule	版本：5.6.7.530
MD5：69655bdac0882ccffa76780bce5fedb7	大小：10.41M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.105上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.530。该升级包新增/改进的规则有：新增：41259 BackDoor.Ircbot发送本机数据新增：41260 Trojan.Variant.Graftor.247439恶意通信新增：23580 Zpanel 10.1.0未经身份验证远程代码执行漏洞新增：23579 Elasticsearch 目录遍历漏洞新增：23581 Belkin N150目录遍历漏洞新增：41250 Trojan.Variant.Mikey.23662获取恶意信息新增：41255 Trojan.Generic.15041907恶意通信新增：41254 TrojanClicker.Autoit访问恶意网址新增：41251 Trojan.Variant.Mikey.23662发送本机数据新增：41252 Trojan.Win32.LoadMoney恶意通信新增：41258 Trojan.Filecoder.2783034勒索软件新增：41253 Gen.Variant.Graftor.207203恶意通信新增：23578 Nibbleblog文件上传漏洞新增：41256 Packer.Enigma.A恶意通信新增：41257 Trojan.Win32.Autoit恶意通信注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.105.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added:41259 BackDoor.Ircbot Send local info Added:41260 Trojan.Variant.Graftor.247439 malicious communication Added:23580 Zpanel 10.1.0 Remote Unauthenticated Code Execution Vulnerability Added:23579 Elasticsearch Path Traversal Vulnerability Added:23581 Belkin Router N150 Path Traversal Added:41250 Trojan.Variant.Mikey.23662Get malicious info Added:41255 Trojan.Generic.15041907 malicious communication Added:41254 TrojanClicker.Autoit access malicious website Added:41251 Trojan.Variant.Mikey.23662Send local info Added:41252 Trojan.Win32.LoadMoney malicious communication Added:41258 Trojan.Filecoder.2783034Nransomware Added:41253 Gen.Variant.Graftor.207203 malicious communication Added:23578 Nibbleblog File Upload Vulnerability Added:41256 Packer.Enigma.A malicious communication Added:41257 Trojan.Win32.Autoit malicious communication
发布时间：2015-10-29 15:15:21

名称： eoi.unify.rulepatch.5.6.7.529.rule	版本：5.6.7.529
MD5：60bcf478ecbfa1aade116ce3624ccef3	大小：10.39M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.105上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.529。该升级包新增/改进的规则有：新增：23576 Microsoft Tablet Input Band释放后重利用漏洞(CVE-2015-2548)(MS15-109) 新增：23577 Microsoft Edge XSS过滤器绕过漏洞(CVE-2015-6058)(MS15-106) 新增：23573 Microsoft Internet Explorer 内存破坏漏洞(CVE-2015-6042)(ms15-106) 新增：23571 Microsoft Windows Shell工具栏释放后使用漏洞(CVE-2015-2515)(MS15-109) 新增：23574 Microsoft Internet Explorer 内存破坏漏洞(CVE-2015-6049)(MS15-106) 新增：23572 Microsoft Internet Explorer 内存破坏漏洞(CVE-2015-6048)(MS15-106) 新增：30678 Microsoft Internet Explorer信息泄露漏洞(CVE-2015-6053)(MS15-106) 新增：41244 Gen.Heur.Conjar.11恶意通信新增：23570 F5 BIG-IP和Enterprise Manager 目录遍历漏洞新增：41238 Trojan.Dropper.VBM收集信息新增：30677 BisonWare BisonFTP信息泄露漏洞(CVE-2015-7602) 新增：23565 Kaseya Virtual System Administrator任意文件上传漏洞新增：23566 Simple Backdoor Shell远程代码执行漏洞新增：23567 KaseyaVirtual System远程升级特权(添加主管理员帐户) 注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.105.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added: 23576 Microsoft Tablet Input Band UAF Vulnerability(CVE-2015-2548)(MS15-109) Added: 23577 Microsoft Edge HTTP Response Handler cross site scripting Vulnerability(CVE-2015-6058)(MS15-106) Added: 23573 Microsoft Internet Explorer Remote Memory Corruption Vulnerability(CVE-2015-6042)(ms15-106) Added: 23571 Microsoft Windows Shell ToolBar Use After Free Vulnerability(CVE-2015-2515)(MS15-109) Added: 23574 Microsoft Internet Explorer Remote Memory Corruption Vulnerability(CVE-2015-6049)(ms15-106) Added: 23572 Microsoft Internet Explorer Memory Corruption Vulnerability(CVE-2015-6048)(MS15-106) Added: 30678 Microsoft Internet Explorer Information Disclosure Vulnerability(CVE-2015-6053)(MS15-106) Added: 41244 Gen.Heur.Conjar.11 malicious communication Added: 23570 F5 BIG-IP And Enterprise Manager Path Traversal Vulnerability Added: 41238 Trojan.Dropper.VBM Collect local info Added: 30677 BisonWare BisonFTP Information Disclosure Vulnerability(CVE-2015-7602) Added: 23565 Kaseya Virtual System Administrator Arbitrary File Upload Vulnerability Added: 23566 Simple Backdoor Shell Remote Code Execution Added: 23567 Kaseya Virtual System Remote privilege escalation(add Master Administrator account)
发布时间：2015-10-22 15:26:29

名称： eoi.unify.rulepatch.5.6.7.528.rule	版本：5.6.7.528
MD5：60e466b4d0cb9b91799090db784c9a11	大小：10.41M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.105上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.528。该升级包新增/改进的规则有：新增：41237 Trojan.Win32.Tepfer恶意通信注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.105.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added: 41237 Trojan.Win32.Tepfer malicious communication
发布时间：2015-10-15 15:16:02

名称： eoi.unify.rulepatch.5.6.7.527.rule	版本：5.6.7.527
MD5：1750313049e21d6fbb7e5c45652fb0fe	大小：10.41M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.105上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.527。该升级包新增/改进的规则有：修改: 20909 Borland InterBase ibserver.exe远程栈缓冲区溢出攻击注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.105.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Modified: 20909 Borland InterBase ibserver.exe Remote Stack Buffer Overflow
发布时间：2015-10-08 14:12:50

名称： eoi.unify.rulepatch.5.6.7.526.rule	版本：5.6.7.526
MD5：e0531eb0fad46e3a038f58a4b01e1d22	大小：10.41M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.105上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.526。该升级包新增/改进的规则有：新增：23557 Mindbite SiteFactory CMS 绝对路径遍历漏洞新增：23559 WordPress eShop插件任意文件覆盖漏洞(CVE-2015-3421) 新增：23556 Octogate UTM 3.0.12 - 管理界面目录遍历漏洞新增：23555 Synology Video Station 1.5-0757命令注入漏洞新增：23561 ManageEngine OpManager远程代码执行漏洞新增：23563 Konica Minolta FTP Utility 1.0远程命令执行新增：41231 Adware.ConvertAd.24 收集本机信息新增：41232 Adware.ConvertAd.24 获取恶意软件(livestatscounter.com) 新增：41233 Adware.ConvertAd.24 获取恶意软件(cloudfront.net) 新增：41234 GenVariant.Jaik.8690 收集本机信息新增：41235 Trojan.Cryptolocker.N勒索软件新增：41236 Trojan.GenericKD.2726293下载恶意文件注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.105.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added: 23557 SiteFactory CMS 5.5.9 Directory Traversal Added: 23559 WordPress eShop Plugin Arbitrary File Overwrite Vulnerability(CVE-2015-3421) Added: 23556 Octogate UTM 3.0.12 - Admin Interface Directory Traversal Added: 23555 Synology Video Station 1.5-0757 Command Injection Added: 23561 ManageEngine OpManager Remote Code Execution Added: 23563 Konica Minolta FTP Utility 1.0 Remote Command Execution Added: 41231 Adware.ConvertAd.24 Collect local info Added: 41232 Adware.ConvertAd.24 GET malware from livestatscounter.com Added: 41233 Adware.ConvertAd.24 GET malware from cloudfront.net Added: 41234 GenVariant.Jaik.8690 Collect local info Added: 41235 Trojan.Cryptolocker.Nransomware Added: 41236 Trojan.GenericKD.2726293 download malicious files
发布时间：2015-10-01 13:18:02

名称： eoi.unify.rulepatch.5.6.7.525.rule	版本：5.6.7.525
MD5：762861ae256fba3e966733ee9623f90e	大小：10.40M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.105上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.525。该升级包新增/改进的规则有：新增：41230 苹果XcodeGhost木马连接服务器注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.105.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added: 41230 Apple XcodeGhost Trojan Connecting Server
发布时间：2015-09-22 14:42:06

名称： eoi.unify.rulepatch.5.6.7.523.rule	版本：5.6.7.523
MD5：52f5fd95b0fdf4e785a6eb3357d3e27f	大小：10.83M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.105上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.523。该升级包新增/改进的规则有：新增：23544 Endian Firewall Proxy Password修改命令注入漏洞新增：23547 Microsoft Internet Explorer内存破坏漏洞(CVE-2015-2486)(MS15-094) 新增：23548 Microsoft Internet Explorer脚本引擎内存破坏漏洞(CVE-2015-2493)(MS15-094) 新增：23549 Microsoft Internet Explorer内存破坏漏洞(CVE-2015-2501)(MS15-094) 新增：23550 Microsoft Internet Explorer内存破坏漏洞(CVE-2015-2498)(MS15-094) 新增：23551 Microsoft Internet Explorer内存破坏漏洞(CVE-2015-2500)(MS15-094) 新增：23553 Microsoft Internet Explorer内存破坏漏洞(CVE-2015-2491)(MS15-094) 新增：23554 CMS Bolt File上传漏洞新增：30676 Microsoft Internet Explorer信息泄露漏洞(CVE-2015-2483)(MS15-094) 注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.105.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added: 23544 Endian Firewall Proxy Password Change Command Injection Added: 23547 Microsoft Internet Explorer Memory Corruption Vulnerability(CVE-2015-2486)(MS15-094) Added: 23548 Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability(CVE-2015-2493)(MS15-094 Added: 23549 Microsoft Internet Explorer Memory Corruption Vulnerability(CVE-2015-2501)(MS15-094) Added: 23550 Microsoft Internet Explorer Remote Memory Corruption Vulnerability(CVE-2015-2498)(MS15-094) Added: 23551 Microsoft Internet Explorer Remote Memory Corruption Vulnerability(CVE-2015-2500)(MS15-094) Added: 23553 Microsoft Internet Explorer Momery Corruption Vulnerability CVE-2015-2491)(MS15-094) Added: 23554 CMS Bolt File Upload Vulnerability Added: 30676 Microsoft Internet Explorer Information Disclosure Vulnerability (CVE-2015-2483)(MS15-094)
发布时间：2015-09-17 15:54:34

名称： eoi.unify.rulepatch.5.6.7.522.rule	版本：5.6.7.522
MD5：febacddec1e52fba764eefeafc7ad0c5	大小：10.73M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.105上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.522。该升级包新增/改进的规则有：新增：23543 PCMan FTP Server 2.0.7 GET命令缓冲区溢出漏洞新增：23542 PCMan FTP Server 2.0.7 RENAME命令缓冲区溢出漏洞新增：23541 phpwiki 1.5.4 本地文件包含漏洞注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.105.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added:23543 PCMan FTP Server 2.0.7 GET Command Buffer Overflow Added:23542 PCMan FTP Server 2.0.7 RENAME Command Buffer Overflow Added:23541 phpwiki 1.5.4 Local File Inclusion Vulnerability
发布时间：2015-09-10 16:16:41

名称： eoi.unify.rulepatch.5.6.7.521.rule	版本：5.6.7.521
MD5：b331b14ec728fd9d657165df7ea21d23	大小：11.56M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.105上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.521。该升级包新增/改进的规则有：新增：23537 Netsweeper 4.0.8 - SQL注入绕过认证新增：41225 Trojan.Agent.BLXP木马通信新增：23539 Magento eCommerce远程代码执行注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.105.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added:23537 Netsweeper 4.0.8 - SQL Injection Authentication Bypass Added:41225 Trojan.Agent.BLXP Added:23539 Magento eCommerce Remote Code Execution
发布时间：2015-09-03 13:48:05

名称： eoi.unify.rulepatch.5.6.7.520.rule	版本：5.6.7.520
MD5：0a38b487060bb548af13ff437795917c	大小：11.66M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.105上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.520。该升级包新增/改进的规则有：新增：23533 TRS WCM任意文件上传漏洞新增：41219 Trojan.GenericKD.2650305.Agent.BLWH木马通信新增：23531 Werkzeug Debug Shell 命令执行漏洞新增：23530 Nuts CMS内容管理系统php命令注入漏洞新增：23532 vBulletin < 4.2.2 - Memcache远程代码执行漏洞新增：41218 Upatre木马下载器Trojan.Downloader.Upatre下载行为新增：23529 Symantec Endpoint Protection身份验证绕过漏洞(CVE-2015-1486) 新增：10406 Ability FTP Server 管理面板AUTHCODE命令远程拒绝服务攻击漏洞新增：23524 Microsoft Internet Explorer/Edge远程内存破坏漏洞(CVE-2015-2442)(MS15-079) 新增：23523 SysAid Help Desk 'rdslogs' 任意文件上传漏洞新增：23526 Internet Explorer CTreeNode::GetCascadedLang释放后重利用漏洞(MS15-079) 新增：23525 Microsoft Internet Explorer/Edge远程内存破坏漏洞(CVE-2015-2446)(MS15-079) 新增：23528 WordPress qTranslate插件跨站脚本漏洞新增：23522 TOTOLINK路由器远程命令执行漏洞注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.105.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added:23533 TRS WCM Arbitrary File Upload Vulnerability Added:41219 Trojan.GenericKD.2650305.Agent.BLWH Added:23531 Werkzeug Debug Shell Command Execution Added:23530 Nuts CMS Remote PHP Code Injection Vulnerability Added:23532 vBulletin < 4.2.2 - Memcache Remote Code Execution Added:41218 Trojan.Downloader.Upatre download behavior Added:23529 Symantec Endpoint Protection Manager Authentication Bypass(CVE-2015-1486) Added:10406 Ability FTP Server Admin Panel AUTHCODE Command Remote Dos Vulnerability Added:23524 icrosoft Internet Explorer/Edge Remote Memory Corruption Vulnerability(CVE-2015-2442)(MS15-079) Added:23523 SysAid Help Desk 'rdslogs' Arbitrary File Upload Added:23526 Internet Explorer CTreeNode::GetCascadedLang Use-After-Free Vulnerability(MS15-079) Added:23525 Microsoft Internet Explorer/Edge Remote Memory Corruption Vulnerability(CVE-2015-2446)(MS15-079) Added:23528 WordPress qTranslate Plugin Cross Site Scripting Vulnerability Added:23522 TOTOLINK Routers Remote Command Execution Vulnerability
发布时间：2015-08-27 16:46:45

名称： eoi.unify.rulepatch.5.6.7.519.rule	版本：5.6.7.519
MD5：3a6560b3d76cf6652ecfc2483847b60c	大小：11.62M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.105上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.519。该升级包新增/改进的规则有：新增：23517 PCMan FTP Server 2.0.7 - PUT Command缓冲区溢出漏洞新增：23518 Dell Netvault Backup 10.0.1.24 - 拒绝服务攻击新增：23519 WordPress WPTF Image Gallery 1.03任意文件下载新增：23520 WordPress Simple Image Manipulator Plugin 1.0任意文件下载新增：23521 WordPress Recent Backups Plugin 0.7任意文件下载注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.105.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added:23517 PCMan FTP Server 2.0.7 - PUT Command Buffer Overflow Added:23518 Dell Netvault Backup 10.0.1.24 - Denial of Service Added:23519 WordPress WPTF Image Gallery 1.03 - Aribtrary File Download Added:23520 WordPress Simple Image Manipulator Plugin 1.0 - Arbitrary File Download Added:23521 WordPress Recent Backups Plugin 0.7 - Arbitrary File Download
发布时间：2015-08-20 15:06:03

名称： eoi.unify.rulepatch.5.6.7.518.rule	版本：5.6.7.518
MD5：bcb4ce4baa930dee71b44c9a4a990ea7	大小：11.60M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.105上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.518。该升级包新增/改进的规则有：新增：23500 phpFileManager 0.9.8 - 远程命令执行漏洞新增：23515 WordPress Customize Youtube Videos 0.2 跨站脚本漏洞新增：23511 WordPress 1-Click Retweet/Share/Like 5.2 跨站脚本漏洞新增：23512 WordPress Chief Editor 3.6.1 跨站脚本漏洞新增：23513 WordPress Advertisement Management 1.0 跨站脚本漏洞新增：23514 WordPress Copy Or Move Comments 1.0.0 跨站脚本漏洞新增：23508 WordPress Google Plus One Button By KMS 1.5.0 跨站脚本漏洞新增：23509 WordPress Ads In Bottom Right 1.0 跨站脚本漏洞新增：23510 WordPress Author Manager 1.0 跨站脚本漏洞新增：23507 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2015-2390) 新增：23506 WordPress Flickr Justified Gallery 3.3.6跨站脚本漏洞新增：23503 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2015-2384) 注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.105.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added:23500 phpFileManager 0.9.8 - Remote Command Execution Added:23515 WordPress Customize Youtube Videos 0.2 Cross Site Scripting Added:23511 WordPress 1-Click Retweet/Share/Like 5.2 Cross Site Scripting Added:23512 WordPress Chief Editor 3.6.1 Cross Site Scripting Added:23513 WordPress Advertisement Management 1.0 Cross Site Scripting Added:23514 WordPress Copy Or Move Comments 1.0.0 Cross Site Scripting Added:23508 WordPress Google Plus One Button By KMS 1.5.0 CSRF / XSS Added:23509 WordPress Ads In Bottom Right 1.0 Cross Site Scripting Added:23510 WordPress Author Manager 1.0 Cross Site Scripting Added:23507 Microsoft Internet Explorer Remote Memory Corruption Vulnerability(CVE-2015-2390) Added:23506 WordPress Flickr Justified Gallery 3.3.6 Cross Site Scripting Added:23503 Microsoft Internet Explorer Remote Memory Corruption Vulnerability(CVE-2015-2384)
发布时间：2015-08-13 15:10:41

名称： eoi.unify.rulepatch.5.6.7.517.rule	版本：5.6.7.517
MD5：187bdc2a3e99a69aa9f25a977fc6446d	大小：11.59M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.105上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.517。该升级包新增/改进的规则有：新增：10405 ISC BIND named拒绝服务漏洞(CVE-2015-5477) 注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.105.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added:10405 ISC BIND named Denial of Service Vulnerability(CVE-2015-5477)
发布时间：2015-08-06 11:20:30

名称： eoi.unify.rulepatch.5.6.7.515.rule	版本：5.6.7.515
MD5：55ad828e76972811096ce1318f93ec83	大小：11.58M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.105上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.515。该升级包新增/改进的规则有：新增：23492 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2015-1767) 新增：23493 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2015-2401) 新增：23494 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2015-2406) 新增：23495 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2015-2383)(MS15-065) 新增：23496 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2015-2389)(MS15-065) 新增：23497 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2015-2404)(MS15-065) 新增：23498 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2015-2408)(MS15-065) 新增：23499 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2015-2422)(MS15-065) 新增：41216 P.O.exe账户大盗木马连接服务器注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.105.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added:23492 Microsoft Internet Explorer Remote Memory Corruption Vulnerability(CVE-2015-1767) Added:23493 Microsoft Internet Explorer Remote Memory Corruption Vulnerability(CVE-2015-2401) Added:23494 Microsoft Internet Explorer Remote Memory Corruption Vulnerability(CVE-2015-2406) Added:23495 Microsoft Internet Explorer Remote Memory Corruption Vulnerability(CVE-2015-2383)(MS15-065) Added:23496 Microsoft Internet Explorer Remote Memory Corruption Vulnerability(CVE-2015-2389)(MS15-065) Added:23497 Microsoft Internet Explorer Remote Memory Corruption Vulnerability(CVE-2015-2404)(MS15-065) Added:23498 Microsoft Internet Explorer Remote Memory Corruption Vulnerability(CVE-2015-2408)(MS15-065) Added:23499 Microsoft Internet Explorer Remote Memory Corruption Vulnerability(CVE-2015-2422)(MS15-065) Added:41216 P.O.exe steal account Trojan server connection
发布时间：2015-07-30 17:36:54

名称： eoi.unify.rulepatch.5.6.7.514.rule	版本：5.6.7.514
MD5：b4bd755eece46f537fa68cc5a141360e	大小：11.57M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.105上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.514。该升级包新增/改进的规则有：新增：23490 Western Digital Arkeia远程代码执行漏洞新增：41213 StartDownload.exe木马下载器连接服务器wiseinstaller信息收集新增：41214 StartDownload.exe木马下载器连接服务器amazonaws下载恶意文件新增：41215 StartDownload.exe木马下载器连接服务器mediaconfig状态监控注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.105.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added:23490 Western Digital Arkeia Remote Code Execution Added:41213 StartDownload.exe Trojan downloader wiseinstaller server connection information collection Added:41214 StartDownload.exe Trojan downloader amazonaws server connection download malicious files Added:41215 StartDownload.exe Trojan downloader mediaconfig server connection status monitoring
发布时间：2015-07-23 14:58:03

名称： eoi.unify.rulepatch.5.6.7.513.rule	版本：5.6.7.513
MD5：5fa2d846315dd23ea965fcde24cd7e24	大小：11.55M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.105上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.513。该升级包新增/改进的规则有：新增：23488 AirLive IP监控相机命令注入漏洞注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.105.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added:23488 AirLive IP Surveillance Cameras Command Injection Vulnerability
发布时间：2015-07-16 16:12:39

名称： eoi.unify.rulepatch.5.6.7.512.rule	版本：5.6.7.512
MD5：66a9034d12421e695658bc7598291e84	大小：11.54M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.105上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.512。该升级包新增/改进的规则有：新增: 23489 Adobe Flash可疑0Day漏洞利用注意事项： 1．新增规则23489是针对Adobe Flash 0Day漏洞的缓解措施，默认不启用，用户可根据实际情况手动启用； 2．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.105.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added: 23489 Adobe Flash Suspicious 0Day Vulnerability Exploition
发布时间：2015-07-10 12:58:08

名称： eoi.unify.rulepatch.5.6.7.511.rule	版本：5.6.7.511
MD5：eb08ac9fbbcaca814b52746b022ce811	大小：11.54M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.105上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.511。该升级包新增/改进的规则有：新增: 23487 WordPress Plugin DZS Video Gallery 3.1.3 - 远程和本地文件泄露漏洞注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.105.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added: 23487 WordPress Plugin DZS Video Gallery 3.1.3 - Remote and Local File Disclosure Vulnerability
发布时间：2015-07-09 14:43:44

名称： eoi.unify.rulepatch.5.6.7.509.rule	版本：5.6.7.509
MD5：98c7138345d4e980672008155ca4b966	大小：11.56M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.105上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.509。该升级包新增/改进的规则有：新增: 23485 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2015-1741)(MS15-056) 新增: 23486 WordPress Persuasion Theme 2.x - 任意文件下载和文件删除注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.105.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added: 23485 Microsoft Internet Explorer Remote Memory Corruption Vulnerability(CVE-2015-1741)(MS15-056) Added: 23486 WordPress Persuasion Theme 2.x - Arbitrary File Download and File Deletion
发布时间：2015-07-02 17:45:45

名称： eoi.unify.rulepatch.5.6.7.508.rule	版本：5.6.7.508
MD5：9599a56876cbd8746bb04f2d37bcb8ae	大小：11.57M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.105上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.508。该升级包新增/改进的规则有：新增: 41210 DDoS木马后门Linux.Mayday.f变种程序连接服务器新增: 23483 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2015-1752)(MS15-056) 新增: 23482 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2015-1735)(MS15-056) 新增: 23481 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2015-1742)(MS15-056) 新增: 23480 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2015-1736)(MS15-056) 新增: 23479 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2015-1687)(MS15-056) 新增: 23478 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2015-1750)(MS15-056) 新增: 23477 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2015-1740)(MS15-056) 新增: 23476 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2015-1732)(MS15-056) 新增: 23475 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2015-1745)(MS15-056) 新增: 23474 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2015-1744)(MS15-056) 新增: 23472 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2015-1731)(MS15-056) 注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.105.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added: 41210 DDoS Trojan Linux.Mayday.f Variant Program Connecting Server Added: 23483 Microsoft Internet Explorer Remote Memory Corruption Vulnerability(CVE-2015-1752)(MS15-056) Added: 23482 Microsoft Internet Explorer Remote Memory Corruption Vulnerability(CVE-2015-1735)(MS15-056) Added: 23481 Microsoft Internet Explorer CVE-2015-1742 Remote Memory Corruption Vulnerability Added: 23480 Microsoft Internet Explorer CVE-2015-1736 Remote Memory Corruption Vulnerability Added: 23479 Microsoft Internet Explorer CVE-2015-1687 Remote Memory Corruption Vulnerability Added: 23478 Microsoft Internet Explorer Remote Memory Corruption Vulnerability(CVE-2015-1750)(MS15-056) Added: 23477 Microsoft Internet Explorer Remote Memory Corruption Vulnerability Added: 23476 Microsoft Internet Explorer Remote Memory Corruption Vulnerability(CVE-2015-1732)(MS15-056) Added: 23475 Microsoft Internet Explorer Memory Corruption Vulnerability(CVE-2015-1745)(MS15-056) Added: 23474 Microsoft Internet Explorer Memory Corruption Vulnerability(CVE-2015-1744)(MS15-056) Added: 23472 Microsoft Internet Explorer Memory Corruption Vulnerability(CVE-2015-1731)(MS15-056)
发布时间：2015-06-25 15:47:46

名称： eoi.unify.rulepatch.5.6.7.507.rule	版本：5.6.7.507
MD5：a630003263fe60de2bfcb63a1e05493c	大小：11.56M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.105上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.507。该升级包新增/改进的规则有：修改: 41209 海莲花(OceanLotus)特种木马连接服务器注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.105.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Modified: 41209 Special Trojan OceanLotus Connecting Server
发布时间：2015-06-18 16:01:56

名称： eoi.unify.rulepatch.5.6.7.506.rule	版本：5.6.7.506
MD5：30077ab3bedc38cf610c80a80ebe4d05	大小：11.55M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.104上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.506。该升级包新增/改进的规则有：新增: 41209 海莲花(OceanLotus)特种木马连接服务器注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.104.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added: 41209 Special Trojan OceanLotus Connecting Server
发布时间：2015-06-12 10:51:45

名称： eoi.unify.rulepatch.5.6.7.505.rule	版本：5.6.7.505
MD5：354eeace6d74a9a841e07c602bfc5828	大小：11.56M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.104上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.505。该升级包新增/改进的规则有：修改: 21462 SMB服务远程代码执行攻击漏洞注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.104.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Modified: 21462 SMB Service Remote Code Execution Vulnerability
发布时间：2015-06-11 15:02:01

名称： eoi.unify.rulepatch.5.6.7.504.rule	版本：5.6.7.504
MD5：fd9296d57a3e0dfcca695fa44c647dc0	大小：12.49M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.104上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.504。该升级包新增/改进的规则有：修改：29002 Web服务远程跨站脚本执行攻击注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.104.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Modified：29002 Web Service Remote Cross-Site Scripting
发布时间：2015-06-06 08:53:43

名称： eoi.unify.rulepatch.5.6.7.503.rule	版本：5.6.7.503
MD5：2f46defdfed25c3c8e3ec923e0e0eaaf	大小：11.56M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.104上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.503。该升级包新增/改进的规则有：新增： 23447 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2015-1658)(MS15-043) 新增： 23449 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2015-1689)(MS15-043) 新增： 23450 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2015-1708)(MS15-043) 新增： 23451 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2015-1710)(MS15-043) 注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.104.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added: 23447 Microsoft Internet Explorer Memory Corruption Vulnerability(CVE-2015-1658)(MS15-043) Added: 23449 Microsoft Internet Explorer Memory Corruption Vulnerability(CVE-2015-1689)(MS15-043) Added: 23450 Microsoft Internet Explorer Memory Corruption Vulnerability(CVE-2015-1708)(MS15-043) Added: 23451 Microsoft Internet Explorer Memory Corruption Vulnerability(CVE-2015-1712)(MS15-043)
发布时间：2015-05-28 14:54:46

名称： eoi.unify.rulepatch.5.6.7.502.rule	版本：5.6.7.502
MD5：f9d01ee7f78b48d3446854268b14e23a	大小：11.52M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.103上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.502。该升级包新增/改进的规则有：新增： 23445 Microsoft Internet Explorer ASLR安全限制绕过漏洞(CVE-2015-1685)(MS15-043) 新增： 23446 Microsoft Internet Explorer内存破坏漏洞(CVE-2015-1709)(MS15-043) 新增： 23448 Microsoft Internet Explorer内存破坏漏洞(CVE-2015-1711)(MS15-043) 修改： 10398 PHP multipart/form-data 远程DOS漏洞注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.103.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added: 23443 Xeams /FrontController CSRF Vulnerability Added: 23445 Microsoft Internet Explorer ASLR Security Bypass Vulnerability(CVE-2015-1685)(MS15-043) Added: 23446 Microsoft Internet Explorer Memory Corruption Vulnerability(CVE-2015-1709)(MS15-043) Added: 23448 Microsoft Internet Explorer Memory Corruption Vulnerability(CVE-2015-1711)(MS15-043) Modiffied: 10398 PHP multipart / form-data remote DOS Vulnerability
发布时间：2015-05-21 16:36:00

名称： eoi.unify.rulepatch.5.6.7.501.rule	版本：5.6.7.501
MD5：3f59d913491d160322de3e2809faa3d8	大小：12.49M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.103上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.501。该升级包新增/改进的规则有：新增： 23453 Microsoft Internet Explorer 远程内存破坏漏洞(CVE-2015-1705) 新增： 23454 Microsoft Internet Explorer 远程内存破坏漏洞(CVE-2015-1718) 新增： 23444 SixApart MovableType Storable Perl 代码执行漏洞新增： 23442 D-Link DSL-500B Gen 2 - (URL Filter Configuration Panel) 存储型XSS漏洞新增： 23441 D-Link DSL-500B Gen 2 - (Parental Control Configuration Panel) 存储型XSS漏洞新增： 23440 WordPress RevSlider文件上传和执行漏洞新增： 23439 elFinder 2 远程命令执行(Via File Creation) 漏洞新增： 10398 PHP multipart/form-data 远程DOS漏洞注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.103.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added: 23453 Microsoft Internet Explorer Remote Memory Corruption Vulnerability( CVE-2015-1705) Added: 23454 Microsoft Internet Explorer Remote Memory Corruption Vulnerability(CVE-2015-1718) Added: 23444 SixApart MovableType Storable Perl Code Execution Added: 23442 D-Link DSL-500B Gen 2 - (URL Filter Configuration Panel) Stored XSS Added: 23441 D-Link DSL-500B Gen 2 - (Parental Control Configuration Panel) Stored XSS Added: 23440 WordPress RevSlider File Upload and Execute Vulnerability Added: 23439 elFinder 2 Remote Command Execution (Via File Creation) Vulnerability Added: 10398 PHP multipart / form-data remote DOS Vulnerability
发布时间：2015-05-17 12:21:55

名称： eoi.unify.rulepatch.5.6.7.500.rule	版本：5.6.7.500
MD5：85b670078ae051b9083348cce2ffc463	大小：12.47M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.103上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.500。该升级包新增/改进的规则有：新增： 23436 Synology DiskStation Manager FileBrowser 组件目录遍历漏洞新增： 23437 WordPress MiwoFTP Plugin <= 1.0.5 任意文件下载漏洞新增： 23438 WordPress默认主题DOM XSS（跨站脚本）漏洞注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.103.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added: 23436 Synology DiskStation Manager FileBrowser Component Multiple Directory Traversal Vulnerabilities Added: 23437 WordPress MiwoFTP Plugin <= 1.0.5 Arbitrary File Download Added: 23438 Jetpack and Twenty Fifteen Vulnerable to DOM-Based XSS
发布时间：2015-05-14 15:03:52

名称： eoi.unify.rulepatch.5.6.7.499.rule	版本：5.6.7.499
MD5：b47bce5fc3a34f7e973b1e9c76c0bcb6	大小：11.48M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.103上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.499。该升级包新增/改进的规则有：新增： 23427 Legend Perl IRC Bot远程代码执行漏洞新增： 23426 Allegro RomPager HTTP Cookie处理安全限制绕过漏洞(CVE-2014-9222) 新增： 23425 WebUI 1.5b6远程代码执行漏洞新增： 23424 Ubiquiti airCam RTSP服务远程缓冲区溢出漏洞新增： 23423 Open-Letters Remote PHP代码注入漏洞新增： 23422 Wolf CMS 0.8.2 任意文件上传漏洞新增： 23421 WordPress Creative Contact Form上传漏洞新增： 23420 WordPress Work The Flow上传漏洞新增： 30672 Sixnet Sixview Web控制台目录遍历漏洞注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.103.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added: 23427 Legend Perl IRC Bot Remote Code Execution Vulnerability Added: 23426 Allegro Software RomPager 'Fortune Cookie' Unspecified HTTP Authentication Bypass (CVE-2014-9222) Added: 23425 WebUI 1.5b6 - Remote Code Execution Vulnerability Added: 23424 Ubiquiti airCam RTSP Service Buffer Overflow Vulnerability Added: 23423 Open-Letters Remote PHP Code Injection Vulnerability Added: 23422 Wolf CMS 0.8.2 Arbitrary File Upload Exploit Added: 23421 WordPress Creative Contact Form Upload Vulnerability Added: 23420 WordPress Work The Flow Upload Vulnerability Added: 30672 Sixnet Sixview Web Server Directory Traversal Vulnerability
发布时间：2015-05-07 16:42:47

名称： eoi.unify.rulepatch.5.6.7.498.rule	版本：5.6.7.498
MD5：e01a5901f18253254d61dc1b6aa803ce	大小：12.44M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.103上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.498。该升级包新增/改进的规则有：新增： 23411 Microsoft Internet Explorer内存破坏漏洞(CVE-2015-1660)(MS15-032) 新增： 23412 D-Link/TRENDnet路由器远程命令执行漏洞新增： 23413 WordPress Slideshow Gallery 1.4.6 Shell 上传漏洞 (CVE-2014-5460) 新增： 23414 Microsoft Internet Explorer内存破坏漏洞(CVE-2015-1665)(MS15-032) 新增： 23415 Microsoft Internet Explorer内存破坏漏洞(CVE-2015-1667)(MS15-032) 新增： 23416 WordPress N-Media Website Contact Form with File Upload 1.3.4 Shell上传漏洞新增： 23417 ProFTPd 1.3.5远程命令执行新增： 23418 WordPress Reflex Gallery 上传漏洞新增： 23419 CUPS kerberos参数跨站脚本漏洞注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.103.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added: 23411 Microsoft Internet Explorer CVE-2015-1660 Remote Memory Corruption Vulnerability Added: 23412 D-Link/TRENDnet NCC Service Command Injection Added: 23413 WordPress Slideshow Gallery 1.4.6 Shell Upload Vulnerability (CVE-2014-5460) Added: 23414 Microsoft Internet Explorer CVE-2015-1665 Remote Memory Corruption Vulnerability Added: 23415 Microsoft Internet Explorer CVE-2015-1667 Remote Memory Corruption Vulnerability Added: 23416 WordPress N-Media Website Contact Form with File Upload 1.3.4 Shell Upload Vulnerability Added: 23417 ProFTPd 1.3.5 Remote Command Execution Added: 23418 WordPress Reflex Gallery Upload Vulnerability Added: 23419 CUPS kerberos Parameter XSS Attack Vulnerability
发布时间：2015-04-30 14:40:44

名称： eoi.unify.rulepatch.5.6.7.497.rule	版本：5.6.7.497
MD5：215fffe34258024798a30d1303e2f2e5	大小：12.42M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.103上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.497。该升级包新增/改进的规则有：新增： 23410 Microsoft Internet Explorer内存破坏漏洞(CVE-2015-1657)(MS15-032) 新增： 23409 Microsoft Internet Explorer内存破坏漏洞(CVE-2015-1652)(MS15-032) 新增： 23404 JBoss AS versions 3, 4, 5, 6 远程命令执行新增： 23403 SolarWinds Firewall Security Manager 远程代码执行漏洞注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.103.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added: 23410 Microsoft Internet Explorer CVE-2015-1657 Remote Memory Corruption Vulnerability Added: 23409 Microsoft Internet Explorer CVE-2015-1652 Remote Memory Corruption Vulnerability Added: 23404 JBoss AS versions 3, 4, 5, 6 - Remote Command Execution Added: 23403 SolarWinds Firewall Security Manager Remote Code Execution Vulnerability
发布时间：2015-04-23 16:36:16

名称： eoi.unify.rulepatch.5.6.7.496.rule	版本：5.6.7.496
MD5：45511ab5a1b9f746f2a91e3dbac53e2a	大小：12.39M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.103上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.496。该升级包新增/改进的规则有：新增: 41207 Ericsson Drutt Mobile Service Delivery Platform 开放重定向漏洞新增: 23401 ZENworks Configuration Management 远程命令执行和目录遍历漏洞新增: 23397 JBoss Seam参数化EL表达式远程代码执行和任意文件上传漏洞新增: 23398 Airties Air5650v3TT路由器栈缓冲区远程溢出漏洞修改: 41074 TP-Link路由器固件未授权下载口令泄露漏洞新增: 23396 TFTP Server Read Request远程缓冲区溢出漏洞新增: 23408 Microsoft Windows HTTP.sys远程代码执行漏洞(CVE-2015-1635)(MS15-034) 注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.103.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added: 41207 Ericsson Drutt MSDP (3PI Manager) Open Redirect Added: 23401 ZENworks Configuration Management Remote Code Execution/Directory Traversal Added: 23397 JBoss Seam Expression Language Remote Code Execution and Arbitrary File Upload Added: 23398 Airties Air5650v3TT Remote Stack Overflow Modiffied: 41074 TP-Link Router Firmware Unauthorized Download Password Discloure Added: 23396 TFTP Server Read Request Remote Buffer Overflow Vulnerability Added: 23408 Microsoft Windows HTTP.sys Remote Code Execution Vulnerability(CVE-2015-1635)(MS15-034)
发布时间：2015-04-16 11:04:59

名称： eoi.unify.rulepatch.5.6.7.494.rule	版本：5.6.7.494
MD5：64970909ce322418def9af88c98fe6bd	大小：12.37M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.103上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.494。该升级包新增/改进的规则有：新增: 30669 WordPress Slider Revolution Responsive插件任意文件下载漏洞新增: 23390 WebGate Control Center 4.8.7 GetThumbnail栈溢出漏洞新增: 30670 Wordpress aspose-doc-exporter插件任意文件下载漏洞新增: 23389 WebGate eDVR Manager 2.6.4 SiteName栈溢出漏洞新增: 23387 fSense 2.2 多个XSS漏洞新增: 23391 WebGate WinRDS 2.0.8 StopSiteAllChannel栈溢出漏洞注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine 5.6.7.103.This is a total upgrade package. After upgrade package is imported,engine will restart automatically. List of added or modified signatures: Added: 30669 WordPress Slider Revolution Responsive Plugin Arbitrary File Download Vulnerability Added: 23390 WebGate Control Center 4.8.7 GetThumbnail Stack Overflow Added: 30670 Wordpress aspose-doc-exporter Plugin Arbitrary File Download Vulnerability Added: 23389 WebGate eDVR Manager 2.6.4 SiteName Stack Overflow Added: 23387 fSense 2.2 multiple XSS vulnerabilities Added: 23391 WebGate WinRDS 2.0.8 StopSiteAllChannel Stack Overflow
发布时间：2015-04-09 17:15:32

名称： eoi.unify.rulepatch.5.6.7.493.rule	版本：5.6.7.493
MD5：9a74710c0ef8f59764fb2123e96716c7	大小：11.39M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.101上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.493。该升级包新增/改进的规则有：新增: 23385 WP Marketplace 远程命令执行漏洞新增: 23386 WebGate eDVR Manager WESPMonitor.WESPMonitorCtrl.1 LoadImageEx Stack 缓冲区溢出远程代码执行漏洞新增: 23384 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2015-0052)(MS15-009) 新增: 30668 EMC Watch4Net和ViPR SRM 目录遍历漏洞新增: 23382 Microsoft Internet Explorer ASLR安全限制绕过漏洞(CVE-2015-0069)(MS15-009) 新增: 23380 ManageEngine DeviceExpert跨站请求伪造漏洞新增: 23381 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2015-0053)(MS15-009) 新增: 23379 Microsoft Internet Explorer ASLR安全限制绕过漏洞(CVE-2015-0051)(MS15-009) 注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.101.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added: 23385 WP Marketplace Remote Code Execution Added: 23386 WebGate eDVR Manager WESPMonitor.WESPMonitorCtrl.1 LoadImageEx Stack Buffer Overflow Remote Code Execution Vulnerability Added: 23384 Microsoft Internet Explorer CVE-2015-0052 Remote Memory Corruption Vulnerability Added: 30668 EMC Watch4Net and ViPR SRM Directory Traversal Vulnerability Added: 23382 Microsoft Internet Explorer CVE-2015-0069 ASLR Security Bypass Vulnerability Added: 23380 ManageEngine DeviceExpert CSRF Vulnerability Added: 23381 Microsoft Internet Explorer CVE-2015-0053 Remote Memory Corruption Vulnerability Added: 23379 Microsoft Internet Explorer CVE-2015-0051 ASLR Security Bypass Vulnerability
发布时间：2015-04-02 15:13:19

名称： eoi.unify.rulepatch.5.6.7.492.rule	版本：5.6.7.492
MD5：1efb9c7562f90111ccea6c2c67d43578	大小：11.38M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.101上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.492。该升级包新增/改进的规则有：新增: 23377 TWiki Debugenableplugins 远程代码执行新增: 23375 Microsoft Internet Explorer CVE-2015-1634 远程代码执行内存破坏漏洞新增: 23376 Microsoft Exchange Server CVE-2015-1632 跨站脚本漏洞注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.101.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added: 23377 TWiki Debugenableplugins Remote Code Execution Added: 23375 Microsoft Internet Explorer CVE-2015-1634 Remote Memory Corruption Vulnerability Added: 23376 Microsoft Exchange Server CVE-2015-1632 Cross Site Scripting Vulnerability
发布时间：2015-03-26 15:56:27

名称： eoi.unify.rulepatch.5.6.7.491.rule	版本：5.6.7.491
MD5：111311ccd46f4516e59dba028d07706b	大小：11.28M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.101上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.491。该升级包新增/改进的规则有：新增: 23370 Microsoft Internet Explorer CVE-2015-1623(MS15-018) 释放后重利用远程代码执行内存破坏漏洞新增: 23371 Microsoft Internet Explorer CVE-2015-1625(MS15-018) 越界数组访问远程代码执行内存破坏漏洞新增: 23372 Microsoft Exchange Server XSS CVE-2015-1628(MS15-018)漏洞新增: 23373 Microsoft Internet Explorer CVE-2015-1622 远程代码执行内存破坏漏洞新增: 23374 Microsoft Internet Explorer CVE-2015-0100 Use After Free 远程代码执行漏洞新增: 23365 Microsoft Internet Explorer CVE-2015-0032 远程代码执行内存破坏漏洞新增: 23369 Microsoft Internet Explorer CVE-2015-0099 远程代码执行内存破坏漏洞修改: 23345 Easy File Sharing Web Server 6.8 - 堆栈溢出漏洞注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.101.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added: 23370 Microsoft Internet Explorer CVE-2015-1623(MS15-018) Use After Free Remote Code Execution Vulnerability Added: 23371 Microsoft Internet Explorer CVE-2015-1625(MS15-018) out-of-bounds array access Remote Code Execution Vulnerability Added: 23372 Microsoft Exchange Server XSS CVE-2015-1628(MS15-018)Vulnerability Added: 23373 Microsoft Internet Explorer CVE-2015-1622 Remote Memory Corruption Vulnerability Added: 23374 Microsoft Internet Explorer CVE-2015-0100 Use After Free Remote Code Execution Vulnerability Added: 23365 Microsoft Internet Explorer CVE-2015-0032 Remote Memory Corruption Vulnerability Added: 23369 Microsoft Internet Explorer CVE-2015-0099 Remote Memory Corruption Vulnerability Modified: 23345 Easy File Sharing Web Server 6.8 - Stack Buffer Overflow Vulnerability
发布时间：2015-03-19 14:53:42

名称： eoi.unify.rulepatch.5.6.7.490.rule	版本：5.6.7.490
MD5：d740e8ab445c5bf96cfd01b303682959	大小：11.18M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.101上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.490。该升级包新增/改进的规则有：修改: 23331 Microsoft Internet Explorer CVE-2015-0019 远程代码执行内存破坏漏洞修改: 23332 HP 客户端自动化命令注入修改: 50520 Novalite远程控制木马修改: 40958 木马后门程序Chopper Webshell检测注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.101.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . Modified: 23331 Microsoft Internet Explorer CVE-2015-0019 Remote Memory Corruption Vulnerability Modified: 23332 HP Client Automation Command Injection Modified: 50520 Backdoor/Trojan Novalite Remote Control Modified: 40958 Backdoor/Trojan Chopper Webshell Detection
发布时间：2015-03-12 17:31:32

名称： eoi.unify.rulepatch.5.6.7.489.rule	版本：5.6.7.489
MD5：694da0ffcef9fc8278abb33b5754ff7a	大小：11.16M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.101上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.489。该升级包新增/改进的规则有：新增: 10389 Net-SNMP GETBULK远程拒绝服务漏洞新增: 23323 HP Data Protector 8.x远程代码执行新增: 23324 ManageEngine NetFlow Analyzer 任意文件下载新增: 23325 Microsoft Internet Explorer CVE-2015-0017 远程代码执行内存破坏漏洞新增: 23327 Microsoft Internet Explorer CVE-2015-0018 远程代码执行内存破坏漏洞新增: 23330 Microsoft Internet Explorer CVE-2014-8967 释放后重利用远程代码执行漏洞新增: 23331 Microsoft Internet Explorer CVE-2015-0019 远程代码执行内存破坏漏洞新增: 23332 HP 客户端自动化命令注入新增: 50520 Novalite远程控制木马修改: 40958 木马后门程序Chopper Webshell检测注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.101.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added: 10389 Net-SNMP GETBULK Remote Denial of Service Vulnerability Added: 23323 HP Data Protector 8.x - Remote Command Execution Added: 23324 ManageEngine NetFlow Analyzer Arbitrary File Download Added: 23325 Microsoft Internet Explorer CVE-2015-0017 Remote Memory Corruption Vulnerability Added: 23327 Microsoft Internet Explorer CVE-2015-0018 Remote Memory Corruption Vulnerability Added: 23330 Microsoft Internet Explorer CVE-2014-8967 Use After Free Remote Code Execution Vulnerability Added: 23331 Microsoft Internet Explorer CVE-2015-0019 Remote Memory Corruption Vulnerability Added: 23332 HP Client Automation Command Injection Added: 50520 Backdoor/Trojan Novalite Remote Control Modified: 40958 Backdoor/Trojan Chopper Webshell Detection
发布时间：2015-03-05 14:02:27

名称： eoi.unify.rulepatch.5.6.7.488.rule	版本：5.6.7.488
MD5：6a41d9aa895f5b11c1bf88b51856d40a	大小：11.10M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.101上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.488。该升级包新增/改进的规则有：修改: 30571 JWPlayer远程跨站脚本执行漏洞修改: 21281 Microsoft SharePoint跨站脚本执行漏洞(MS11-074)(CVE-2011-1893) 注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.101.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Modified: 30571 JWPlayer Remote Cross-Site Scripting Vulnerability Modified: 21281 Microsoft SharePoint Cross Site Scripting Vulnerability(MS11-074)(CVE-2011-1893)
发布时间：2015-02-26 16:46:41

名称： eoi.unify.rulepatch.5.6.7.487.rule	版本：5.6.7.487
MD5：e0ae09494cf95c4f2cc0ccf51b562128	大小：11.10M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.101上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.487。该升级包新增/改进的规则有：修改: 22501 Webmin /file/show.cgi远程命令执行漏洞修改: 21750 HP OpenView Network Node Manager OpenView5.exe CGI缓冲区溢出漏洞注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.101.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Modified: 22501 Webmin / file / show.cgi Remote Command Execution Vulnerability Modified: 21750 HP OpenView Network Node Manager OpenView5.exe CGI Buffer Overflow Vulnerability
发布时间：2015-02-19 12:13:06

名称： eoi.unify.rulepatch.5.6.7.486.rule	版本：5.6.7.486
MD5：cc79992c8cf3a20ffedcb7f6d5a95109	大小：11.09M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.101上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.486。该升级包新增/改进的规则有：新增: 23320 Fritz!Box Webcm 未认证命令注入漏洞新增: 23316 Novell ZENworks Configuration Management UploadServlet远程代码执行新增: 23318 Pandora FMS 远程代码执行漏洞注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.101.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added: 23320 Fritz!Box Webcm Unauthenticated Command Injection Added: 23316 Novell ZENworks Configuration Management UploadServlet Remote Code Execution Added: 23318 Pandora FMS Remote Code Execution
发布时间：2015-02-12 16:51:41

名称： eoi.unify.rulepatch.5.6.7.485.rule	版本：5.6.7.485
MD5：c2a934bdbbd98d690712dec7331920b6	大小：10.42M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.98上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.485。该升级包新增/改进的规则有：新增: 23312 AT-TFTP Server超长文件名远程缓冲区溢出漏洞新增: 23314 Sambar 6 搜索结果缓冲区溢出修改: 20708 SIPfoundry sipXtapi畸形CSeq字段处理远程缓冲区溢出攻击修改: 21711 Roxio CinePlayer ActiveX Control缓冲区溢出漏洞注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.98.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added: 23312 Allied Telesyn TFTP Server Long Filename Overflow Added: 23314 Sambar 6 Search Results Buffer Overflow Modified: 20708 SIPfoundry sipXtapi Malformed CSeq Field Handling Remote Buffer Overflow Modified: 21711 Roxio CinePlayer ActiveX Control Buffer Overflow Vulnerability
发布时间：2015-02-05 15:29:24

名称： eoi.unify.rulepatch.5.6.7.484.rule	版本：5.6.7.484
MD5：5edd5c771089d2773eaa7b731b8f761b	大小：10.41M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.93上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.484。该升级包新增/改进的规则有：新增: 20935 MySQL yaSSL SSL Hello报文缓冲区溢出漏洞新增: 21593 网络蠕虫Nimda TFTP请求Admin.dll 新增: 23303 ProjectSend 任意文件上传漏洞新增: 23304 Pandora v3.1 - 验证绕过和任意文件上传漏洞新增: 23305 WP Symposium <= 14.11 - 未认证 Shell 上传新增: 23306 Lexmark MarkVision Enterprise 任意文件上传漏洞新增: 23307 ASUS路由器固件ASUSWRT LAN后门命令执行漏洞新增: 23308 ManageEngine的多个产品通过身份验证的文件上传新增: 41194 CTB-Locker比特币敲诈者病毒恶意文件下载新增: 23315 GNU glibc gethostbyname缓冲区溢出漏洞注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.93.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added: 20935 MySQL yaSSL SSL Hello Message Buffer Overflow Added: 21593 Nimda Worm TFTP Request Admin.dll Added: 23303 ProjectSend Arbitrary File Upload Added: 23304 Pandora v3.1 - Auth Bypass and Arbitrary File Upload Vulnerability Added: 23305 WP Symposium <= 14.11 - Unauthenticated Shell Upload Added: 23306 Lexmark MarkVision Enterprise Arbitrary File Upload Added: 23307 ASUSWRT LAN Backdoor Command Execution Added: 23308 ManageEngine Multiple Products Authenticated File Upload Added: 41194 CTB-Locker Bitcoin Backmail Virus Malicious File Downloading Added: 23315 GNU glibc gethostbyname Buffer Overflow Vulnerability
发布时间：2015-01-28 21:08:13

名称： eoi.unify.rulepatch.5.6.7.482.rule	版本：5.6.7.482
MD5：800f8a3446392868a4bb385b23c2bdcd	大小：10.37M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.93上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.482。该升级包新增/改进的规则有：新增: 21961 Symantec System Center Alert Management System (xfr.exe) Arbitrary Command Execution 新增: 23301 Numara / BMC Track-It! FileStorageService 任意文件上传漏洞新增: 23298 FreePBX 跨站脚本执行和命令注入漏洞新增: 23300 Sun Java Web Start 双引号注入新增: 22851 OpenX 'flowplayer-3.1.1.min.js'后门漏洞新增: 23296 Orbit Downloader Connecting日志消息栈溢出漏洞新增: 23295 Support Incident Tracker (SiT!)输入验证漏洞注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级； NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.93.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added: 21961 Symantec System Center Alert Management System (xfr.exe) Arbitrary Command Execution Added: 23301 Numara / BMC Track-It! FileStorageService Arbitrary File Upload Added: 23298 FreePBX 2.10.0 / 2.9.0 callmenum Remote Code Execution Added: 23300 Java Web Start Double Quote Injection Remote Code Execution Added: 22851 OpenX Backdoor PHP Code Execution Added: 23296 Orbit Downloader Connecting Log Creation Buffer Overflow Added: 23295 Support Incident Tracker Arbitrary File Upload Vulnerability
发布时间：2015-01-22 14:29:46

名称： eoi.unify.rulepatch.5.6.7.481.rule	版本：5.6.7.481
MD5：98266361da4e0c64a363e86e026ce5b3	大小：10.36M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.93上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.481。该升级包新增/改进的规则有：新增: 22851 OpenX 'flowplayer-3.1.1.min.js'后门漏洞新增: 23295 Support Incident Tracker (SiT!)输入验证漏洞新增: 23296 Orbit Downloader Connecting日志消息栈溢出漏洞新增: 23298 FreePBX 跨站脚本执行和命令注入漏洞注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级。 NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.93.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added: 22851 OpenX Backdoor PHP Code Execution Added: 23295 Support Incident Tracker Arbitrary File Upload Vulnerability Added: 23296 Orbit Downloader Connecting Log Creation Buffer Overflow Added: 23298 FreePBX 2.10.0 / 2.9.0 callmenum Remote Code Execution
发布时间：2015-01-15 17:07:56

名称： eoi.unify.rulepatch.5.6.7.480.rule	版本：5.6.7.480
MD5：a88194b7a5a2efb640906532818b6db2	大小：10.34M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.93上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.480。该升级包新增/改进的规则有：新增: 23287 Java MixerSequencer对象GM_Song结构处理漏洞新增: 23289 LifeSize Room远程命令注入漏洞新增: 23290 Evological EvoCam HTTP GET请求远程溢出漏洞新增: 10388 Apache Tomcat哈希碰撞拒绝服务漏洞修改: 22802 Apache Tomcat mod_jk二进制代码执行攻击注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级。 NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.93.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added: 23287 Java MixerSequencer Object GM_Song Structure Handling Vulnerability Added: 23289 LifeSize Room Command Injection Added: 23290 MacOS X EvoCam HTTP GET Buffer Overflow Added: 10388 Apache Tomcat Hash Collision Denial of Service Vulnerability Modified: 22802 Apache Tomcat mod_jk Arbitrary Code Execution
发布时间：2015-01-08 14:53:55

名称： eoi.unify.rulepatch.5.6.7.479.rule	版本：5.6.7.479
MD5：347501349dad9cc0101e0b159bf35898	大小：10.26M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.93上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.479。该升级包新增/改进的规则有：新增: 23284 openSIS "modname" PHP 代码注入漏洞新增: 23286 HP SiteScope多个远程代码执行漏洞新增: 23283 vtiger CRM 'validateSession()' 身份验证绕过漏洞新增: 23282 GitLab 'SSH key upload'功能远程代码执行漏洞新增: 23280 RealNetworks RealPlayer QCP解析缓冲区溢出漏洞新增: 23281 GitList远程代码执行漏洞新增: 23279 VMTurbo Operations Manager '/cgi-bin/vmtadmin.cgi'远程命令执行漏洞新增: 21948 DaqFactory HMI NETB请求缓冲区溢出漏洞新增: 41189 DNS Flood 僵尸网络通讯新增: 41190 Linux间谍木马 APT 图兰(Turla) 通信新增: 23278 PhpWiki Ploticus模块命令注入漏洞注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级。 NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.93.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added: 23284 OpenSIS 'modname' - PHP Code Execution Added: 23286 HP SiteScope Remote Code Execution Added: 23283 vTiger CRM SOAP AddEmailAttachment Arbitrary File Upload Added: 23282 Gitlab-shell Code Execution Added: 23280 RealNetworks RealPlayer QCP Parsing Buffer Overflow Vulnerability Added: 23281 Gitlist Unauthenticated Remote Command Execution Added: 23279 VMTurbo Operations Manager 4.6 vmtadmin.cgi Remote Command Execution Added: 21948 DaqFactory HMI NETB Request Overflow Added: 41189 DNS Flood BotNet Communication Added: 41190 Linux Spyware Trojans APT (Turla) Communication Added: 23278 PhpWiki - Remote Command Execution
发布时间：2015-01-01 14:48:42

名称： eoi.unify.rulepatch.5.6.7.478.rule	版本：5.6.7.478
MD5：5f735300b833b67e84a98d5ab183e706	大小：10.25M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.93上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.478。该升级包新增/改进的规则有：新增: 23274 Trend Micro Control Manager 'CmdProcessor.exe'远程代码执行漏洞新增: 23275 Zabbix任意命令执行漏洞(CVE-2013-3628) 新增: 23276 Supermicro Onboard IPMI close_window.cgi缓冲区溢出漏洞修改: 22488 Novell ZENworks Asset Management 7.5 配置存取漏洞注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级。 NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.93.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added: 23274 Trend Micro Control Manager 'CmdProcessor.exe' Remote Code Execution Vulnerability Added: 23275 Zabbix Authenticated Remote Command Execution (CVE-2013-3628) Added: 23276 Supermicro Onboard IPMI close_window.cgi Buffer Overflow Modified: 22488 Novell ZENworks Asset Management 7.5 Configuration Access
发布时间：2014-12-25 15:54:41

名称： eoi.unify.rulepatch.5.6.7.477.rule	版本：5.6.7.477
MD5：58500947a8622644a133799f4c9e9598	大小：10.24M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.93上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.477。该升级包新增/改进的规则有：新增: 23259 GLPI install.php 远程命令执行漏洞新增: 23260 Joomla Media Manager 文件上传漏洞新增: 23261 Cisco Prime Data Center Network Manager 多个远程命令执行漏洞新增: 23263 GroundWork monarch_scan.cgi OS命令注入漏洞新增: 23265 Forum Livre busca2.asp palavra参数XSS跨站攻击漏洞新增: 23268 Pandora FMS SQLi 远程代码执行新增: 23269 Symantec Workspace Streaming任意文件上传漏洞新增: 23270 Ericom AccessNow Server 'AccessServer32.exe'栈缓冲区溢出漏洞新增: 23271 NAS4Free任意远程代码执行漏洞新增: 23272 Apache Struts2开发模式命令执行漏洞新增: 41186 Java JNLP自动安装运行应用程序注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级。 NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.93.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added: 23259 GLPI install.php Remote Command Execution Added: 23260 Joomla Media Manager File Upload Vulnerability Added: 23261 Cisco Prime Data Center Network Manager - Arbitrary File Upload Added: 23263 GroundWork monarch_scan.cgi OS Command Injection Added: 23265 Forum Livre busca2.asp palavra Parameter HTTP Post Cross Site Scripting Added: 23268 GLPI install.php Remote Command Execution Added: 23269 Symantec Workspace Streaming Arbitrary File Upload Added: 23270 Ericom AccessNow Server Buffer Overflow Added: 23271 NAS4Free - Arbitrary Remote Code Execution Added: 23272 Apache Struts2 Development Mode Command Execution Vulnerability Added: 41186 Java JNLP Automatically Install and Run Applications
发布时间：2014-12-18 17:44:52

名称： eoi.unify.rulepatch.5.6.7.476.rule	版本：5.6.7.476
MD5：07738ca9f17b24d1fe53fbb7b79459cc	大小：10.22M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.93上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.476。该升级包新增/改进的规则有：新增: 23255 Squash YAML代码执行漏洞新增: 23221 BigAnt IM Server 任意文件上传漏洞新增: 23222 ManageEngine Eventlog Analyzer任意文件上传漏洞新增: 23220 多个Honeywell产品'HscRemoteDeploy.dll' Activex远程代码执行漏洞新增: 23211 Firefox 5.0-15.0.1 __exposedProps__ XCS远程命令执行漏洞新增: 41184 Oracle Event Processing FileUploadServlet Arbitrary 文件上传漏洞新增: 23214 Quest InTrust 'AnnotateX.dll'未初始化指针代码执行漏洞新增: 23212 育碧UPLAY ActiveX控件远程命令执行漏洞新增: 21890 ASUS Net4Switch ipswcom.dll ActiveX缓冲区溢出漏洞注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级。 NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.93.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added: 23255 Squash YAML Code Execution Added: 23221 BigAnt Server 2.97 - DUPF Command Arbitrary File Upload Added: 23222 ManageEngine Eventlog Analyzer Arbitrary File Upload Added: 23220 Honeywell HSC Remote Deployer ActiveX Code Execution Vulnerability Added: 23211 Firefox 5.0-15.0.1 __exposedProps__ XCS Code Execution Added: 41184 Oracle Event Processing FileUploadServlet Arbitrary File Upload Added: 23214 Quest InTrust Annotation Objects Uninitialized Pointer Added: 23212 Ubisoft UPLAY Active X Control Arbitrary Code Execution Added: 21890 ASUS Net4Switch ipswcom.dll ActiveX Stack Buffer Overflow
发布时间：2014-12-11 14:40:00

名称： eoi.unify.rulepatch.5.6.7.475.rule	版本：5.6.7.475
MD5：23078eedb688b2e833bae7bc2dd3fe51	大小：10.22M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.93上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.475。该升级包新增/改进的规则有：修改: 21856 Sun Java JRE getSoundbank file:// URI Buffer Overflow 新增: 22661 NetIQ eDirectory Novell NCP实现栈缓冲区溢出漏洞新增: 23194 HP Intelligent Management Center UAM缓冲区溢出漏洞新增: 23195 KeyHelp ActiveX LaunchTriPane远程命令执行漏洞新增: 23196 Sun Java Web Start的插件命令行参数注入漏洞（2012）新增: 23197 IBM Lotus产品UploadControl ActiveX缓冲区溢出漏洞新增: 23198 IBM Lotus Notes客户端"notes" URI处理器漏洞新增: 23203 MantisBT XmlImportExport Plugin PHP代码注入漏洞新增: 23204 海康威视设备RTSP 请求缓冲区溢出代码执行漏洞新增: 23205 Apple QuickTime MIME类型缓冲区溢出漏洞新增: 30653 CA Arcserve D2D GWT RPC 凭证信息泄露注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级。 NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.93.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Modified: 21856 Sun Java JRE getSoundbank file:// URI Buffer Overflow Added: 22661 Novell eDirectory 8 Buffer Overflow Added: 23194 HP Intelligent Management Center UAM Buffer Overflow Added: 23195 KeyHelp ActiveX LaunchTriPane Remote Code Execution Vulnerability Added: 23196 Sun Java Web Start Plugin Command Line Argument Injection (2012) Added: 23197 IBM Lotus UploadControl ActiveX Buffer Overflow Added: 23198 IBM Lotus Notes Client URL Handler Command Injection Added: 23203 MantisBT XmlImportExport Plugin PHP Code Injection Vulnerability Added: 23204 Hikvision DVR RTSP Request Buffer Overflow Remote Code Execution Added: 23205 Apple QuickTime MIME Type Buffer Overflow Added: 30653 CA Arcserve D2D GWT RPC Credential Information Disclosure
发布时间：2014-12-04 15:54:53

名称： eoi.unify.rulepatch.5.6.7.474.rule	版本：5.6.7.474
MD5：13a7b4c9ce967f0b18171f0502279b98	大小：10.21M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.93上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.474。该升级包新增/改进的规则有：新增: 23179 贝尔金路由器0day溢出漏洞新增: 23180 VICIDIAL 'manager_send.php'远程命令注入漏洞新增: 23181 Apache Struts includeParams 远程代码执行新增: 23182 Oracle WebCenter Content CheckOutAndOpen.dll ActiveX 远程代码执行漏洞新增: 23183 ZoneMinder视频服务器packageControl远程命令执行漏洞新增: 23184 Nagios 远程插件执行者任意命令执行漏洞新增: 23186 Active Collab "chat module" PHP注入漏洞新增: 23187 HP Data Protector 创建文件夹缓冲区溢出漏洞新增: 23188 Sysax Multi Server Create Folder缓冲区溢出漏洞新增: 23189 Ektron CMS 'XslCompiledTransform'类远程代码执行漏洞新增: 23191 op5 Appliance system-op5config组件op5config/welcome密码参数远程命令执行漏洞新增: 23192 HP StorageWorks Virtual SAN Appliance SAN/iQ远程命令注入漏洞新增: 23193 Apache Struts 开发模式 OGNL 执行新增: 41182 IBM Cognos tm1admsd.exe 溢出漏洞注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级。 NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.93.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added: 23179 Belkin Router 0day Overflow Vulnerability Added: 23180 VICIDIAL 'manager_send.php' Command Injection Vulnerability Added: 23181 Apache Struts includeParams Remote Code Execution Added: 23182 Oracle WebCenter Content CheckOutAndOpen.dll ActiveX Remote Code Execution Added: 23183 ZoneMinder Video Server packageControl Command Execution Added: 23184 Nagios Remote Plugin Executor Arbitrary Command Execution Added: 23186 Active Collab "chat module" Remote PHP Code Injection Exploit Added: 23187 HP Data Protector Create New Folder Buffer Overflow Added: 23188 Sysax Multi Server Create Folder Buffer Overflow Added: 23189 Ektron CMS XSLT Transform Remote Code Execution Added: 23191 op5 Appliance system-op5config components op5config / welcome password parameters Remote Command Execution Vulnerability Added: 23192 HP StorageWorks Virtual SAN Appliance Command Execution Added: 23193 Apache Struts Developer Mode OGNL Execution Added: 41182 IBM Cognos tm1admsd.exe Overflow Vulnerability
发布时间：2014-11-27 15:56:53

名称： eoi.unify.rulepatch.5.6.7.473.rule	版本：5.6.7.473
MD5：8cd275cd70180be1401a5375f44c7e7c	大小：10.22M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.93上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.473。该升级包新增/改进的规则有：新增: 23156 Horde 框架反序化PHP代码执行漏洞新增: 23162 Rocket Servergraph Admin Center fileRequestor远程代码执行漏洞新增: 23171 JIRA Issues Collector目录遍历漏洞新增: 23170 SkyBlueCanvas 'index.php'远程命令注入漏洞新增: 23169 vtiger CRM安装脚本远程代码执行漏洞新增: 23161 Visual Mining NetCharts Server 任意文件上传漏洞新增: 23168 windows OLE 自动化数组远程代码执行漏洞新增: 23165 F5 iControl远程命令注入漏洞新增: 30652 IE URL属性信息泄露新增: 23158 OWA信域绕过漏洞新增: 23159 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2014-6347) 新增: 23163 横河电机株式会社CENTUM CS 3000 BKFSim_vhfd.exe 缓冲区溢出修改: 30570 Microsoft远程桌面协议RDP远程代码执行漏洞扫描注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级。 NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.93.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added: 23156 Horde Framework Unserialize PHP Code Execution Added: 23162 Rocket Servergraph Admin Center fileRequestor Remote Code Execution Added: 23171 JIRA Issues Collector Directory Traversal Added: 23170 SkyBlueCanvas 'index.php' Remote Code Execution Added: 23169 Vtiger CRM Install Unauthenticated Remote Command Execution Added: 23161 Visual Mining NetCharts Server Arbitrary File Upload Vulnerability Added: 23168 Windows OLE Automation Array Remote Code Execution Vulnerability Added: 23165 F5 iControl Remote Command Execution Added: 30652 IE URL Property Information Disclosure Added: 23158 Outlook Web Access trusted Domain bypass Added: 23159 Microsoft Internet Explorer Remote Momery Corruption Vulnerabiliy(CVE-2014-6347) Added: 23163 Yokogawa CS3000 BKFSim_vhfd.exe Buffer Overflow Modified: 30570 Microsoft Remote Desktop Protocol RDP remote code execution vulnerability scan
发布时间：2014-11-20 16:58:44

名称： eoi.unify.rulepatch.5.6.7.472.rule	版本：5.6.7.472
MD5：0752fe9168a7a5a9981205a443424973	大小：9.77M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.93上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.472。该升级包新增/改进的规则有：修改: 23144 ManageEngine OpManager / Social IT任意文件上传漏洞修改: 23145 Wordpress InfusionSoft 插件上传漏洞注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级。 NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.93.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Modified: 23144 ManageEngine OpManager / Social IT Arbitrary File Upload Modified: 23145 Wordpress InfusionSoft Plugin Upload Vulnerability
发布时间：2014-11-13 17:12:05

名称： eoi.unify.rulepatch.5.6.7.471.rule	版本：5.6.7.471
MD5：a8069e2820a4f0b2a6aa1579327dfb7f	大小：9.95M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.93上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.471。该升级包新增/改进的规则有：新增: 23148 Joomla Akeeba Kickstart反序化远程代码执行漏洞新增: 23153 tnftp ftp客户端任意命令执行漏洞(CVE-2014-8517) 注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级。 NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.93.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added: 23148 Joomla Akeeba Kickstart Unserialize Remote Code Execution Added: 23153 tnftp ftp client arbitrary command execution vulnerability (CVE-2014-8517)
发布时间：2014-11-06 17:16:39

名称： eoi.unify.rulepatch.5.6.7.470.rule	版本：5.6.7.470
MD5：e0d51347de4cae891a5dcf16167d2acf	大小：9.77M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.93上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.470。该升级包新增/改进的规则有：新增: 23132 Railo 远程文件包含漏洞新增: 23143 Rejetto HTTP File Server 'ParserLib.pas'远程命令执行漏洞新增: 23144 ManageEngine OpManager / Social IT任意文件上传漏洞新增: 23145 Wordpress InfusionSoft 插件上传漏洞注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级。 NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.93.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added: 23132 Railo Remote File Include Vulnerability Added: 23143 Rejetto HttpFileServer 'ParserLib.pas' Remote Command Execution Added: 23144 ManageEngine OpManager / Social IT Arbitrary File Upload Added: 23145 Wordpress InfusionSoft Plugin Upload Vulnerability
发布时间：2014-10-30 16:32:38

名称： eoi.unify.rulepatch.5.6.7.469.rule	版本：5.6.7.469
MD5：f59d68cdb54ec2c05c87be5f11eb9217	大小：9.77M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.91上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.469。该升级包新增/改进的规则有：修改: 23056 Microsoft Internet Explorer 11释放后重利用漏洞（CVE-2014-1765）注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级。 NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.85.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Modified: 23056 Microsoft Internet Explorer 11 UAF Vulnerability（CVE-2014-1765）
发布时间：2014-10-23 15:34:35

名称： eoi.unify.rulepatch.5.6.7.468.rule	版本：5.6.7.468
MD5：01d25a57e633371d5dbe147872d56f14	大小：9.77M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.85上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.468。该升级包新增/改进的规则有：修改: 22796 Apache Struts远程代码执行漏洞(CVE-2013-2251) 修改: 30647 GNU Bash 环境变量远程命令执行漏洞(CVE-2014-6271) 注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级。 NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.85.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Modified: 22796 Apache Struts Remote Code Execution(CVE-2013-2251) Modified: 30647 GNU Bash Environment Variables Remote Command Execution (CVE-2014-6271)
发布时间：2014-10-16 17:31:27

名称： eoi.unify.rulepatch.5.6.7.467.rule	版本：5.6.7.467
MD5：0a5964202e81b2492cd680d3e3f30bd2	大小：9.77M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.85上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.467。该升级包新增/改进的规则有：新增: 23131 ManageEngine产品任意文件上传漏洞新增: 23134 HP AutoPass许可证服务器文件上传漏洞注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级。 NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.85.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added: 23131 ManageEngine Desktop Central StatusUpdate Arbitrary File Upload Added: 23134 HP AutoPass License Server File Upload
发布时间：2014-10-09 15:11:11

名称： eoi.unify.rulepatch.5.6.7.466.rule	版本：5.6.7.466
MD5：1bba6dd44b4be3626da16bde2d6487c6	大小：9.76M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.85上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.466。该升级包新增/改进的规则有：修改: 30647 GNU Bash 环境变量远程命令执行漏洞(CVE-2014-6271) 注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级。 NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.85.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Modified: 30647 GNU Bash Environment Variables Remote Command Execution (CVE-2014-6271)
发布时间：2014-10-02 17:05:54

名称： eoi.unify.rulepatch.5.6.7.465.rule	版本：5.6.7.465
MD5：fdfb097c8db6271cb1fc36ff361179b2	大小：9.76M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.85上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.465。该升级包新增/改进的规则有：新增: 30647 GNU Bash 环境变量远程命令执行漏洞(CVE-2014-6271) 注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级 NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.85.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added: 30647 GNU Bash Environment Variables Remote Command Execution (CVE-2014-6271)
发布时间：2014-09-26 16:20:18

名称： eoi.unify.rulepatch.5.6.7.464.rule	版本：5.6.7.464
MD5：8717ffca6a0b2b82783629b850e50ae1	大小：9.76M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.85上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.464。该升级包新增/改进的规则有：新增: 23123 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2014-4080)(MS14-052) 新增: 23124 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2014-4081)(MS14-052) 新增: 23125 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2014-4082)(MS14-052) 新增: 23126 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2014-4084)(MS14-052) 新增: 23127 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2014-4086)(MS14-052) 新增: 23128 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2014-4088)(MS14-052) 新增: 23129 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2014-4089)(MS14-052) 新增: 23130 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2014-4092)(MS14-052) 注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级。 NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.85.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added: 23123 Microsoft Internet Explorer Remote Memory Corruption Vulnerability（CVE-2014-4080)(MS14-052) Added: 23124 Microsoft Internet Explorer Remote Memory Corruption Vulnerability(CVE-2014-4081)(MS14-052) Added: 23125 Microsoft Internet Explorer Remote Memory Corruption Vulnerability(CVE-2014-4082)(MS14-052) Added: 23126 Microsoft Internet Explorer Remote Corruption Vulnerability(CVE-2014-4084)(MS14-052) Added: 23127 Microsoft Internet Explorer Remote Corruption Vulnerability(CVE-2014-4086)(MS14-052) Added: 23128 Microsoft Internet Explorer Remote Corruption Vulnerability(CVE-2014-4088)(MS14-052) Added: 23129 Microsoft Internet Explorer Remote Memory Corruption Vulnerability(CVE-2014-4089)(MS14-052) Added: 23130 Microsoft Internet Explorer Remote Memory Corruption Vulnerability(CVE-2014-4092)(MS14-052)
发布时间：2014-09-25 15:35:53

名称： eoi.unify.rulepatch.5.6.7.463.rule	版本：5.6.7.463
MD5：ff60cc5f1972f16dd54e6a7edbb957a8	大小：10.19M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.85上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.463。该升级包新增/改进的规则有：新增: 23121 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2014-2799)(MS14-052) 新增: 23122 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2014-4065)(MS14-052) 注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级。 NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.85.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added: 23121 Microsoft Internet Explorer Remote Memory Corruption Vulnerability(CVE-2014-2799)(MS14-052) Added: 23122 Microsoft Internet Explorer Remote Memory Corruption Vulnerability(CVE-2014-4065)(MS14-052)
发布时间：2014-09-18 17:21:37

名称： eoi.unify.rulepatch.5.6.7.462.rule	版本：5.6.7.462
MD5：546e4a9bdef14ce8dfe1b7994b2936de	大小：10.18M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.85上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.462。该升级包新增/改进的规则有：修改：21299 SelectElement远程代码执行漏洞修改：20867 Novell Messenger Server 2.0 Accept-Language溢出漏洞注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级。 NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.85.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Modified: 21299 SelectElement Remote Code Execution Vulnerability Modified: 20867 Novell Messenger Server 2.0 Accept-Language Overflow
发布时间：2014-09-11 16:52:40

名称： eoi.unify.rulepatch.5.6.7.461.rule	版本：5.6.7.461
MD5：48fd394e310ec4213e3cc2a2d2dcb14e	大小：10.16M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.85上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.461。该升级包新增/改进的规则有：修改：41033 木马后门程序Black Hole通信注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级。 NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.85.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Modified: 41033 Backdoor/Trojan Black Hole Communication
发布时间：2014-09-04 15:36:56

名称： eoi.unify.rulepatch.5.6.7.460.rule	版本：5.6.7.460
MD5：1332339440cb9d76788c679ae5bcfb5f	大小：10.13M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.85上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.460。该升级包新增/改进的规则有：新增: 23071 Microsoft Internet Explorer内存破坏漏洞(CVE-2014-4050)(MS14-051) 新增: 23072 Microsoft Internet Explorer内存破坏漏洞(CVE-2014-4063)(MS14-051) 新增: 23073 Microsoft Internet Explorer内存破坏漏洞(CVE-2014-4057)(MS14-051) 注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级。 NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.85.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added: 23071 Microsoft Internet Explorer Memory Corruption Vulnerability(CVE-2014-4050)(MS14-051) Added: 23072 Microsoft Internet Explorer Memory Corruption Vulnerability(CVE-2014-4063)(MS14-051) Added: 23073 Microsoft Internet Explorer Memory corruption Vulnerability(CVE-2014-4057)(MS14-051)
发布时间：2014-08-28 18:12:19

名称： eoi.unify.rulepatch.5.6.7.459.rule	版本：5.6.7.459
MD5：f754bf6196fe0505c16db98d6cee79d7	大小：10.11M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.85上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.459。该升级包新增/改进的规则有：新增：23068 Microsoft Internet Explorer内存破坏漏洞(CVE-2014-2820)(MS14-051) 新增：23069 Microsoft Internet Explorer内存破坏漏洞(CVE-2014-2823)(MS14-051) 新增：23070 Microsoft Internet Explorer内存破坏漏洞(CVE-2014-2824)(MS14-051) 注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级。 NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.85.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Add: 23068 Microsoft Internet Explorer Memory Corruption vulnerability (CVE-2014-2820)(MS14-051) Add: 23069 Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2014-2823)(MS14-051) Add: 23070 Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2014-2824)(MS14-051)
发布时间：2014-08-21 16:39:46

名称： eoi.unify.rulepatch.5.6.7.458.rule	版本：5.6.7.458
MD5：4d727e0d5c6de830a345e1dbdc8a940a	大小：10.11M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.85上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.458。该升级包新增/改进的规则有：修改：70003 非默认端口上发现已知协议注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级。 NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.85.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Modified：70003 Known Protocol on Non-default Port
发布时间：2014-08-14 18:03:02

名称： eoi.unify.rulepatch.5.6.7.457.rule	版本：5.6.7.457
MD5：4c9299592df177bf555266b681309373	大小：10.11M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.85上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.457。该升级包新增/改进的规则有：修改：22985 HP Storage Data 备份客户端服务远程代码执行注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级。 NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.85.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Modified：22985 HP Data Protector Backup Client Service Remote Code Execution
发布时间：2014-08-07 18:31:01

名称： eoi.unify.rulepatch.5.6.7.456.rule	版本：5.6.7.456
MD5：f4dd1661366af7979e23b34a39f921a5	大小：10.10M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.85上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.456。该升级包新增/改进的规则有：修改：23048 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2014-1785)(MS14-035) 注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级。 NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.85.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Modified：23048 Microsoft Internet Explorer Memory Corruption(CVE-2014-1785)(MS14-035)
发布时间：2014-07-31 14:45:57

名称： eoi.unify.rulepatch.5.6.7.455.rule	版本：5.6.7.455
MD5：f4d1c477189b7872d222694d62cdd2ca	大小：10.10M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.85上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.455。该升级包新增/改进的规则有：修改：50270 SMTP发邮件注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级。 NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.85.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Modified: 50270 SMTP Send Mail
发布时间：2014-07-24 16:57:58

名称： eoi.unify.rulepatch.5.6.7.454.rule	版本：5.6.7.454
MD5：3740bab858ed9a01306cd86404be1a25	大小：10.10M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.85上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.454。该升级包新增/改进的规则有：新增：23056 Microsoft Internet Explorer 11释放后重利用漏洞（CVE-2014-1765）新增：23058 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2014-2797) 新增：23060 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2014-2804) 新增：23061 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2014-2801) 注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级。 NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.85.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Add: 23056 Microsoft Internet Explorer 11 UAF Vulnerability（CVE-2014-1765） Add: 23058 Microsoft Internet Explorer Memory Corruption(CVE-2014-2797) Add: 23060 Microsoft Internet Explorer Memory Corruption(CVE-2014-2804) Add: 23061 Microsoft Internet Explorer Memory Corruption(CVE-2014-2801)
发布时间：2014-07-17 19:11:29

名称： eoi.unify.rulepatch.5.6.7.453.rule	版本：5.6.7.453
MD5：a17cc13f559e404933afa4f6a55cf1cf	大小：10.10M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.85上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.453。该升级包新增/改进的规则有：修改：22796 Apache Struts远程代码执行漏洞(CVE-2013-2251) 注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级。 NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.85.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Modified: 22796 Apache Struts Remote Code Execution(CVE-2013-2251)
发布时间：2014-07-10 14:22:39

名称： eoi.unify.rulepatch.5.6.7.452.rule	版本：5.6.7.452
MD5：842852fe8b8ebf7b7194b2ebcc7d35ff	大小：10.10M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.85上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.452。该升级包新增/改进的规则有：新增：23055 DISCUZ 7系列faq.php SQL注入漏洞注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级。 NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.85.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added: 23055 DISCUZ 7 faq.php SQL Injection Vulnerability
发布时间：2014-07-04 11:02:00

名称： eoi.unify.rulepatch.5.6.7.450.rule	版本：5.6.7.450
MD5：c1f8748dab8bd59a960bfaa77a3072bb	大小：10.10M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.84上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.450。该升级包新增/改进的规则有：修改：41033 木马后门程序Black Hole通信注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级。 NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.84.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Modified: 41033 Backdoor/Trojan Black Hole Communication
发布时间：2014-06-26 15:25:06

名称： eoi.unify.rulepatch.5.6.7.449.rule	版本：5.6.7.449
MD5：7e6f3ef83281a95bcf47a2d7f94f06c2	大小：10.09M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.84上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.449。该升级包新增/改进的规则有：新增：23045 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2014-1762)(MS14-035) 新增：23043 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2014-1805)(MS14-035) 新增：23050 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2014-1795)(MS14-035) 新增：23048 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2014-1785)(MS14-035) 新增：23052 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2014-1800)(MS14-035) 新增：23044 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2014-0282)(MS14-035) 新增：23046 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2014-1766)(MS14-035) 新增：23047 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2014-1772)(MS14-035) 新增：23051 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2014-1797)(MS14-035) 新增：23049 Microsoft Internet Explorer远程内存破坏(CVE-2014-1791) 新增：23042 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2014-1804)(MS14-035) 新增：23053 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2014-1802)(MS14-035) 新增：23054 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2014-1789)(MS14-035) 注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级。 NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.84.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added：23045 Microsoft Internet Explorer Memory Corruption(CVE-2014-1762)(MS14-035) Added：23043 Microsoft Internet Explorer Memory Corruption(CVE-2014-1805)(MS14-035) Added：23050 Microsoft Internet Explorer Memory Corruption(CVE-2014-1795)(MS14-035) Added：23048 Microsoft Internet Explorer Memory Corruption(CVE-2014-1785)(MS14-035) Added：23052 Microsoft Internet Explorer Memory Corruption(CVE-2014-1800)(MS14-035) Added：23044 Microsoft Internet Explorer Memory Corruption(CVE-2014-0282)(MS14-035) Added：23046 Microsoft Internet Explorer Memory Corruption(CVE-2014-1766)(MS14-035) Added：23047 Microsoft Internet Explorer Memory Corruption(CVE-2014-1772)(MS14-035) Added：23051 Microsoft Internet Explorer Memory Corruption(CVE-2014-1797)(MS14-035) Added：23049 Microsoft Internet Explorer Memory Corruption(CVE-2014-1791) Added：23042 Microsoft Internet Explorer Memory Corruption(CVE-2014-1804)(MS14-035) Added：23053 Microsoft Internet Explorer Memory Corruption(CVE-2014-1802)(MS14-035) Added：23054 Microsoft Internet Explorer Memory Corruption(CVE-2014-1789)(MS14-035)
发布时间：2014-06-19 16:13:48

名称： eoi.unify.rulepatch.5.6.7.448.rule	版本：5.6.7.448
MD5：332bf55cf8bf26553e5409044245ba48	大小：10.28M
描述：本升级包为入侵防护特征库升级包，仅支持在固件版本5.6.7.56/67，引擎版本5.6.7.84上升级。升级包为全量升级包。升级后固件版本和引擎版本不变，规则版本变为5.6.7.448。该升级包新增/改进的规则有：添加：23031 OpenSSL DTLS无效片段漏洞 (CVE-2014-0195) 注意事项： 1．该升级包升级后引擎自动重启生效，不会造成会话中断，但ping包会丢3~5个，请选择合适的时间升级。 NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.84.This is a total upgrade package. After upgrade package is imported,engine will restart automatically . List of added or modified signatures: Added：23031 OpenSSL DTLS Invaild Fragment Vulnerability (CVE-2014-0195)
发布时间：2014-06-13 09:27:41

名称： eoi.unify.rulepatch.5.6.7.446.rule	版本：5.6.7.446
MD5：72132821fd3c02a21aad3bfb890ea2e3	大小：10.20M
描述：绿盟科技NIDS/NIPS产品规则升级包，本升级包依赖引擎升级包5.6.7.79，升级包导入后引擎会自动重启。规则新增或更新列表: 修改：22264 Apache Struts2 XWork绕过安全限制执行任意命令攻击 NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.79.After upgrade package is imported,engine will automatically restart. List of added or modified signatures: modified: 22264 Apache Struts2 XWork Bypass Security Restrictions To Execute Arbitrary Commands Attack
发布时间：2014-06-05 16:49:48

名称： eoi.unify.rulepatch.5.6.7.445.rule	版本：5.6.7.445
MD5：e5a78a1e05684801aca6b30e3987be57	大小：10.02M
描述：绿盟科技NIDS/NIPS产品规则升级包，本升级包依赖引擎升级包5.6.7.79，升级包导入后引擎会自动重启。规则新增或更新列表: 新增：23010 ELASTICSEARCH远程代码执行漏洞修改：29002 Web服务远程跨站脚本执行攻击 NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.79.After upgrade package is imported,engine will automatically restart. List of added or modified signatures: Added：23010 ELASTICSEARCH Remote Code Execution Vulnerability Modified：29002 Web Service Remote Cross-Site Scripting
发布时间：2014-05-29 16:17:06

名称： eoi.unify.rulepatch.5.6.7.444.rule	版本：5.6.7.444
MD5：bd2d9bfedb0533ebfb75df4329c4ecbe	大小：10.01M
描述：绿盟科技NIDS/NIPS产品规则升级包，本升级包依赖引擎升级包5.6.7.79，升级包导入后引擎会自动重启。规则新增或更新列表: 新增： 23007 Microsoft SharePoint跨站脚本漏洞(CVE-2014-1754)(MS14-022) 新增： 23006 Microsoft Internet Explorer内存破坏漏洞(CVE-2014-0310)(MS14-029) 新增： 23008 Microsoft Internet Explorer内存破坏漏洞(CVE-2014-1815)(MS14-029) NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.79.After upgrade package is imported,engine will automatically restart. List of added or modified signatures: Added： 23007 Microsoft SharePoint XSS(CVE-2014-1754)(MS14-022) Added： 23006 Microsoft Internet Explorer Memory Corruption(CVE-2014-0310)(MS14-029) Added： 23008 Microsoft Internet Explorer Memory Corruption(CVE-2014-1815)(MS14-029)
发布时间：2014-05-22 15:27:22

名称： eoi.unify.rulepatch.5.6.7.443.rule	版本：5.6.7.443
MD5：1a3681559d1d2285fd72b23ac86f70f5	大小：10.01M
描述：绿盟科技NIDS/NIPS产品规则升级包，本升级包依赖引擎升级包5.6.7.79，升级包导入后引擎会自动重启。规则新增或更新列表: 新增： 23005 POP3S 服务暴力猜测用户口令修改： 23004 Microsoft Internet Explorer远程代码执行漏洞（CVE-2014-1776）修改： 20986 Microsoft IIS 6.0 WebDAV远程绕过认证攻击 NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.79.After upgrade package is imported,engine will automatically restart. List of added or modified signatures: Added： 23005 POP3S Service User Password Brute Forcce Modified： 23004 Microsoft Internet Explorer Remote Code Execution 0day（CVE-2014-1776） Modified： 20986 Microsoft IIS 6.0 WebDAV Remote Authentication Bypass Attack
发布时间：2014-05-15 17:40:39

名称： eoi.unify.rulepatch.5.6.7.442.rule	版本：5.6.7.442
MD5：ffd94802eb8c32cfbd924590e49c827d	大小：9.96M
描述：绿盟科技NIDS/NIPS产品规则升级包，本升级包依赖引擎升级包5.6.7.79，升级包导入后引擎会自动重启。规则新增或更新列表: 修改： 40402 Web服务访问/etc/passwd文件修改： 51340 JBoss企业应用平台非授权访问漏洞 NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.79.After upgrade package is imported,engine will automatically restart. List of added or modified signatures: Modified： 40402 Access to File /etc/passwd via Web Service Modified： 51340 JBoss Enterprise Application Platform Unauthorized Access Vulnerability
发布时间：2014-05-08 15:22:28

名称： eoi.unify.rulepatch.5.6.7.441.rule	版本：5.6.7.441
MD5：054b96431945f2810561948c76fc3b7e	大小：10.14M
描述：绿盟科技NIDS/NIPS产品规则升级包，本升级包依赖引擎升级包5.6.7.79，升级包导入后引擎会自动重启。规则新增或更新列表: 新增： 23004 Microsoft Internet Explorer远程代码执行0day漏洞（CVE-2014-1776） NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.79.After upgrade package is imported,engine will automatically restart. List of added or modified signatures: added: 23004 Microsoft Internet Explorer Remote Code Execution 0day（CVE-2014-1776）
发布时间：2014-04-28 17:49:30

名称： eoi.unify.rulepatch.5.6.7.439.rule	版本：5.6.7.439
MD5：705e5429c8d245486d320ee6bbcee68a	大小：10.13M
描述：绿盟科技NIDS/NIPS产品规则升级包，本升级包依赖引擎升级包5.6.7.79，升级包导入后引擎会自动重启。规则新增或更新列表: 新增： 23002 Apache Struts2 (CVE-2014-0094)(S2-020)漏洞修补绕过 NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.79.After upgrade package is imported,engine will automatically restart. List of added or modified signatures: added: 23002 Apache Struts2 (CVE-2014-0094)(S2-020) Vulnerability Repair Bypass
发布时间：2014-04-24 18:20:35

名称： eoi.unify.rulepatch.5.6.7.437.rule	版本：5.6.7.437
MD5：dd6de84f8492dad6fe58dfaa211377fe	大小：9.95M
描述：绿盟科技NIDS/NIPS产品规则升级包，本升级包依赖引擎升级包5.6.7.79，升级包导入后引擎会自动重启。规则新增或更新列表: 新增: 22998 Microsoft Internet Explorer内存破坏漏洞(CVE-2014-1751) (MS14-018) 新增: 22999 Microsoft Internet Explorer内存破坏漏洞(CVE-2014-1752) (MS14-018) 新增: 23000 Microsoft Internet Explorer内存破坏漏洞(CVE-2014-1753) (MS14-018) 新增: 23001 Microsoft Internet Explorer内存破坏漏洞(CVE-2014-1755) (MS14-018) 新增: 30633 OpenSSL TLS心跳扩展协议包远程信息泄露漏洞 (CVE-2014-0160) 修改: 50102 即时通信工具QQ访问游戏平台通信绿盟科技NIDS/NIPS产品规则升级包，本升级包依赖引擎升级包5.6.7.79，升级包导入后引擎会自动重启。规则新增或更新列表: 新增: 22998 Microsoft Internet Explorer内存破坏漏洞(CVE-2014-1751) (MS14-018) 新增: 22999 Microsoft Internet Explorer内存破坏漏洞(CVE-2014-1752) (MS14-018) 新增: 23000 Microsoft Internet Explorer内存破坏漏洞(CVE-2014-1753) (MS14-018) 新增: 23001 Microsoft Internet Explorer内存破坏漏洞(CVE-2014-1755) (MS14-018) 新增: 30633 OpenSSL TLS心跳扩展协议包远程信息泄露漏洞 (CVE-2014-0160) 修改: 50102 即时通信工具QQ访问游戏平台通信
发布时间：2014-04-17 15:23:12

名称： eoi.unify.rulepatch.5.6.7.436.rule	版本：5.6.7.436
MD5：9d5bb4144f52e83f0b8071b6437ffa07	大小：10.15M
描述：绿盟科技NIDS/NIPS产品规则升级包，本升级包依赖引擎升级包5.6.7.78，升级包导入后引擎会自动重启。规则新增或更新列表: 新增: 30633 OpenSSL远程信息泄漏(CVE-2014-0160) 修改: 50043 POP3服务用户登录认证成功 NSFOCUS NIDS/NIPS product signature update package, depends on engin 5.6.7.78.After upgrade package is imported,engine will automatically restart. List of added or modified signatures: Added: 30633 OpenSSL Remote Information Disclosure(CVE-2014-0160) Modified: 50043 POP3 Service User Login Authentication Success
发布时间：2014-04-09 09:34:44

名称： eoi.unify.rulepatch.5.6.7.434.rule	版本：5.6.7.434
MD5：f591dc0cb13c97fea9c32e405b205d1a	大小：9.92M
描述：绿盟科技NIDS/NIPS产品规则升级包，本升级包依赖引擎升级包5.6.7.78，升级包导入后引擎会自动重启。规则新增或更新列表: 新增: 22996 SolidWorks Workgroup PDM 2014 pdmwService.exe任意文件写入新增: 22997 多个Generel Electric产品'gefebt.exe' Shell上传漏洞新增: 22994 kloxo sql 注入及远程代码执行新增: 22995 Symantec Endpoint Protection Manager 远程代码执行新增: 22993 Microsoft Word RTF文件解析错误代码执行漏洞（CVE-2014-1761）新增: 22991 MantisBT管理 SQL注入任意文件读取修改: 29001 Web服务远程SQL注入攻击可疑行为修改: 50074 即时通信工具ICQ用户登录 NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.78.After upgrade package is imported,engine will automatically restart. List of added or modified signatures: Added: 22996 SolidWorks Workgroup PDM 2014 pdmwService.exe Arbitrary File Write Added: 22997 Multiple Generel Electric products'gefebt.exe'Shell upload vulnerability Added: 22994 Kloxo SQL Injection and Remote Code Execution Added: 22995 Symantec Endpoint Protection Manager Remote Command Execution Added: 22993 Microsoft Word RTF File Parase Error Code Execution（CVE-2014-1761） Added: 22991 MantisBT Admin SQL Injection Arbitrary File Read Modified: 29001 Web Service Remote SQL Injection Suspicious Behavior Modified: 50074 Instant Messaging Tool ICQ User Login
发布时间：2014-04-03 18:17:29

名称： eoi.unify.rulepatch.5.6.7.433.rule	版本：5.6.7.433
MD5：3e696c9cd4084aa6c3eef0fafe9eaeb4	大小：10.13M
描述：绿盟科技NIDS/NIPS产品规则升级包，本升级包依赖引擎升级包5.6.7.78，升级包导入后引擎会自动重启。规则新增或更新列表: 新增： 22985 HP Storage Data 备份客户端服务远程代码执行（CVE-2013-2347）新增： 10366 APACHE COMMONS FILEUPLOAD组件DOS漏洞（CVE-2014-0050）新增： 22993 Microsoft Word RTF文件解析错误代码执行漏洞（CVE-2014-1761） NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.78.After upgrade package is imported,engine will automatically restart. List of added or modified signatures: Added： 22985 HP Data Protector Backup Client Service Remote Code Execution（CVE-2013-2347） Added： 10366 APACHE COMMONS FILEUPLOAD Module DOS Vulnerability（CVE-2014-0050） Added： 22993 Microsoft Word RTF File Parase Error Code Execution（CVE-2014-1761）
发布时间：2014-03-26 17:22:53

名称： eoi.unify.rulepatch.5.6.7.431.rule	版本：5.6.7.431
MD5：ed401da59b7897ec51c010929eb7af69	大小：10.17M
描述：绿盟科技NIDS/NIPS产品规则升级包，本升级包依赖引擎升级包5.6.7.78，升级包导入后引擎会自动重启。规则新增或更新列表: 修改： 30571 JWPlayer远程跨站脚本执行漏洞 NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.78.After upgrade package is imported,engine will automatically restart. List of added or modified signatures: Modified： 30571 JWPlayer Remote Cross-Site Scripting Vulnerability
发布时间：2014-03-20 17:19:36

名称： eoi.unify.rulepatch.5.6.7.430.rule	版本：5.6.7.430
MD5：b269fa309729c0de9a7f3fa550e49c6d	大小：10.17M
描述：绿盟科技NIDS/NIPS产品规则升级包，本升级包依赖引擎升级包5.6.7.78，升级包导入后引擎会自动重启。规则新增或更新列表: 新增： 22968 DEDECMS /INCLUDE/UPLOADSAFE.PHP SQL注入漏洞新增： 22969 DEDECMS BUY_ACTION.PHP文件SQL注入漏洞(S2-017) 新增： 22970 Microsoft Internet Explorer内存破坏漏洞(CVE-2014-0305)(MS14-012) 新增： 22971 Microsoft Internet Explorer内存破坏漏洞(CVE-2014-0313)(MS14-012) NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.78.After upgrade package is imported,engine will automatically restart. List of added or modified signatures: Added： 22968 DEDECMS /INCLUDE/UPLOADSAFE.PHP SQL Injection Vulnerability Added： 22969 DEDECMS BUY_ACTION.PHP File SQL Injection Vulnerability(S2-017) Added： 22970 Microsoft Internet Explorer Memory Corruption(CVE-2014-0305)(MS14-012) Added： 22971 Microsoft Internet Explorer Memory Corruption(CVE-2014-0313)(MS14-012)
发布时间：2014-03-13 19:13:08

名称： eoi.unify.rulepatch.5.6.7.429.rule	版本：5.6.7.429
MD5：2239029f2d2932f6e7f8bebf388719be	大小：10.14M
描述：绿盟科技NIDS/NIPS产品规则升级包，本升级包依赖引擎升级包5.6.7.78，升级包导入后引擎会自动重启。规则新增或更新列表: 新增： 22966 Oracle Forms/Reports预验证口令泄露漏洞新增： 22967 Linksys多款路由器tmUnblock.cgi ttcp_ip参数远程命令执行漏洞 NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.78.After upgrade package is imported,engine will automatically restart. List of added or modified signatures: Added： 22966 Oracle Forms/Reports Credentials Disclosure Vulnerability Added： 22967 Linksys router tmUnblock.cgi ttcp_ip variety of parameters Remote Command Execution Vulnerability
发布时间：2014-03-07 17:19:21

名称： eoi.unify.rulepatch.5.6.7.428.rule	版本：5.6.7.428
MD5：9be166f675c42bf97889d74436a704b3	大小：10.15M
描述：绿盟科技NIDS/NIPS产品规则升级包，本升级包依赖引擎升级包5.6.7.78，升级包导入后引擎会自动重启。规则新增或更新列表: 修改: 22871 Microsoft Internet Explorer内存破坏漏洞(CVE-2013-3873)(MS13-080) 修改: 22877 Microsoft Internet Explorer内存破坏漏洞(CVE-2013-3886)(MS13-080) NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.78.After upgrade package is imported,engine will automatically restart. List of added or modified signatures: Modified: 22871 Microsoft Internet Explorer Memory Corruption (CVE-2013-3873)(MS13-080) Modified: 22877 Microsoft Internet Explorer Memory Corruption (CVE-2013-3886)(MS13-080)
发布时间：2014-02-27 17:29:18

名称： eoi.unify.rulepatch.5.6.7.427.rule	版本：5.6.7.427
MD5：8eb72664addd0e3f16083d1cd2ae995d	大小：10.15M
描述：绿盟科技NIDS/NIPS产品规则升级包，本升级包依赖引擎升级包5.6.7.78，升级包导入后引擎会自动重启。规则新增或更新列表: 新增：22946 Microsoft Internet Explorer内存破坏漏洞(CVE-2014-0277)(MS14-010) 新增：22947 Microsoft Internet Explorer内存破坏漏洞(CVE-2014-0290)(MS14-010) 新增：22948 Microsoft Internet Explorer内存破坏漏洞(CVE-2014-0274)(MS14-010) 新增：22949 Microsoft Internet Explorer内存破坏漏洞(CVE-2014-0275)(MS14-010) 新增：22951 Microsoft VBScript 远程代码执行漏洞(CVE-2014-0271)(MS14-010) 新增：22952 Microsoft Internet Explorer内存破坏漏洞(CVE-2014-0276)(MS14-010) 新增：22954 Microsoft Internet Explorer内存破坏漏洞(CVE-2014-0273)(MS14-010) 新增：22955 Microsoft Internet Explorer内存破坏漏洞(CVE-2014-0283)(MS14-010) 新增：22956 Microsoft Internet Explorer内存破坏漏洞(CVE-2014-0284)(MS14-010) 新增：22957 Microsoft Internet Explorer内存破坏漏洞(CVE-2014-0285)(MS14-010) 新增：22958 Microsoft Internet Explorer内存破坏漏洞(CVE-2014-0287)(MS14-010) 新增：22959 Microsoft Internet Explorer内存破坏漏洞(CVE-2014-0288)(MS14-010) 新增：22960 Microsoft Internet Explorer内存破坏漏洞(CVE-2014-0289)(MS14-010) 新增：22961 Microsoft Internet Explorer内存破坏漏洞(CVE-2014-0286)(MS14-010) 新增：22962 Microsoft Internet Explorer内存破坏漏洞(CVE-2014-0278)(MS14-010) 新增：22963 Microsoft Internet Explorer内存破坏漏洞(CVE-2014-0279)(MS14-010) 新增：22964 Microsoft Internet Explorer内存破坏漏洞(CVE-2014-0281)(MS14-010) 新增：22965 Microsoft Internet Explorer内存破坏漏洞(CVE-2014-0322) 新增：30630 Microsoft XML Core Services信息泄露漏洞(CVE-2014-0266)(MS14-005) NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.78.After upgrade package is imported,engine will automatically restart. List of added or modified signatures: added：22946 Microsoft Internet Explorer Memory Corruption(CVE-2014-0277)(MS14-010) added：22947 Microsoft Internet Explorer Memory Corruption(CVE-2014-0290)(MS14-010) added：22948 Microsoft Internet Explorer Memory Corruption(CVE-2014-0274)(MS14-010) added：22949 Microsoft Internet Explorer Memory Corruption(CVE-2014-0275)(MS14-010) added：22951 Microsoft VBScript Remote Code Execution(CVE-2014-0271)(MS14-010) added：22952 Microsoft Internet Explorer Memory Corruption(CVE-2014-0276)(MS14-010) added：22954 Microsoft Internet Explorer Memory Corruption(CVE-2014-0273)(MS14-010) added：22955 Microsoft Internet Explorer Memory Corruption(CVE-2014-0283)(MS14-010) added：22956 Microsoft Internet Explorer Memory Corruption(CVE-2014-0284)(MS14-010) added：22957 Microsoft Internet Explorer Memory Corruption(CVE-2014-0285)(MS14-010) added：22958 Microsoft Internet Explorer Memory Corruption(CVE-2014-0287)(MS14-010) added：22959 Microsoft Internet Explorer Memory Corruption(CVE-2014-0288)(MS14-010) added：22960 Microsoft Internet Explorer Memory Corruption(CVE-2014-0289)(MS14-010) added：22961 Microsoft Internet Explorer Memory Corruption(CVE-2014-0286)(MS14-010) added：22962 Microsoft Internet Explorer Memory Corruption(CVE-2014-0278)(MS14-010) added：22963 Microsoft Internet Explorer Memory Corruption(CVE-2014-0279)(MS14-010) added：22964 Microsoft Internet Explorer Memory Corruption(CVE-2014-0281)(MS14-010) added：22965 Microsoft Internet Explorer Memory Corruption(CVE-2014-0322) added：30630 Microsoft XML Core Services Information Disclosure(CVE-2014-0266)(MS14-005)
发布时间：2014-02-17 18:32:09

名称： eoi.unify.rulepatch.5.6.7.426.rule	版本：5.6.7.426
MD5：4317247be258354aa8f1d6c0f958ca87	大小：9.96M
描述：绿盟科技NIDS/NIPS产品规则升级包，本升级包依赖引擎升级包5.6.7.78，升级包导入后引擎会自动重启。规则新增或更新列表: 修改: 22328 Intersil (Boa) HTTPd基本认证密码重置漏洞 NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.78.After upgrade package is imported,engine will automatically restart. List of added or modified signatures: Modified: 22328 Intersil (Boa) HTTPd Basic Authentication Password Reset Vulnerability
发布时间：2014-02-13 16:52:06

名称： eoi.unify.rulepatch.5.6.7.425.rule	版本：5.6.7.425
MD5：9468ac0fd192720bb50015b908f3357a	大小：9.97M
描述：绿盟科技NIDS/NIPS产品规则升级包，本升级包依赖引擎升级包5.6.7.78，升级包导入后引擎会自动重启。规则新增或更新列表: 新增: 22942 IBM Forms Viewer Unicode缓冲区溢出 NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.78.After upgrade package is imported,engine will automatically restart. List of added or modified signatures: Added: 22942 IBM Forms Viewer Unicode Buffer Overflow
发布时间：2014-02-06 21:13:15

名称： eoi.unify.rulepatch.5.6.7.424.rule	版本：5.6.7.424
MD5：f8e1e9e9735db5255d8a10fff2871476	大小：9.97M
描述：绿盟科技NIDS/NIPS产品规则升级包，本升级包依赖引擎升级包5.6.7.78，升级包导入后引擎会自动重启。规则新增或更新列表: 新增: 22943 vTiger CRM SOAP AddEmailAttachment二进制文件上传 NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.78.After upgrade package is imported,engine will automatically restart. List of added or modified signatures: Added: 22943 vTiger CRM SOAP AddEmailAttachment Arbitrary File Upload
发布时间：2014-01-30 12:06:33

名称： eoi.unify.rulepatch.5.6.7.423.rule	版本：5.6.7.423
MD5：2da2247f51360bfea438bc23b10069cd	大小：9.97M
描述：绿盟科技NIDS/NIPS产品规则升级包，本升级包依赖引擎升级包5.6.7.78，升级包导入后引擎会自动重启。规则新增或更新列表: 新增: 22945 IcoFX栈缓冲区溢出 NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.78.After upgrade package is imported,engine will automatically restart. List of added or modified signatures: Added: 22945 IcoFX Stack Buffer Overflow
发布时间：2014-01-23 17:56:15

名称： eoi.unify.rulepatch.5.6.7.422.rule	版本：5.6.7.422
MD5：a98fbe011ae797be27d057fdabaaf04a	大小：10.13M
描述：绿盟科技NIDS/NIPS产品规则升级包，本升级包依赖引擎升级包5.6.7.78，升级包导入后引擎会自动重启。规则新增或更新列表: 修改: 22525 Microsoft MPEG Layer-3 Audio Stack Based溢出漏洞 NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.78.After upgrade package is imported,engine will automatically restart. List of added or modified signatures: Modified: 22525 Microsoft MPEG Layer-3 Audio Stack Based Overflow Vulnerability
发布时间：2014-01-16 17:15:18

名称： eoi.unify.rulepatch.5.6.7.421.rule	版本：5.6.7.421
MD5：b4e1133ae0022a32cc3f5405ecb07ee7	大小：10.13M
描述：绿盟科技NIDS/NIPS产品规则升级包，本升级包依赖引擎升级包5.6.7.78，升级包导入后引擎会自动重启。规则新增或更新列表: 修改: 50083 Windows系统远程管理工具终端服务用户登录 NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.78.After upgrade package is imported,engine will automatically restart. List of added or modified signatures: Modified: 50083 Windows Remote Management Tool Terminal Service User Login
发布时间：2014-01-09 17:20:02

名称： eoi.unify.rulepatch.5.6.7.420.rule	版本：5.6.7.420
MD5：1a0e2e6e9aebd21234949e7ae596e119	大小：10.12M
描述：绿盟科技NIDS/NIPS产品规则升级包，本升级包依赖引擎升级包5.6.7.78，升级包导入后引擎会自动重启。规则新增或更新列表: 修改: 20802 IMAP服务器SUBSCRIBE命令超长参数远程缓冲区溢出攻击 NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.78.After upgrade package is imported,engine will automatically restart. List of added or modified signatures: Modified: 20802 IMAP Server SUBSCRIBE Command Over-Long Parameter Remote Buffer Overflow
发布时间：2014-01-02 17:59:58

名称： eoi.unify.rulepatch.5.6.7.419.rule	版本：5.6.7.419
MD5：734f4fb50d51c3378ad6b7da0eb32110	大小：7.78M
描述：绿盟科技NIDS/NIPS产品规则升级包，本升级包依赖引擎升级包5.6.7.78，升级包导入后引擎会自动重启。规则新增或更新列表: 新增: 22937 木马后门程序Alman Dropper通信新增: 22931 Oracle Application Server BPEL Module跨站脚本攻击新增: 22932 Microsoft Windows远程安装服务远程任意指令执行漏洞新增: 22936 JBoss企业应用平台非授权访问漏洞新增: 22616 Symantec Messaging Gateway任意文件下载漏洞修改: 50099 网络游戏平台中国游戏中心登录 NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.78.After upgrade package is imported,engine will automatically restart. List of added or modified signatures: Added: 22937 Trojan backdoor Alman Dropper communication Added: 22931 HTTP:Oracle Application Server BPEL Module Cross Site Scripting Added: 22932 Microsoft Windows远程安装服务远程任意指令执行漏洞 Added: 22936 JBoss Enterprise Application Platform Unauthorized Access Vulnerability Added: 22616 Symantec Messaging Gateway Arbitrary Files Download Loopholes Modified: 50099 Online Game Platform "chinagames.net" Login
发布时间：2013-12-26 17:11:36

名称： eoi.unify.rulepatch.5.6.7.418.rule	版本：5.6.7.418
MD5：424f8125b4b99fed488deca798528f6d	大小：10.01M
描述：绿盟科技NIDS/NIPS产品规则升级包，本升级包依赖引擎升级包5.6.7.78，升级包导入后引擎会自动重启。规则新增或更新列表: 新增: 22928 Microsoft Scripting Runtime Object Library释放后重利用漏洞(CVE-2013-5056)(MS13-099) 新增: 22927 Internet Explorer内存破坏漏洞(CVE-2013-5049)(MS13-097) 新增: 22926 Internet Explorer内存破坏漏洞(CVE-2013-5051)(MS13-097) 新增: 22925 Internet Explorer内存破坏漏洞(CVE-2013-5048)(MS13-097) NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.78.After upgrade package is imported,engine will automatically restart. List of added or modified signatures: Added: 22928 Microsoft Scripting Runtime Object Library Use After Free (CVE-2013-5056)(MS13-099) Added: 22927 Internet Explorer Memory Corruption (CVE-2013-5049)(MS13-097) Added: 22926 Internet Explorer Memory Corruption(CVE-2013-5051)(MS13-097) Added: 22925 Internet Explorer Memory Corruption (CVE-2013-5048)(MS13-097)
发布时间：2013-12-19 15:53:14

名称： eoi.unify.rulepatch.5.6.7.417.rule	版本：5.6.7.417
MD5：ed853fdb611e2bcdd09f6fa1ab55a9f3	大小：9.73M
描述：绿盟科技NIDS/NIPS产品规则升级包，本升级包依赖引擎升级包5.6.7.78，升级包导入后引擎会自动重启。规则新增或更新列表: 新增: 22918 Beetel Connection Manager NetConfig.ini缓冲区溢出新增: 22916 DesktopCentral AgentLogUpload二进制文件上传新增: 22917 ProcessMaker开源代码认证PHP代码执行新增: 22919 Moodle远程命令执行新增: 22920 EMC Replication Manager远程命令执行漏洞新增: 22685 EMC AlphaStor DCP缓冲区溢出漏洞 NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.78.After upgrade package is imported,engine will automatically restart. List of added or modified signatures: Added: 22918 Beetel Connection Manager NetConfig.ini Buffer Overflow Added: 22916 DesktopCentral AgentLogUpload Arbitrary File Upload Added: 22917 ProcessMaker Open Source Authenticated PHP Code Execution Added: 22919 Moodle Remote Command Execution Added: 22920 EMC Replication Manager Command Execution Added: 22685 EMC AlphaStor DCP Buffer overflow
发布时间：2013-12-12 18:01:51

名称： eoi.unify.rulepatch.5.6.7.416.rule	版本：5.6.7.416
MD5：43192730fafb1af1b750d7bd5be41eab	大小：9.69M
描述：绿盟科技NIDS/NIPS产品规则升级包，本升级包依赖引擎升级包5.6.7.74，升级包导入后引擎会自动重启。规则新增或更新列表: 修改: 22353 Citect SCADA ODBC服务器远程栈溢出漏洞 NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.74.After upgrade package is imported,engine will automatically restart. List of added or modified signatures： Modified: 22353 Citect SCADA ODBC Server Remote Stack Overflow Vulnerability Vulnerability
发布时间：2013-12-05 17:18:37

名称： eoi.unify.rulepatch.5.6.7.415.rule	版本：5.6.7.415
MD5：b1c679d98b5713ab9ff869633d3eff11	大小：9.69M
描述：绿盟科技NIDS/NIPS产品规则升级包，本升级包依赖引擎升级包5.6.7.74，升级包导入后引擎会自动重启。规则新增或更新列表: 添加: 22915 Microsoft Windows Kernel权限提升漏洞利用攻击(CVE-2013-5065) NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.74.After upgrade package is imported,engine will automatically restart. List of added or modified signatures： Added: 22915 Microsoft Windows Kernel Elevated Privileges Exploit (CVE-2013-5065)
发布时间：2013-11-29 09:36:06

名称： eoi.unify.rulepatch.5.6.7.414.rule	版本：5.6.7.414
MD5：f3965b24d07cbdae1e638acf2f96e507	大小：10.14M
描述：绿盟科技NIDS/NIPS产品规则升级包，本升级包依赖引擎升级包5.6.7.74，升级包导入后引擎会自动重启。规则新增或更新列表: 修改: 22918 Microsoft IE信息泄露漏洞(CVE-2013-3908)(MS13-088) NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.74.After upgrade package is imported,engine will automatically restart. List of added or modified signatures： Modified: 22918 Microsoft IE Information Disclosure (CVE-2013-3908)(MS13-088)
发布时间：2013-11-28 15:14:42

名称： eoi.unify.rulepatch.5.6.7.413.rule	版本：5.6.7.413
MD5：020a6f1e2ac504376fba094810f7cba8	大小：9.96M
描述：绿盟科技NIDS/NIPS产品规则升级包，本升级包依赖引擎升级包5.6.7.74，升级包导入后引擎会自动重启。规则新增或更新列表: 新增：22909 Microsoft IE ActiveX控件远程代码执行漏洞(CVE-2013-3918) 修改：41019 Hop-by-Hop Options Header 检测 NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.74.After upgrade package is imported,engine will automatically restart. List of added or modified signatures： Added: 22909 Microsoft IE ActiveX Control Remote Code Execution(CVE-2013-3918) Modified: 41019 Hop-by-Hop Options Header Check
发布时间：2013-11-21 18:25:13

名称： eoi.unify.rulepatch.5.6.7.412.rule	版本：5.6.7.412
MD5：e2ef416c1389457c84f9e90d2dc66387	大小：9.96M
描述：绿盟科技NIDS/NIPS产品规则升级包，本升级包依赖引擎升级包5.6.7.74，升级包导入后引擎会自动重启。规则新增或更新列表: 新增: 22911 Microsoft IE内存破坏漏洞(CVE-2013-3911)(MS13-088) 新增: 22915 Microsoft IE内存破坏漏洞(CVE-2013-3914)(MS13-088) 新增: 22917 Microsoft IE内存破坏漏洞(CVE-2013-3917)(MS13-088) 新增: 22914 Microsoft IE内存破坏漏洞(CVE-2013-3910)(MS13-088) 新增: 22916 Microsoft IE内存破坏漏洞(CVE-2013-3915)(MS13-088) 新增: 22912 Microsoft IE内存破坏漏洞(CVE-2013-3912)(MS13-088) 新增: 22918 Microsoft IE信息泄露漏洞(CVE-2013-3908)(MS13-088) 新增: 22909 Microsoft IE ActiveX控件远程代码执行漏洞(CVE-2013-3918) 新增: 10363 ACK-Flood拒绝服务攻击新增: 22910 Microsoft IE内存破坏漏洞(CVE-2013-3916)(MS13-088) 新增: 22902 OpenMediaVault Cron远程命令执行新增: 22904 vTigerCRM v5.4.0/v5.3.0认证远程代码执行新增: 22900 Open Flash Chart v2任意文件上传新增: 22907 WebTester 5.x命令执行新增: 22908 Microsoft Graphics组件远程代码执行漏洞(CVE-2013-3906) NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.74.After upgrade package is imported,engine will automatically restart. List of added or modified signatures: Added: 22911 Microsoft IE Memory Corruption(CVE-2013-3911)(MS13-088) Added: 22915 Microsoft IE Memory Corruption(CVE-2013-3914)(MS13-088) Added: 22917 Microsoft IE Memory Corruption(CVE-2013-3917)(MS13-088) Added: 22914 Microsoft IE Memory Corruption(CVE-2013-3910)(MS13-088) Added: 22916 Microsoft IE Memory Corruption(CVE-2013-3915)(MS13-088) Added: 22912 Microsoft IE Memory Corruption(CVE-2013-3912)(MS13-088) Added: 22918 Microsoft IE Information Disclosure (CVE-2013-3908)(MS13-088) Added: 22909 Microsoft IE ActiveX Control Remote Code Execution(CVE-2013-3918) Added: 10363 ACK-Flood Denial of Service Attacks Added: 22910 Microsoft IE Memory Corruption(CVE-2013-3916)(MS13-088) Added: 22902 OpenMediaVault Cron Remote Command Execution Added: 22904 vTigerCRM v5.4.0\v5.3.0 Authenticated Remote Code Execution Added: 22900 Open Flash Chart v2 Arbitrary File Upload Added: 22907 WebTester 5.x Command Execution Added: 22908 Microsoft Graphics Component Could Allow Remote Code Execution(CVE-2013-3906)
发布时间：2013-11-13 18:02:47

名称： eoi.unify.rulepatch.5.6.7.410.rule	版本：5.6.7.410
MD5：b66f8b7ed490e7061fde795073aa3c97	大小：9.77M
描述：绿盟科技NIDS/NIPS产品规则升级包，本升级包依赖引擎升级包5.6.7.74，升级包导入后引擎会自动重启。规则新增或更新列表: 新增: 22908 Microsoft Graphics组件远程代码执行漏洞(CVE-2013-3906) 新增: 41071 木马后门程序DarkComet通信新增: 22894 OpenEMR 4.1.1 Patch 14 SQL注入权限提升和远程代码执行新增: 22249 PHP-CGI远程源码泄露和任意代码执行漏洞 NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.74.After upgrade package is imported,engine will automatically restart. List of added or modified signatures: Added: 22908 Microsoft Graphics Component Could Allow Remote Code Execution(CVE-2013-3906) Added: 41071 Trojan backdoor DarkComet communication Added: 22894 OpenEMR 4.1.1 Patch 14 SQLi Privilege Escalation Remote Code Execution Added: 22249 PHP-CGI Remote Source Disclosure And Arbitrary Code Execution Vulnerability
发布时间：2013-11-07 15:46:34

名称： eoi.unify.rulepatch.5.6.7.409.rule	版本：5.6.7.409
MD5：2e5a0c5425dee271749544d2d32a8574	大小：9.76M
描述：绿盟科技NIDS/NIPS产品规则升级包，本升级包依赖引擎升级包5.6.7.74，升级包导入后引擎会自动重启。规则新增或更新列表: 新增: 22894 OpenEMR 4.1.1 Patch 14 SQL注入权限提升和远程代码执行新增: 22896 Astium远程命令执行新增: 22895 D-Link设备UPnP SOAP Telnetd命令执行新增: 30627 vBulletin管理员账户创建新增: 22893 Raidsonic NAS设备未经认证远程命令执行新增: 22897 ClipBucket远程命令执行新增: 22892 Zabbix 2.0.8 SQL注入和远程代码执行修改: 22249 PHP-CGI远程源码泄露和任意代码执行漏洞 NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.74.After upgrade package is imported,engine will automatically restart. List of added or modified signatures: Added: 22894 OpenEMR 4.1.1 Patch 14 SQLi Privilege Escalation Remote Code Execution Added: 22896 Astium Remote Code Execution Added: 22895 D-Link Devices UPnP SOAP Telnetd Command Execution Added: 30627 vBulletin Administrator Account Creation Added: 22893 Raidsonic NAS Devices Unauthenticated Remote Command Execution Added: 22897 ClipBucket Remote Code Execution Added: 22892 Zabbix 2.0.8 SQL Injection and Remote Code Execution Modified: 22249 PHP-CGI Remote Source Disclosure And Arbitrary Code Execution Vulnerability
发布时间：2013-11-07 15:46:39

名称： eoi.unify.rulepatch.5.6.7.408.rule	版本：5.6.7.408
MD5：f1817340fe0d40932ffe277069e82a89	大小：9.80M
描述：绿盟科技NIDS/NIPS产品规则升级包，本升级包依赖引擎升级包5.6.7.74，升级包导入后引擎会自动重启。规则新增或更新列表: 新增：22886 Western Digital Arkeia远程代码执行新增：22891 ZeroShell远程代码执行新增：22890 D-Link路由器User-Agent后门漏洞修改: 22621 Oracle Java 7 JmxMBeanServer类远程代码执行漏洞修改: 20972 Windows Server服务RPC请求缓冲区溢出攻击(MS08-067) 修改: 20845 HTTP协议URL字段超长缓冲区溢出攻击 NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.74.After upgrade package is imported,engine will automatically restart. List of added or modified signatures: Add: 22886 Western Digital Arkeia Remote Code Execution Add: 22891 ZeroShell Remote Code Execution Add: 22890 D-Link Router User-Agent Backdoor Vulnerability Modified: 22621 Oracle Java 7 JmxMBeanServer Remote Code Execution Modified: 20972 Microsoft Windows Server Service RPC Handling Remote Code Execution Attack(MS08-067) Modified: 20845 HTTP Protocol Over-Long URL Field Buffer Overflow
发布时间：2013-10-31 14:12:01

名称： eoi.unify.rulepatch.5.6.7.407.rule	版本：5.6.7.407
MD5：e8d6436f70f23311a913023f3e5a4f4a	大小：9.99M
描述：绿盟科技NIDS/NIPS产品规则升级包，本升级包依赖引擎升级包5.6.7.74，升级包导入后引擎会自动重启。规则新增或更新列表: 新增: 22880 Nodejs js-yaml load()代码执行新增: 22882 Linksys WRT110远程命令执行新增: 22883 GestioIP远程命令执行修改: 50099 网络游戏平台中国游戏中心登录 NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.74.After upgrade package is imported,engine will automatically restart. List of added or modified signatures: Added: 22880 Nodejs js-yaml load() Code Execution Added: 22882 Linksys WRT110 Remote Command Execution Added: 22883 GestioIP Remote Command Execution Modified: 50099 Online Game Platform "chinagames.net" Login
发布时间：2013-10-24 19:16:03

名称： eoi.unify.rulepatch.5.6.7.406.rule	版本：5.6.7.406
MD5：694f3d7d7aa96d5460834a3508425632	大小：9.99M
描述：绿盟科技NIDS/NIPS产品规则升级包，本升级包依赖引擎升级包5.6.7.74，升级包导入后引擎会自动重启。规则新增或更新列表: 新增: 22872 Microsoft Internet Explorer内存破坏漏洞(CVE-2013-3885)(MS13-080) 新增: 22873 Microsoft SharePoint单击劫持漏洞(CVE-2013-3895)(MS13-084) 新增: 22875 Microsoft Internet Explorer内存破坏漏洞(CVE-2013-3897)(MS13-080) 新增: 22878 Microsoft Internet Explorer内存破坏漏洞(CVE-2013-3874)(MS13-080) 新增: 22876 Microsoft Internet Explorer内存破坏漏洞(CVE-2013-3871)(MS13-080) 新增: 22877 Microsoft Internet Explorer内存破坏漏洞(CVE-2013-3886)(MS13-080) 新增: 22870 Microsoft Internet Explorer内存破坏漏洞(CVE-2013-3875)(MS13-080) 新增: 22871 Microsoft Internet Explorer内存破坏漏洞(CVE-2013-3873)(MS13-080) 修改: 29002 Web服务远程跨站脚本执行攻击 NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.74.After upgrade package is imported,engine will automatically restart. List of added or modified signatures: Added: 22872 Microsoft Internet Explorer Memory Corruption (CVE-2013-3885)(MS13-080) Added: 22873 Microsoft SharePoint Click Hijack Vulneribilty (CVE-2013-3895)(MS13-084) Added: 22875 Microsoft Internet Explorer Memory Corruption (CVE-2013-3897)(MS13-080) Added: 22878 Microsoft Internet Explorer Memory Corruption (CVE-2013-3874)(MS13-080) Added: 22876 Microsoft Internet Explorer Memory Corruption (CVE-2013-3871)(MS13-080) Added: 22877 Microsoft Internet Explorer Memory Corruption (CVE-2013-3886)(MS13-080) Added: 22870 Microsoft Internet Explorer Memory Corruption (CVE-2013-3875)(MS13-080) Added: 22871 Microsoft Internet Explorer Memory Corruption (CVE-2013-3873)(MS13-080) Modified: 29002 Web Service Remote Cross-Site Scripting
发布时间：2013-10-17 18:22:15

名称： eoi.unify.rulepatch.5.6.7.404.rule	版本：5.6.7.404
MD5：8c45b33132175c1953a0ae0f10b4be7d	大小：9.98M
描述：绿盟科技NIDS/NIPS产品规则升级包，本升级包依赖引擎升级包5.6.7.74，升级包导入后引擎会自动重启。规则新增或更新列表: 修改: 29002 Web服务远程跨站脚本执行攻击修改: 50099 网络游戏平台中国游戏中心登录 NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.74.After upgrade package is imported,engine will automatically restart. List of added or modified signatures: Modified: 29002 Web Service Remote Cross-Site Scripting Modified: 50099 Online Game Platform "chinagames.net" Login
发布时间：2013-10-10 18:49:18

名称： eoi.unify.rulepatch.5.6.7.403.rule	版本：5.6.7.403
MD5：5a28ef0a6edc19bb6e748d32a6bbb16f	大小：9.99M
描述：绿盟科技NIDS/NIPS产品规则升级包，本升级包依赖引擎升级包5.6.7.74，升级包导入后引擎会自动重启。规则新增或更新列表: 修改: 21175 Microsoft Windows "CreateSizedDIBSECTION()"缩略视图栈缓冲区溢出漏洞修改: 29002 Web服务远程跨站脚本执行攻击 SFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.74.After upgrade package is imported,engine will automatically restart. List of added or modified signatures: Modified: 21175 Microsoft Windows 'CreateSizedDIBSECTION()' Thumbnail View Stack Buffer Overflow Vulnerability Modified: 29002 Web Service Remote Cross-Site Scripting
发布时间：2013-10-03 17:32:18

名称： eoi.unify.rulepatch.5.6.7.402.rule	版本：5.6.7.402
MD5：67cd1e2d5d7006b2c6dbc7ffe3017503	大小：9.97M
描述：绿盟科技NIDS/NIPS产品规则升级包，本升级包依赖引擎升级包5.6.7.74，升级包导入后引擎会自动重启。规则新增或更新列表: 新增: 22869 Microsoft Internet Explorer MSHTML 远程代码执行漏洞 (CVE-2013-3893) 新增: 22864 Microsoft SharePoint跨站脚本执行漏洞(CVE-2013-3180)(MS13-067) 新增: 22868 Mozilla Firefox/Thunderbird/SeaMonkey XMLSerializer释放后重用远程代码执行漏洞（CVE-2013-0753）新增: 22867 HP LoadRunner远程代码执行漏洞 (CVE-2013-4798) 新增: 22861 Microsoft Internet Explorer内存破坏漏洞(CVE-2013-3209)(MS13-069) 新增: 22866 Microsoft IE CFlatMarkupPointer释放后重用漏洞(MS13-059 ) 新增: 22862 Microsoft Internet Explorer内存破坏漏洞(CVE-2013-3206)(MS13-069) 新增: 22865 Microsoft IE CAnchorElement释放后重用漏洞(MS13-055) 新增: 22856 Microsoft Internet Explorer内存破坏漏洞(CVE-2013-3205)(MS13-069) 新增: 22860 Microsoft Internet Explorer内存破坏漏洞(CVE-2013-3845)(MS13-069) 新增: 22863 Microsoft Internet Explorer内存破坏漏洞(CVE-2013-3203)(MS13-069) 新增: 30625 Microsoft FrontPage信息泄露漏洞(CVE-2013-3137)(MS13-078) 新增: 30626 GE Proficy CIMPLICITY目录遍历和远程命令执行漏洞新增: 22854 D-Link设备未经身份验证的缓冲区溢出漏洞新增: 22855 D-Link设备认证远程命令执行新增: 22858 HP StorageWorks P4000虚拟SAN应用登陆缓冲区溢出攻击新增: 22859 SPIP connect参数PHP脚本命令注入 NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.74.After upgrade package is imported,engine will automatically restart. List of added or modified signatures: Added: 22869 Microsoft Internet Explorer MSHTML Remote Code Execution Vulnerability (CVE-2013-3893) Added: 22864 Microsoft SharePoint Cross Site Script (CVE-2013-3180)(MS13-067) Added: 22868 Firefox XMLSerializer Use After Free Added: 22867 HP LoadRunner lrFileIOService ActiveX WriteFileString Remote Code Execution Added: 22861 Microsoft Internet Explorer Memory Corruption (CVE-2013-3209)(MS13-069) Added: 22866 Microsoft Internet Explorer CFlatMarkupPointer Use-After-Free(MS13-059) Added: 22862 Microsoft Internet Explorer Memory Corruption (CVE-2013-3206)(MS13-069) Added: 22865 Microsoft Internet Explorer CAnchorElement Use-After-Free(MS13-055) Added: 22856 Microsoft Internet Explorer Memory Corruption (CVE-2013-3205)(MS13-069) Added: 22860 Microsoft Internet Explorer Memory Corruption (CVE-2013-3845)(MS13-069) Added: 22863 Microsoft Internet Explorer Memory Corruption (CVE-2013-3203)(MS13-069) Added: 30625 Microsoft FrontPage Information Disclosure(CVE-2013-3137)(MS13-078) Added: 30626 GE Proficy Cimplicity WebView substitute.bcl Directory Traversal Added: 22854 D-Link Devices Unauthenticated Remote Command Execution Added: 22855 D-Link Devices Authenticated Remote Command Execution Added: 22858 HP StorageWorks P4000 Virtual SAN Appliance Login Buffer Overflow Added: 22859 SPIP connect Parameter PHP Injection
发布时间：2013-09-27 12:00:25

名称： eoi.unify.rulepatch.5.6.7.401.rule	版本：5.6.7.401
MD5：06ea356dc46973bc80f52a26791e133f	大小：9.97M
描述：绿盟科技NIDS/NIPS产品规则升级包，本升级包依赖引擎升级包5.6.7.74，升级包导入后引擎会自动重启。规则新增或更新列表: 新增: 22858 HP StorageWorks P4000虚拟SAN应用登陆缓冲区溢出攻击新增: 22855 D-Link设备认证远程命令执行新增: 22854 D-Link设备未经身份验证的缓冲区溢出漏洞新增: 22859 SPIP connect参数PHP脚本命令注入新增: 22849 Oracle Endeca服务器远程命令执行新增: 22848 Microsoft Internet Explorer 内存泄漏漏洞 (CVE-2013-3207)(MS13-069) 新增: 22846 Microsoft Internet Explorer 内存泄漏漏洞 (CVE-2013-3202)(MS13-069) 新增: 22850 Graphite Web不安全的Pickle处理新增: 10362 Microsoft SharePoint 拒接服务漏洞 (CVE-2013-0081)(MS13-067) 新增: 22845 Microsoft Internet Explorer 内存泄漏漏洞 (CVE-2013-3204 )(MS13-069) 新增: 22847 Microsoft Internet Explorer 内存泄漏漏洞 (CVE-2013-3208)(MS13-069) 新增: 22869 Microsoft Internet Explorer MSHTML 远程代码执行漏洞 (CVE-2013-3893) 修改: 40688 ARP协议MAC地址欺骗攻击 NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.74.After upgrade package is imported,engine will automatically restart. List of added or modified signatures: Added: 22858 HP StorageWorks P4000 Virtual SAN Appliance Login Buffer Overflow Added: 22855 D-Link Devices Authenticated Remote Command Execution Added: 22854 D-Link Devices Unauthenticated Remote Command Execution Added: 22859 SPIP connect Parameter PHP Injection Added: 22849 Oracle Endeca Server Remote Command Execution Added: 22848 Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2013-3207)(MS13-069) Added: 22846 Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2013-3202)(MS13-069) Added: 22850 Graphite Web Unsafe Pickle Handling Added: 10362 Microsoft SharePoint Denial of Service Vulnerability (CVE-2013-0081)(MS13-067) Added: 22845 Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2013-3204 )(MS13-069) Added: 22847 Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2013-3208)(MS13-069) Added: 22869 Microsoft Internet Explorer MSHTML Remote Code Execution Vulnerability (CVE-2013-3893) Modified: 40688 ARP Protocl MAC Address Spoofing
发布时间：2013-09-18 17:50:32

名称： eoi.unify.rulepatch.5.6.7.400.rule	版本：5.6.7.400
MD5：46aacd78e3e572796b642ef6e6661530	大小：9.95M
描述：绿盟科技NIDS/NIPS产品规则升级包，本升级包依赖引擎升级包5.6.7.74，升级包导入后引擎会自动重启。规则新增或更新列表: 修改: 21517 IBM WebSphere Application Server跨站脚本漏洞修改: 21616 Squid NTLM Authentication Password溢出漏洞修改: 22802 Apache Tomcat mod_jk二进制代码执行攻击修改: 50099 网络游戏平台中国游戏中心登录 NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.74.After upgrade package is imported,engine will automatically restart. List of added or modified signatures: Modified: 21517 IBM WebSphere Application Server Cross-Site Scripting Vulnerability Modified: 21616 Squid NTLM Authentication Password Overflow Vulnerability Modified: 22802 Apache Tomcat mod_jk Arbitrary Code Execution Modified: 50099 Online Game Platform "chinagames.net" Login
发布时间：2013-09-12 17:59:44

名称： eoi.unify.rulepatch.5.6.7.329.rule	版本：5.6.7.329
MD5：9bf590d0503970ec5b1c0a034184d72e	大小：9.96M
描述：绿盟科技NIDS/NIPS产品规则升级包，本升级包依赖引擎升级包5.6.7.74，升级包导入后引擎会自动重启。规则新增或更新列表: 修改: 21456 BEA WebLogic JSESSIONID Cookie值溢出漏洞修改: 21517 IBM WebSphere Application Server跨站脚本漏洞 NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.74.After upgrade package is imported,engine will automatically restart. List of added or modified signatures: Modified: 21456 BEA WebLogic JSESSIONID Cookie Value Overflow Vulnerability Modified: 21517 IBM WebSphere Application Server Cross-Site Scripting Vulnerability
发布时间：2013-09-05 15:55:56

名称： eoi.unify.rulepatch.5.6.7.328.rule	版本：5.6.7.328
MD5：dc43f188c3d2fd157b8888bcdbe4355d	大小：9.33M
描述：绿盟科技NIDS/NIPS产品规则升级包，本升级包依赖引擎升级包5.6.7.74，升级包导入后引擎会自动重启。规则新增或更新列表: 新增: 22834 Exodesk PHP桌面平台faq.php id参数SQL注入(FullAspSite) 修改: 40479 木马后门程序Bigorna木马通信 NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.74.After upgrade package is imported,engine will automatically restart. List of added or modified signatures: Added: 22834 Exodesk PHP Desk faq.php id Parameter SQL Injection (FullAspSite) Modified: 40479 Backdoor/Trojan Bigorna Communication
发布时间：2013-08-29 19:00:00

名称： eoi.unify.rulepatch.5.6.7.327.rule	版本：5.6.7.327
MD5：49fc2a1b8406872e4b15aad4ccfedcf8	大小：9.96M
描述：绿盟科技NIDS/NIPS产品规则升级包，本升级包依赖引擎升级包5.6.7.74，升级包导入后引擎会自动重启。规则新增或更新列表: 新增: 22839 Microsoft Internet Explorer 内存泄漏漏洞 (CVE-2013-3191)(MS13-059) 新增: 22837 Microsoft Internet Explorer 内存泄漏漏洞 (CVE-2013-3188) (MS13-059) 新增: 22838 Microsoft Internet Explorer 内存泄漏漏洞 (CVE-2013-3189)(MS13-059) 新增: 22842 Microsoft Internet Explorer 内存泄漏漏洞 (CVE-2013-3199)(MS13-059) 新增: 22840 Microsoft Internet Explorer 内存泄漏漏洞 (CVE-2013-3193) (MS13-059) 新增: 22841 Microsoft Internet Explorer 内存泄漏漏洞 (CVE-2013-3194)(MS13-059) 新增: 22835 Microsoft Internet Explorer 内存泄漏漏洞 (CVE-2013-3184)(MS13-059 ) 修改: 50099 网络游戏平台中国游戏中心登录 NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.74.After upgrade package is imported,engine will automatically restart. List of added or modified signatures: Added: 22839 Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2013-3191)(MS13-059) Added: 22837 Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2013-3188)(MS13-059) Added: 22838 Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2013-3189)(MS13-059) Added: 22842 Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2013-3199)(MS13-059) Added: 22840 Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2013-3193)(MS13-059) Added: 22841 Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2013-3194)(MS13-059) Added: 22835 Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2013-3184)(MS13-059 ) Modified: 50099 Online Game Platform "chinagames.net" Login
发布时间：2013-08-22 19:09:07

名称： eoi.unify.rulepatch.5.6.7.326.rule	版本：5.6.7.326
MD5：b540f7dd3740c6afa71df4a29182184a	大小：9.97M
描述：绿盟科技NIDS/NIPS产品规则升级包，本升级包依赖引擎升级包5.6.7.74，升级包导入后引擎会自动重启。规则新增或更新列表: 新增: 22831 Firefox 17 JavaScript 远程代码执行漏洞修改: 50099 网络游戏平台中国游戏中心登录 NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.74.After upgrade package is imported,engine will automatically restart. List of added or modified signatures: Added: 22831 Firefox 17 JavaScript Remote Code Execution Modified: 50099 Online Game Platform "chinagames.net" Login
发布时间：2013-08-15 17:49:46

名称： eoi.unify.rulepatch.5.6.7.325.rule	版本：5.6.7.325
MD5：2915f1fb842e7ddd72eb7f732e9e2e5e	大小：9.83M
描述：绿盟科技NIDS/NIPS产品规则升级包，本升级包依赖引擎升级包5.6.7.74，升级包导入后引擎会自动重启。规则新增或更新列表: 新增: 22797 Apple Quicktime 7无效Atom长度缓冲区溢出攻击新增: 22799 D-Link Devices UPnP SOAP命令注入新增: 22798 HP Managed Printing Administration jobAcct远程命令执行修改: 50099 网络游戏平台中国游戏中心登录 NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.74.After upgrade package is imported,engine will automatically restart. List of added or modified signatures: Added: 22797 Apple Quicktime 7 Invalid Atom Length Buffer Overflow Added: 22799 D-Link Devices UPnP SOAP Command Execution Added: 22798 HP Managed Printing Administration jobAcct Remote Command Execution Modified: 50099 Online Game Platform "chinagames.net" Login
发布时间：2013-08-08 15:55:37

名称： eoi.unify.rulepatch.5.6.7.324.rule	版本：5.6.7.324
MD5：a276e152c9fee676ff60229cd0bd5552	大小：9.83M
描述：绿盟科技NIDS/NIPS产品规则升级包，本升级包依赖引擎升级包5.6.7.74，升级包导入后引擎会自动重启。规则新增或更新列表: 新增: 10352 WordPress crypt_private()远程拒绝服务漏洞新增: 22788 Microsoft Internet Explorer 内存破坏漏洞 (CVE-2013-3146)(MS13-055) 新增: 22791 Microsoft Internet Explorer 内存破环漏洞 (CVE-2013-3150)(MS13-055) 修改: 50099 网络游戏平台中国游戏中心登录 NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.74.After upgrade package is imported,engine will automatically restart. List of added or modified signatures: Added: 10352 WordPress crypt_private() Remote DoS Vulnerability Added: 22788 Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2013-3146)(MS13-055) Added: 22791 Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2013-3150)(MS13-055) Modified: 50099 Online Game Platform "chinagames.net" Login
发布时间：2013-08-01 16:07:43

名称： eoi.unify.rulepatch.5.6.7.323.rule	版本：5.6.7.323
MD5：00160956f66fd846a57cb50cab9c6e35	大小：9.82M
描述：绿盟科技NIDS/NIPS产品规则升级包，本升级包依赖引擎升级包5.6.7.74，升级包导入后引擎会自动重启。规则新增或更新列表: 新增: 30614 多款Canon打印机远程信息泄露漏洞(CVE-2013-4614) 新增: 22795 ZPanel 10.0.0.2 htpasswd模块用户名命令注入漏洞新增: 22794 LibrettoCMS文件管理器二进制文件上传漏洞新增: 22793 Havalite CMS二进制文件上传漏洞修改: 50054 TELNET服务用户执行su命令 NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.74.After upgrade package is imported,engine will automatically restart. List of added or modified signatures: Added: 30614 Canon Printer Wireless Configuration Disclosure Added: 22795 ZPanel 10.0.0.2 htpasswd Module Username Command Execution Added: 22794 LibrettoCMS File Manager Arbitary File Upload Vulnerability Added: 22793 Havalite CMS Arbitary File Upload Vulnerability Modified: 50054 su Command Execution in TELNET Service
发布时间：2013-07-25 17:52:00

名称： eoi.unify.rulepatch.5.6.7.322.rule	版本：5.6.7.322
MD5：8eaab4b6c8ff138568620aec4b3d93f0	大小：9.82M
描述：绿盟科技NIDS/NIPS产品规则升级包，本升级包依赖引擎升级包5.6.7.74，升级包导入后引擎会自动重启。规则新增或更新列表: 修改: 22796 Apache Struts远程代码执行漏洞 (CVE-2013-2251) NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.74.After upgrade package is imported,engine will automatically restart. List of added or modified signatures: Modified: 22796 Apache Struts Remote Code Execution(CVE-2013-2251)
发布时间：2013-07-19 19:14:51

名称： eoi.unify.rulepatch.5.6.7.319.rule	版本：5.6.7.319
MD5：f5cc44f79c4e219c097eb3a4f4adb9bc	大小：9.79M
描述：绿盟科技NIDS/NIPS产品规则升级包，本升级包依赖引擎升级包5.6.7.74，升级包导入后引擎会自动重启。规则新增或更新列表: 新增：22769 Microsoft Internet Explorer 内存破坏漏洞(CVE-2013-3119)(MS13-047) 新增：22771 Microsoft Internet Explorer 内存破坏漏洞(CVE-2013-3123)(MS13-047) 新增：22772 Microsoft Internet Explorer 内存破坏漏洞(CVE-2013-3139)(MS13-047) 新增：22770 Microsoft Internet Explorer 内存破坏漏洞(CVE-2013-3121)(MS13-047) NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.74.After upgrade package is imported,engine will automatically restart. List of added or modified signatures: Added: 22769 Microsoft Internet Explorer Memory Corruption Vulnerability(CVE-2013-3119)(MS13-047) Added: 22771 Microsoft Internet Explorer Memory Corruption Vulnerability(CVE-2013-3123)(MS13-047) Added: 22772 Microsoft Internet Explorer Memory Corruption Vulnerability(CVE-2013-3139)(MS13-047) Added: 22770 Microsoft Internet Explorer Memory Corruption Vulnerability(CVE-2013-3121)(MS13-047)
发布时间：2013-07-11 17:55:11

名称： eoi.unify.rulepatch.5.6.7.318.rule	版本：5.6.7.318
MD5：f09cd33d34fb7c88926e25e5f8122fe0	大小：8.47M
描述：绿盟科技NIDS/NIPS产品规则升级包，本升级包依赖引擎升级包5.6.7.67，升级包导入后引擎会自动重启。规则新增或更新列表: 新增: 22733 IBM SPSS SamplePower c1sizer ActiveX控件缓冲区溢出漏洞(CVE-2012-5946) 新增: 22764 Microsoft Internet Explorer 内存破坏漏洞(CVE-2013-3116)(MS13-047) 新增: 22759 Microsoft Internet Explorer 内存破坏漏洞(CVE-2013-3117)(MS13-047) 新增: 22768 Microsoft Internet Explorer 内存破坏漏洞(CVE-2013-3118)(MS13-047) 新增: 22763 Microsoft Internet Explorer 内存破坏漏洞(CVE-2013-3111)(MS13-047) 新增: 22757 Lianja SQL Server 'db_netserver' 远程栈缓冲区溢出漏洞(CVE-2013-3563) 新增: 22762 SevOne网络性能管理应用程序暴力猜测新增: 10345 MiniUPnP SSDP处理程序ProcessSSDPRequest函数拒绝服务漏洞修改: 50054 TELNET服务用户执行su命令 NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.67.After upgrade package is imported,engine will automatically restart. List of added or modified signatures: Added: 22733 IBM SPSS SamplePower C1Tab ActiveX Heap Overflow Added: 22764 Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2013-3116)(MS13-047) Added: 22759 Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2013-3117)(MS13-047) Added: 22768 Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2013-3118)(MS13-047) Added: 22763 Microsoft Internet Explorer Memory Corruption Vulnerability(CVE-2013-3111)(MS13-047) Added: 22757 Lianja SQL 1.0.0RC5.1 db_netserver Stack Buffer Overflow Added: 22762 SevOne Network Performance Management Application Brute Force Login Utility Added: 10345 MiniUPnPd 1.4 Denial of Service (DoS) Exploit Modified: 50054 su Command Execution in TELNET Service
发布时间：2013-07-04 15:59:28

名称： eoi.unify.rulepatch.5.6.7.317.rule	版本：5.6.7.317
MD5：a3ca02b359d77f140cbd8a4d38b71136	大小：9.52M
描述：绿盟科技NIDS/NIPS产品规则升级包，本升级包依赖引擎升级包5.6.7.67，升级包导入后引擎会自动重启。规则新增或更新列表: 新增：22758 Microsoft Internet Explorer 内存破坏漏洞(CVE-2013-3110)(MS13-047) 修改：10051 Microsoft SQL Server 2000 Resolution服务远程堆破坏拒绝服务攻击修改：29001 Web服务远程SQL注入攻击可疑行为 NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.67.After upgrade package is imported,engine will automatically restart. List of added or modified signatures: Added: 22758 Microsoft Internet Explorer Memory Corruption Vulnerability(CVE-2013-3110)(MS13-047) Modified: 10051 Microsoft SQL Server 2000 Resolution Service Remote Heap Corruption Denial of Service Modified: 29001 Web Service Remote SQL Injection Suspicious Behavior
发布时间：2013-06-27 17:48:36

名称： eoi.unify.rulepatch.5.6.7.316.rule	版本：5.6.7.316
MD5：c4b86db6c986fd06846d290b9402bf3c	大小：9.54M
描述：绿盟科技NIDS/NIPS产品规则升级包，本升级包依赖引擎升级包5.6.7.67，升级包导入后引擎会自动重启。规则新增或更新列表: 新增: 22754 EMC AlphaStor LCP缓冲区溢出漏洞新增: 22755 ECshop补丁植入后门窃取敏感信息新增: 22738 D-Link DIR615h OS命令注入漏洞新增: 22741 ColdFusion 'password.properties'散列提取新增: 22747 Linksys WRT160nv2 apply.cgi远程命令注入漏洞新增: 22735 Plesk Apache 远程代码执行漏洞新增: 22737 DedeCMS变量注入二次SQL注入漏洞修改: 50054 TELNET服务用户执行su命令 NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.67.After upgrade package is imported,engine will automatically restart. List of added or modified signatures: Added: 22754 EMC AlphaStor LCP Buffer Overflow Vulnerability Added: 22755 ECshop Patch Implant Back Door Steal Sensitive Information Added: 22738 D-Link DIR615h OS Command Injection Added: 22741 ColdFusion 'password.properties' Hash Extraction Added: 22747 Linksys WRT160nv2 apply.cgi Remote Command Injection Added: 22735 Plesk Apache Remote Code Execution Vulnerability Added: 22737 Dedecms Variable Secondary Use SQL Injection Vulnerability Modified: 50054 su Command Execution in TELNET Service
发布时间：2013-06-21 02:27:57

名称： eoi.unify.rulepatch.5.6.7.315.rule	版本：5.6.7.315
MD5：240cb35867e7ee2b21ff4f487167034d	大小：10.09M
描述：绿盟科技NIDS/NIPS产品规则升级包，本升级包依赖引擎升级包5.6.7.67，升级包导入后引擎会自动重启。规则新增或更新列表: 新增: 22726 Microsoft Internet Explorer 释放后重用远程代码执行漏洞(CVE-2013-1312)(MS13-037) 新增: 22727 Microsoft Internet Explorer 释放后重用远程代码执行漏洞(CVE-2013-1311)(MS13-037) 修改: 50100 网络游戏平台浩方对战登录 NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.67.After upgrade package is imported,engine will automatically restart. List of added or modified signatures: Added: 22726 Microsoft Internet Explorer Use-After-Free Remote Code Execution Vulnerability(CVE-2013-1312)(MS13-037) Added: 22727 Microsoft Internet Explorer Use-After-Free Remote Code Execution Vulnerability (CVE-2013-1311)(MS13-037) Modified: 50100 Online Game Platform "cga.com.cn" Login
发布时间：2013-06-13 17:23:21

名称： eoi.unify.rulepatch.5.6.7.314.rule	版本：5.6.7.314
MD5：f576c9328d35dee309f27e8ac12ffef1	大小：10.09M
描述：绿盟科技NIDS/NIPS产品规则升级包，本升级包依赖引擎升级包5.6.7.67，升级包导入后引擎会自动重启。规则新增或更新列表: 新增: 22731 Ruby on Rails 远程代码执行漏洞利用(CVE-2013-0156) 新增: 22728 Java 7 SE 内存破坏远程代码执行漏洞(CVE-2013-1491) 新增: 22725 Microsoft Internet Explorer 释放后重用远程代码执行漏洞(CVE-2013-1309)(MS13-037) 新增: 22724 Microsoft Internet Explorer 释放后重用远程代码执行漏洞(CVE-2013-1307)(MS13-037) 新增: 10443 Microsoft Windows 'HTTP.sys'远程拒绝服务漏洞 (CVE-2013-1305)(MS13-039) 修改: 50100 网络游戏平台浩方对战登录 NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.67.After upgrade package is imported,engine will automatically restart. List of added or modified signatures: Added: 22731 Ruby on Rails Remote Code Execution Vulnerability(CVE-2013-0156) Added: 22728 Java 7 SE Memory Corruption Remote Code Execution Vulnerability(CVE-2013-1491) Added: 22725 Microsoft Internet Explorer Use-After-Free Remote Code Execution Vulnerability(CVE-2013-1309)(MS13-037) Added: 22724 Microsoft Internet Explorer Use-After-Free Remote Code Execution Vulnerability (CVE-2013-1307)(MS13-037) Added: 10443 Microsoft Windows HTTP.sys Remote Denial of Service Vulnerability(CVE-2013-1305)(MS13-039) Modified: 50100 Online Game Platform "cga.com.cn" Login
发布时间：2013-06-06 15:19:26

名称： eoi.unify.rulepatch.5.6.7.313.rule	版本：5.6.7.313
MD5：557683962b8349e4cf94b8f1b7f5228e	大小：10.05M
描述：绿盟科技NIDS/NIPS产品规则升级包，本升级包依赖引擎升级包5.6.7.67，升级包导入后引擎会自动重启。规则新增或更新列表: 新增: 22723 UCenter Home 2.0 musicbox 插件SQL注入漏洞新增: 22722 Apache Struts2远程代码执行漏洞(S2-013) 新增: 22718 DVRHOST PDVRATL.DLL ActiveX控件堆缓冲区溢出漏洞新增: 22719 Namo Web Editor 'NamoInstaller.dll' ActiveX控件任意命令执行漏洞新增: 22720 Microsoft SQL Server分布式管理系统缓冲区溢出漏洞新增: 22721 iMesh 'IMWebControl' ActiveX远程堆溢出漏洞新增: 22716 Microsoft Internet Explorer JSON 数组信息泄露漏洞(CVE-2013-1297)(MS13-037) 新增: 22717 雅虎Music Jukebox AddImage Function ActiveX控件远程栈溢出攻击修改: 50100 网络游戏平台浩方对战登录 NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.67.After upgrade package is imported,engine will automatically restart. List of added or modified signatures: Added: 22723 UCenter Home 2.0 musicbox Plugin SQL Injection Vulnerability Added: 22722 Apache Struts2 Remote Command Execution(S2-013) Added: 22718 DVRHOST PDVRATL.DLL ActiveX Remote Buffer Overflow Vulnerability Added: 22719 Namo Web Editor 'NamoInstaller.dll' ActiveX Control Arbitrary Command Execution Vulnerability Added: 22720 Microsoft SQL Server Distributed Management Objects Buffer Overflow Vulnerability Added: 22721 iMesh 'IMWebControl' ActiveX Remote Heap Overflow Vulnerability Added: 22716 Microsoft Internet Explorer JSON Array Information Disclosure Vulnerability (CVE-2013-1297) Added: 22717 Yahoo! Music Jukebox AddImage Function ActiveX Remote Buffer Overflow Vulnerability Modified: 50100 Online Game Platform "cga.com.cn" Login
发布时间：2013-05-30 17:21:09

名称： eoi.unify.rulepatch.5.6.7.312.rule	版本：5.6.7.312
MD5：b794b82afa0090547e01434d83531082	大小：10.06M
描述：绿盟科技NIDS/NIPS产品规则升级包，本升级包依赖引擎升级包5.6.7.67，升级包导入后引擎会自动重启。规则新增或更新列表: 新增: 22714 Adobe ColdFusion /CFIDE/adminapi/customtags/l10n.cfm 目录遍历漏洞 (CVE-2013-3336) 新增: 22715 APT/Crime Pack网络攻击流量特征新增: 22708 Microsoft IE 8浏览器恶意代码攻击修改: 21395 Microsoft XML核心服务XMLHTTP控件内存破坏漏洞修改: 21420 Microsoft IE非法事件操作内存破坏漏洞(MS10-002) 修改: 50158 Telnet服务IAC选项炸弹攻击 NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.67.After upgrade package is imported,engine will automatically restart. List of added or modified signatures: Added: 22714 Adobe ColdFusion /CFIDE/adminapi/customtags/l10n.cfm Directory Traversal Vulnerability(CVE-2013-3336) Added: 22715 APT/Crime Pack Network Attack Traffic Characteristics Added: 22708 Microsoft IE 8 Browser Malicious Code Attack Modified: 21395 Microsoft XML Core Server XMLHTTP Control Memory Corruption Vulnerability Modified: 21420 Microsoft IE Illegal Event Operation Memory Corruption Vulnerability(MS10-002) Modified: 50158 Telnet Service IAC Option Bomb
发布时间：2013-05-23 17:19:03

名称： eoi.unify.rulepatch.5.6.7.311.rule	版本：5.6.7.311
MD5：c62c2e2e8fc921d77076caf1634e5252	大小：10.01M
描述：绿盟科技NIDS/NIPS产品规则升级包，本升级包依赖引擎升级包5.6.7.67，升级包导入后引擎会自动重启。规则新增或更新列表: 新增: 22708 Microsoft IE 8浏览器恶意代码攻击新增：30610 ColdFusion 9 / 10 远程目录遍历漏洞新增：22712 nginx ngx_http_parse.c chunk处理栈溢出漏洞新增：41046 漏洞扫描器X-Scan CGI漏洞扫描操作新增：41047 Web应用漏洞扫描器Nikto扫描操作新增：21711 Huawei AR系列路由器SNMPv3 缓冲器溢出漏洞新增：21712 nginx ngx_http_parse.c chunk处理栈溢出漏洞新增：22707 Microsoft IE 8释放后重用远程代码执行漏洞(CVE-2013-1347) NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.67.After upgrade package is imported,engine will automatically restart. List of added or modified signatures: Added: 22708 Microsoft IE 8 Browser Malicious Code Attack Added: 30610 ColdFusion 9 / 10 Remote Directory Traversal Vulnerability Added: 22712 nginx 'ngx_http_parse.c' Stack Buffer Overflow Vulnerability Added: 41046 Vulnerability Scanner X-Scan CGI Scan Operation Added: 41047 Web Application Vulnerability Scanner Nikto Scan Operation Added: 22711 Huawei AR Series Router SNMPv3 Buffer Overflows Vulnerability Added: 22712 nginx 'ngx_http_parse.c' Stack Buffer Overflow Vulnerability Added: 22707 Microsoft IE 8 Use After Free Remote Code Execution Vulnerability(CVE-2013-1347)
发布时间：2013-05-16 14:17:09

名称： eoi.unify.rulepatch.5.6.7.310.rule	版本：5.6.7.310
MD5：d0215b56833b070960f838cd8c8b26e2	大小：9.99M
描述：绿盟科技NIDS/NIPS产品规则升级包，本升级包依赖引擎升级包5.6.7.67，升级包导入后引擎会自动重启。规则新增或更新列表: 新增: 22707 Microsoft IE 8远程代码执行漏洞(CVE-2013-1347) 修改: 50098 Windows系统远程管理工具Remote Administrator用户认证 NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.67.After upgrade package is imported,engine will automatically restart. List of added or modified signatures: Added: 22707 Microsoft Internet Explorer Remote Code Execution Vulnerability(CVE-2013-1347) Modified: 50098 Windows Remote Management Tool Remote Administrator Authentication
发布时间：2013-05-04 19:37:31

名称： eoi.unify.rulepatch.5.6.7.309.rule	版本：5.6.7.309
MD5：473534ad1753550c66cc7b42c01b2f54	大小：9.26M
描述：绿盟科技NIDS/NIPS产品规则升级包，本升级包依赖引擎升级包5.6.7.67，升级包导入后引擎会自动重启。规则新增或更新列表: 新增: 22700 Linksys E1500 URL 重定向漏洞修改: 50147 DB2数据库管理服务回应 NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.67.After upgrade package is imported,engine will automatically restart. List of added or modified signatures: Added: 22700 Linksys E1500 URL Redirection Vulnerability Modified: 50147 DB2 Database Management Service Response
发布时间：2013-05-02 15:14:33

名称： eoi.unify.rulepatch.5.6.7.308.rule	版本：5.6.7.308
MD5：f82a85097bc5f9ccaebbe25a43068442	大小：9.26M
描述：绿盟科技NIDS/NIPS产品规则升级包，本升级包依赖引擎升级包5.6.7.67，升级包导入后引擎会自动重启。规则新增或更新列表: 新增: 30604 WHMCS grouppay 插件SQL注入漏洞新增: 30605 PHP-AddressBook v6.2.4 SQL 注入漏洞新增: 22698 PHP-AddressBook v6.2.4 跨站脚本漏洞新增: 30603 phpVMS Virtual Airline Administration 'itemid' 参数 SQL注入漏洞新增: 22696 Netgear DGN1000B setup.cgi 远程命令注入漏洞新增: 22697 Linksys E1500/E2500 apply.cgi 远程命令注入漏洞新增: 22695 BigAnt Server 2.97 DDNF 用户名字段溢出漏洞新增: 30602 AXIGEN Mail Server "fileName"任意文件泄露和删除漏洞修改: 50109 网络游戏石器时代客户端连接服务器 NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.67.After upgrade package is imported,engine will automatically restart. List of added or modified signatures: Added: 30604 WHMCS grouppay plugin SQL Injection <= 1.5 Added: 30605 PHP-AddressBook v6.2.4 SQL INJECTION Added: 22698 PHP-AddressBook v6.2.4 XSS Vulnerability Added: 30603 phpVMS Virtual Airline Administration 'itemid' Parameter SQL Injection Vulnerability Added: 22696 Netgear DGN1000B setup.cgi Remote Command Execution Added: 22697 Linksys E1500/E2500 apply.cgi Remote Command Injection Added: 22695 BigAnt Server 2.97 DDNF Username Buffer Overflow Added: 30602 Axigen Arbitrary File Read and Delete Modified: 50109 Online Game "Stone Age"Client Connect Server
发布时间：2013-04-25 17:23:20

名称： eoi.unify.rulepatch.5.6.7.307.rule	版本：5.6.7.307
MD5：f4c7c3b8d7bb28af69f69db2dc9ae192	大小：9.30M
描述：绿盟科技NIDS/NIPS产品规则升级包，本升级包依赖引擎升级包5.6.7.67，升级包导入后引擎会自动重启。规则新增或更新列表: 新增: 10341 DDOS工具攻击告警新增: 10342 PostgreSQL远程拒绝服务和代码执行漏洞新增: 22687 MongoDB nativeHelper.apply 远程代码注入漏洞新增: 22688 ESPCMS Cookie ecisp_order_list 参数SQL注入漏洞新增: 22689 Plesk Panel远程命令执行漏洞(CVE-2012-1557) 新增: 22690 Adobe ColdFusion 远程命令执行(APSB13-03) 新增: 22691 Adobe ColdFusion 认证绕过漏洞(APSB13-03) 新增: 22693 Microsoft Remote Desktop ActiveX控件远程代码执行漏洞(CVE-2013-1296)(MS13-029) 新增: 30601 Adobe ColdFusion 目录遍历漏洞(APSB13-03) 新增: 30602 AXIGEN Mail Server "fileName"任意文件泄露和删除漏洞修改: 50101 网络游戏泡泡堂客户端连接服务器 NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.67.After upgrade package is imported,engine will automatically restart. List of added or modified signatures: Added: 10341 DDOS tool attacking detection Added: 10342 PostgreSQL Denial of Service And Remote Code Execution Vulnerability Added: 22687 MongoDB nativeHelper.apply Remote Code Execution Added: 22688 ESPCMS Cookie ecisp_order_list Parameter SQL Injection Vulnerability Added: 22689 Plesk Panel Remote Command Execution Vulnerability(CVE-2012-1557) Added: 22690 Adobe ColdFusion APSB13-03 Arbitrary Command Execution Added: 22691 Adobe ColdFusion APSB13-03 Authentication Bypass Added: 22693 Microsoft Remote Desktop ActiveX Control Remote Code Execution(CVE-2013-1296)(MS13-029) Added: 30601 Adobe ColdFusion APSB13-03 Directory Traversal Vulnerability Added: 30602 Axigen Arbitrary File Read and Delete Modified: 50101 Online Game "paopaotang" Client Connect Server
发布时间：2013-04-18 16:52:22

名称： eoi.unify.rulepatch.5.6.7.306.rule	版本：5.6.7.306
MD5：8018908577d16456223a40f1d1265335	大小：9.96M
描述：绿盟科技NIDS/NIPS产品规则升级包，本升级包依赖引擎升级包5.6.7.67，升级包导入后引擎会自动重启。规则新增或更新列表: 新增: 20278 POP3服务AUTH命令超长参数溢出攻击修改: 21328 Oracle Java远程代码执行攻击修改: 22686 Mutiny命令注入漏洞(CVE-2012-3001) 修改: 50170 远程控制管理工具PcAnywhere登录连接 NSFocus NIDS/NIPS product signature update package, depends on engine v5.6.7.67.After upgrade package is imported,engine will automatically restart. List of added or modified signatures: Added: 20278 POP3 Service AUTH Command Over-Long Parameter Buffer Overflow Modified: 21328 Oracle Java Remote Code Execution Attack Modified: 22686 Mutiny Remote Command Execution(CVE-2012-3001) Modified: 50170 Remote Management Tool PcAnywhere Login Connection
发布时间：2013-04-11 20:00:47

名称： eoi.unify.rulepatch.5.6.7.305.rule	版本：5.6.7.305
MD5：9036168fdde42c62d2903573c47eb813	大小：9.96M
描述：绿盟科技NIDS/NIPS产品规则升级包，本升级包依赖引擎升级包5.6.7.67，升级包导入后引擎会自动重启。规则新增或更新列表: 新增: 22680 Apache Struts ParametersInterceptor远程命令执行新增: 22684 EMC AlphaStor NetWorker命令处理器命令注入漏洞修改: 50054 TELNET服务用户执行su命令 NSFocus NIDS/NIPS product signature update package, depends on engine v5.6.7.67.After upgrade package is imported,engine will automatically restart. List of added or modified signatures: Added: 22680 Apache Struts ParametersInterceptor Remote Code Execution Added: 22684 EMC AlphaStor Device Manager Command Execution Modified: 50054 su Command Execution in TELNET Service
发布时间：2013-04-03 15:52:05

名称： eoi.unify.rulepatch.5.6.7.304.rule	版本：5.6.7.304
MD5：a9468d7bf247a5582c012b9dd1371312	大小：9.95M
描述：绿盟科技NIDS/NIPS产品规则升级包，本升级包依赖引擎升级包5.6.7.67，升级包导入后引擎会自动重启。规则新增或更新列表: 新增: 22676 Ruby on Rails attr_protected 远程安全绕过漏洞(CVE-2013-0276) 新增: 22677 PolarPearCms PHP 文件上传漏洞新增: 22678 OpenPLI Webif 任意命令执行漏洞修改: 50035 IMAP服务用户认证成功 NSFocus NIDS/NIPS product signature update package, depends on engine v5.6.7.67.After upgrade package is imported,engine will automatically restart. List of added or modified signatures: Added: 22676 Ruby on Rails attr_protected Security Bypass Vulnerability(CVE-2013-0276) Added: 22677 PolarPearCms PHP File Upload Vulnerability Added: 22678 OpenPLI Webif Arbitrary Command Execution Modified: 50035 IMAP Service User Authentication Success
发布时间：2013-03-28 14:51:40

名称： eoi.unify.rulepatch.5.6.7.303.rule	版本：5.6.7.303
MD5：92004cd74821444f0a89e9f3f2e53438	大小：8.95M
描述：绿盟科技NIDS/NIPS产品规则升级包，本升级包依赖引擎升级包5.6.7.62，升级包导入后引擎会自动重启。规则新增或更新列表: 新增: 22662 Microsoft Visio Viewer VSD文件格式远程代码执行漏洞(CVE-2013-0079)(MS13-023) 新增: 22663 Microsoft SharePoint 回调函数权限提升漏洞(CVE-2013-0080)(MS13-024) 新增: 22664 Microsoft SharePoint 跨站脚本漏洞(CVE-2013-0083)(MS13-024) 新增: 22665 Microsoft Internet Explorer OnResize 释放后重用远程代码执行漏洞(CVE-2013-0087)(MS13-021) 新增: 22666 Microsoft Internet Explorer saveHistory 释放后重用远程代码执行漏洞(CVE-2013-0088)(MS13-021) 新增: 22667 Microsoft Internet Explorer CMarkupBehavio释放后重用远程代码执行漏洞(CVE-2013-0089)(MS13-021) 新增: 22668 Microsoft Internet Explorer CCaret 释放后重用远程代码执行漏洞(CVE-2013-0090)(MS13-021) 新增: 22669 Microsoft Internet Explorer CElement 释放后重用远程代码执行漏洞(CVE-2013-0091)(MS13-021) 新增: 22670 Microsoft Internet Explorer GetMarkupPtr 释放后重用远程代码执行漏洞(CVE-2013-0092)(MS13-021) 新增: 22671 Microsoft Internet Explorer onBeforeCopy 释放后重用远程代码执行漏洞(CVE-2013-0093)(MS13-021) 新增: 22672 Microsoft Internet Explorer removeChild 释放后重用远程代码执行漏洞(CVE-2013-0094)(MS13-021) 新增: 22674 多个HP LaserJet Pro Printer远程debug telnet shell漏洞(CVE-2012-5215) 新增: 22675 TP-Link 无线路由器后门利用新增: 30598 Microsoft SharePoint 目录遍历漏洞(CVE-2013-0084)(MS13-024) 新增: 30599 Microsoft OneNote 信息泄露漏洞(CVE-2013-0086) (MS13-025) 修改: 50035 IMAP服务用户认证 NSFocus NIDS/NIPS product signature update package, depends on engine v5.6.7.62.After upgrade package is imported,engine will automatically restart. List of added or modified signatures: Added: 22662 Microsoft Visio Viewer VSD File Format Remote Code Execution(CVE-2013-0079)(MS13-023) Added: 22663 Microsoft SharePoint Callback Function Elevation of Privilege (CVE-2013-0080)(MS13-024) Added: 22664 Microsoft SharePoint XSS(CVE-2013-0083)(MS13-024) Added: 22665 Microsoft Internet Explorer OnResize Use After Free Remote Code Execution(CVE-2013-0087)(MS13-021) Added: 22666 Microsoft Internet Explorer saveHistory Use After Free Remote Code Execution(CVE-2013-0088)(MS13-021) Added: 22667 Microsoft Internet Explorer CMarkupBehavio Use After Free Remote Code Execution(CVE-2013-0089)(MS13-021) Added: 22668 Microsoft Internet Explorer CCaret Use After Free Remote Code Execution(CVE-2013-0090)(MS13-021) Added: 22669 Microsoft Internet Explorer CElement Use After Free(CVE-2013-0091)(MS13-021) Added: 22670 Microsoft Internet Explorer GetMarkupPtr Use After Free Remote Code Execution(CVE-2013-0092)(MS13-021) Added: 22671 Microsoft Internet Explorer onBeforeCopy Use After Free Remote Code Execution (CVE-2013-0093)(MS13-021) Added: 22672 Microsoft Internet Explorer removeChild Use After Free Remote Code Execution(CVE-2013-0094)(MS13-021) Added: 22674 HP LaserJet Pro Printer Remote debug telnet shell Backdoor(CVE-2012-5215) Added: 22675 TP-Link Router Backdoor Exploit Added: 30598 Microsoft SharePoint Directory Traversal(CVE-2013-0084)(MS13-024) Added: 30599 Microsoft OneNote Information Disclosure(CVE-2013-0086) (MS13-025) Modified: 50035 IMAP Service User Authentication
发布时间：2013-03-21 15:52:41

名称： eoi.unify.rulepatch.5.6.7.301.rule	版本：5.6.7.301
MD5：789e0879a0effcd600c6501db652ce31	大小：9.87M
描述：绿盟科技NIDS/NIPS产品规则升级包，本升级包依赖引擎升级包5.6.7.62，升级包导入后引擎会自动重启。规则新增或更新列表: 新增: 22652 Movable Type Web 升级模块远程代码执行漏洞新增: 22653 php-Charts 'url.php'任意PHP代码执行漏洞修改: 22639 Microsoft Internet Explorer SLayoutRun释放后重用远程代码执行漏洞（MS13-009） NSFocus NIDS/NIPS product signature update package, depends on engine v5.6.7.62.After upgrade package is imported,engine will automatically restart. List of added or modified signatures: Added: 22652 Movable Type 4.2x, 4.3x Web Upgrade Remote Code Execution Added: 22653 PHP-Charts v1.0 PHP Code Execution Vulnerability Modified: 22639 Microsoft Internet Explorer SLayoutRun Use After Free Remote Code Excuted(MS13-009)
发布时间：2013-03-07 16:13:01

名称： eoi.unify.rulepatch.5.6.7.300.rule	版本：5.6.7.300
MD5：2ed1a6e111b528400a69fb50ef5afcce	大小：9.85M
描述：绿盟科技NIDS/NIPS产品规则升级包，本升级包依赖引擎升级包5.6.7.62，升级包导入后引擎会自动重启。规则新增或更新列表: 新增: 22647 EMC NetWorker 'nsrindexd' RPC服务缓冲区溢出漏洞新增: 22633 Microsoft Internet Explorer SetCapture释放后重用远程代码执行漏洞（MS13-009）新增: 22634 Microsoft Internet Explorer COmWindowProxy释放后重用远程代码执行漏洞（MS13-009）新增: 22635 Microsoft Internet Explorer CMarkup释放后重用远程代码执行漏洞（MS13-009）新增: 22636 Microsoft Internet Explorer vtable释放后重用远程代码执行漏洞（MS13-009）新增: 22637 Microsoft Internet Explorer LsGetTrailInfo释放后重用远程代码执行漏洞（MS13-009）新增: 22638 Microsoft Internet Explorer pasteHTML释放后重用远程代码执行漏洞（MS13-009）新增: 22639 Microsoft Internet Explorer SLayoutRun释放后重用远程代码执行漏洞（MS13-009）新增: 22640 Microsoft Internet Explorer CPasteComma释放后重用远程代码执行漏洞（MS13-009）新增: 22641 Microsoft Internet Explorer CObjectElem释放后重用远程代码执行漏洞（MS13-009）新增: 22642 Microsoft Internet Explorer CHTML 释放后重用远程代码执行漏洞（MS13-009）新增: 22643 Microsoft Internet Explorer Vector Markup Language 内存破坏漏洞(CVE-2013-0030)(MS13-010) 新增: 22644 Microsoft DirectShow 远程代码执行漏洞(CVE-2013-0077) (MS13-011) 新增: 22645 Microsoft Windows Object Linking and Embedding (OLE) Automation远程代码执行漏洞(MS13-020) NSFocus NIDS/NIPS product signature update package, depends on engine v5.6.7.62.After upgrade package is imported,engine will automatically restart. List of added or modified signatures: Added: 22647 EMC NetWorker 'nsrindexd' RPC Service Buffer Overflow Vulnerability Added: 22633 Microsoft Internet Explorer SetCapture Use After Free Remote Code Execution（MS13-009） Added: 22634 Microsoft Internet Explorer COmWindowProxy Use After Free Remote Code Execution（MS13-009） Added: 22635 Microsoft Internet Explorer CMarkup Use After Free Remote Code Execution（MS13-009） Added: 22636 Microsoft Internet Explorer vtable Use After Free Remote Code Execution（MS13-009） Added: 22637 Microsoft Internet Explorer LsGetTrailInfo Use After Free Remote Code Execution（MS13-009） Added: 22638 Microsoft Internet Explorer pasteHTML Use After Free Remote Code Execution（MS13-009） Added: 22639 Microsoft Internet Explorer SLayoutRun Use After Free Remote Code Excuted(MS13-009) Added: 22640 Microsoft Internet Explorer CPasteComma Use After Free Remote Code Execution（MS13-009） Added: 22641 Microsoft Internet Explorer CObjectElem Use After Free Remote Code Execution（MS13-009） Added: 22642 Microsoft Internet Explorer CHTML Use After Free Remote Code Execution（MS13-009） Added: 22643 Microsoft Internet Explorer Vector Markup Language Memory Corruption(CVE-2013-0030)(MS13-010) Added: 22644 Microsoft DirectShow Remote Code Execution(CVE-2013-0077) (MS13-011) Added: 22645 Microsoft Windows Object Linking and Embedding (OLE) Automation Remote Code Execution(MS13-020)
发布时间：2013-02-28 16:36:20

名称： eoi.unify.rulepatch.5.6.7.299.rule	版本：5.6.7.299
MD5：c72ebf2dfd933e8e77e86cf3b0a05897	大小：9.96M
描述：绿盟科技NIDS/NIPS产品规则升级包，本升级包依赖引擎升级包5.6.7.62，升级包导入后引擎会自动重启。规则新增或更新列表: 新增: 22615 PHPCMS V9版本帐号管理页面POST参数SQL注入漏洞 NSFocus NIDS/NIPS product signature update package, depends on engine v5.6.7.62.After upgrade package is imported,engine will automatically restart. List of added or modified signatures: Added: 22615 PHPCMS V9 Account Manage POST Parameter SQL Injection Vulnerability
发布时间：2013-02-21 14:51:41

名称： eoi.unify.rulepatch.5.6.7.298.rule	版本：5.6.7.298
MD5：5675ddc21db3113c30983d5987caec28	大小：9.96M
描述：绿盟科技NIDS/NIPS产品规则升级包，本升级包依赖引擎升级包5.6.7.62，升级包导入后引擎会自动重启。规则新增或更新列表: 新增: 10338 Microsoft Windows SSL远程拒绝服务漏洞（MS04-011） NSFocus NIDS/NIPS product signature update package, depends on engine v5.6.7.62.After upgrade package is imported,engine will automatically restart. List of added or modified signatures: Added: 10338 Microsoft Windows SSL Remote DoS Vulnerability
发布时间：2013-02-14 09:56:25

名称： eoi.unify.rulepatch.5.6.7.297.rule	版本：5.6.7.297
MD5：43061f80c84e2ddae78d9e030237e3ce	大小：9.96M
描述：绿盟科技NIDS/NIPS产品规则升级包，本升级包依赖引擎升级包5.6.7.62，升级包导入后引擎会自动重启。规则新增或更新列表: 新增: 22630 Icinga history.cgi "show_history()" 缓冲区溢出漏洞 NSFocus NIDS/NIPS product signature update package, depends on engine v5.6.7.62.After upgrade package is imported,engine will automatically restart. List of added or modified signatures: Added: 22630 Icinga history.cgi "show_history()" Buffer Overflow Vulnerability
发布时间：2013-02-07 08:45:44

名称： eoi.unify.rulepatch.5.6.7.296.rule	版本：5.6.7.296
MD5：81b6e39dc77df186f890e3b9bbf6a2fe	大小：9.96M
描述：绿盟科技NIDS/NIPS产品规则升级包，本升级包依赖引擎升级包5.6.7.62，升级包导入后引擎会自动重启。规则新增或更新列表: 新增: 30590 Web应用漏洞扫描工具WebInspect扫描操作 NSFocus NIDS/NIPS product signature update package, depends on engine v5.6.7.62.After upgrade package is imported,engine will automatically restart. List of added or modified signatures: Added: 30590 Web Application Vulnerability Scanner WebInspect Scan Operation
发布时间：2013-02-01 18:32:42

名称： eoi.unify.rulepatch.5.6.7.295.rule	版本：5.6.7.295
MD5：f88a08f7935429c956303124997d3a47	大小：9.90M
描述：绿盟科技NIDS/NIPS产品规则升级包，本升级包依赖引擎升级包5.6.7.62，升级包导入后引擎会自动重启。规则新增或更新列表: 新增: 22625 MoinMoin action/twikidraw.py和action/anywikidraw.py任意代码执行漏洞新增: 30586 BigAnt IM Server SHU请求SQL注入漏洞 NSFocus NIDS/NIPS product signature update package, depends on engine v5.6.7.62.After upgrade package is imported,engine will automatically restart. List of added or modified signatures: Added: 22625 MoinMoin action/twikidraw.py action/anywikidraw.py Remote Code Execution Vulnerability Added: 30586 BigAnt IM Server SHU request SQL injection vulnerability
发布时间：2013-01-25 18:29:55

名称： eoi.unify.rulepatch.5.6.7.294.rule	版本：5.6.7.294
MD5：add96ce1168919b4f1664fe22fe8c2bd	大小：9.79M
描述：绿盟科技NIDS/NIPS产品规则升级包，本升级包依赖引擎升级包5.6.7.62，升级包导入后引擎会自动重启。规则新增或更新列表: 新增: 22616 Symantec Messaging Gateway任意文件下载漏洞新增: 22617 Foswiki MAKETEXT远程命令执行漏洞新增: 22619 WordPress Asset-Manager PHP 文件上传漏洞新增: 22620 WordPress WP-Property PHP 文件上传漏洞 NSFocus NIDS/NIPS product signature update package, depends on engine v5.6.7.62.After upgrade package is imported,engine will automatically restart. List of added or modified signatures: Added: 22616 Symantec Messaging Gateway 9.5 Log File Download Vulnerability Added: 22617 Foswiki MAKETEXT Remote Command Execution Added: 22619 WordPress Asset-Manager PHP File Upload Vulnerability Added: 22620 WordPress WP-Property PHP File Upload Vulnerability
发布时间：2013-01-17 18:03:45

名称： eoi.unify.rulepatch.5.6.7.293.rule	版本：5.6.7.293
MD5：379db7aca76eb638cb4c31eaea513c7e	大小：9.78M
描述：绿盟科技NIDS/NIPS产品规则升级包，本升级包依赖引擎升级包5.6.7.62，升级包导入后引擎会自动重启。规则新增或更新列表: 新增: 22621 Oracle Java 7 JmxMBeanServer类远程代码执行漏洞 NSFocus NIDS/NIPS product signature update package, depends on engine v5.6.7.62.After upgrade package is imported,engine will automatically restart. List of added or modified signatures: New: 22621 Oracle Java 7 JmxMBeanServer Remote Code Execution
发布时间：2013-01-12 15:05:12

名称： eoi.unify.rulepatch.5.6.7.292.rule	版本：5.6.7.292
MD5：ca96efc6ed68960521681225886b737c	大小：9.76M
描述：绿盟科技NIDS/NIPS产品规则升级包，本升级包依赖引擎升级包5.6.7.62，升级包导入后引擎会自动重启。规则新增或更新列表: 新增: 22618 CVE-2013-0010 System Center Operations Manager Web Console XSS漏洞(MS13-003) 新增: 10337 CVE-2013-0005 Open Data Protocol Replace拒绝服务漏洞(MS13-007) 新增: 20612 TrackerCam PHP参数远程缓冲区溢出攻击新增: 20613 SGI IRIX lpsched远程命令执行攻击修改: 50140 PPTV网络电视流媒体播放(TCP) 修改: 50193 PPTV网络电视流媒体播放(UDP) 修改: 50158 Telnet服务IAC选项炸弹攻击 NSFocus NIDS/NIPS product signature update package, depends on engine v5.6.7.62.After upgrade package is imported,engine will automatically restart. List of added or modified signatures: New: 22618 CVE-2013-0010 System Center Operations Manager Web Console XSS Vulnerability(MS13-003) New: 10337 CVE-2013-0005 Open Data Protocol Replace Denial of Service Vulnerability(MS13-007) New: 20612 TrackerCam PHP Parameter Remote Buffer Overflow New: 20613 SGI IRIX lpsched Remote Command Execution Modify: 50140 PPTV Network TV Streaming Media Playing (TCP) Modify: 50193 PPTV Network TV Streaming Media Playing (UDP) Modify: 50158 Telnet Service IAC Option Bomb
发布时间：2013-01-10 16:54:50

名称： eoi.unify.rulepatch.5.6.7.291.rule	版本：5.6.7.291
MD5：9cff605f2dff0dca57720f47e8741265	大小：10.19M
描述：绿盟科技NIDS/NIPS产品规则升级包，本升级包依赖引擎升级包5.6.7.62，升级包导入后引擎会自动重启。规则新增或更新列表: 新增: 22609 Microsoft IE mshtml!CDwnBindInfo对象释放后重用代码执行漏洞新增: 22607 PHPCMS V9版poster_click函数SQL注入漏洞 NSFocus NIDS/NIPS product signature update package, depends on engine v5.6.7.62.After upgrade package is imported engine will automatically restart. List of added or modified signatures: New: 22609 Microsoft Internet Explorer CDwnBindInfo Object Use-After-Free Vulnerability New: 22607 PHPCMS V9 poster_click function SQL injection vulnerability
发布时间：2012-12-31 14:10:55

名称： eoi.unify.rulepatch.5.6.7.290.rule	版本：5.6.7.290
MD5：bd175d838f93501d570608c2d7b36214	大小：10.17M
描述：绿盟科技NIDS/NIPS产品规则升级包，本升级包依赖引擎升级包5.6.7.62，升级包导入后引擎会自动重启。规则新增或更新列表: 新增: 22602 Nagios XI 网络监控器Graph Explorer组件命令注入漏洞新增: 22603 Splunk 5.0 用户自定义程序远程执行漏洞新增: 22606 WordPress 多个CMSMasters主题'upload.php'任意文件上传漏洞 NSFocus NIDS/NIPS product signature update package, depends on engine v5.6.7.62.After upgrade package is imported，engine will automatically restart. List of added or modified signatures: New: 22602 Nagios XI Network Monitor Graph Explorer Component Command Injection New: 22603 Splunk 5.0 Custom App Remote Code Execution New: 22606 Clockstone and other CMSMasters Theme File Upload Vulnerabilities
发布时间：2012-12-27 17:31:42

名称： eoi.unify.rulepatch.5.6.7.289.rule	版本：5.6.7.289
MD5：96ce19cf17248f6a52555be275f22dca	大小：6.40M
描述：绿盟NIDS/NIPS规则升级文件，适用于v5.6.7.39及以上版本。规则更新列表如下: 新增: 22599 OracleMySQL/MariaDB acl_get()和check_grant_db_routine()函数缓冲区溢出漏洞新增: 22600 HP Data Protector DtbClsLogin缓冲区溢出漏洞 NsFocus NIDS/NIPS rules upgrade file,apply to v5.6.7.39 and above.Signature Set Update: New: 22599 OracleMySQL/MariaDB acl_get() and check_grant_db_routine() function buffer overflow vulnerability New: 22600 HP Data Protector DtbClsLogin Buffer Overflow
发布时间：2012-12-20 15:44:22

名称： eoi.unify.rulepatch.5.6.7.288.rule	版本：5.6.7.288
MD5：64fdbfbd3641d73981d5802e8f3a00f4	大小：6.46M
描述：绿盟NIDS/NIPS规则升级文件，适用于v5.6.7.39及以上版本。规则更新列表如下: 新增: 22593 CVE-2012-1537 Microsoft DirectPlay堆溢出漏洞(MS12-082) 新增: 22594 CVE-2012-2539 Microsoft Word RTF 'listoverridecount'远程代码执行漏洞(MS12-079) 新增: 22595 CVE-2012-2556 Microsoft OpenType字体解析漏洞(MS12-078) 新增: 22596 CVE-2012-4774 Microsoft Windows文件名解析漏洞(MS12-081) 新增: 22597 CVE-2012-4786 Microsoft TrueType字体解析漏洞(MS12-078) 新增: 22598 CVE-2012-4787 Microsoft Internet Explorer Improper Ref Counting释放后重用漏洞(MS12-077) NsFocus NIDS/NIPS rules upgrade file,apply to v5.6.7.39 and above.Signature Set Update: New: 22593 CVE-2012-1537 Microsoft DirectPlay Heap Overflow Vulnerability(MS12-082) New: 22594 CVE-2012-2539 Microsoft Word RTF 'listoverridecount' Remote Code Execution Vulnerability(MS12-079) New: 22595 CVE-2012-2556 Microsoft OpenType Font Parsing Vulnerability(MS12-078) New: 22596 CVE-2012-4774 Microsoft Windows Filename Parsing Vulnerability(MS12-081) New: 22597 CVE-2012-4786 Microsoft TrueType Font Parsing Vulnerability(MS12-078) New: 22598 CVE-2012-4787 Microsoft Internet Explorer Improper Ref Counting Use After Free Vulnerability(MS12-077)
发布时间：2012-12-11 16:17:08

名称： eoi.unify.rulepatch.5.6.7.287.rule	版本：5.6.7.287
MD5：10386772e5ad709ede163ebfb636719a	大小：6.46M
描述：绿盟NIDS/NIPS规则升级文件，适用于v5.6.7.39及以上版本。规则更新列表如下: 新增: 22588 Samsung打印机固件管理账号后门 NsFocus NIDS/NIPS rules upgrade file,apply to v5.6.7.39 and above.Signature Set Update: New: 22588 Samsung printer firmware management account backdoor
发布时间：2012-12-06 17:08:59

名称： eoi.unify.rulepatch.5.6.7.286.rule	版本：5.6.7.286
MD5：e1a4c90229b19477955ce6c9885aa094	大小：6.51M
描述：绿盟NIDS/NIPS规则升级文件，适用于v5.6.7.39及以上版本。规则更新列表如下: 新增: 22532 WordPress plugin Foxypress uploadify.php任意代码执行漏洞新增: 22529 Bitweaver多个跨站脚本执行和本地文件包含漏洞 NsFocus NIDS/NIPS rules upgrade file,apply to v5.6.7.39 and above.Signature Set Update: New: 22532 WordPress plugin Foxypress uploadify.php Arbitrary Code Execution Vulnerability New: 22529 Bitweaver multiple Cross Site Scripting and Local File Inclusion Vulnerability
发布时间：2012-11-29 15:17:30

名称： eoi.unify.rulepatch.5.6.7.285.rule	版本：5.6.7.285
MD5：df7625d99ec85e1c09a497fa41accb50	大小：6.47M
描述：绿盟NIDS/NIPS规则升级文件，适用于v5.6.7.39及以上版本。规则更新列表如下: 新增: 22504 Oracle Network Authentication组件远程代码执行漏洞新增: 22506 Invision Power Board le 3.3.4 unserialize() PHP代码执行漏洞 NsFocus NIDS/NIPS rules upgrade file,apply to v5.6.7.39 and above.Signature Set Update: New: 22504 Oracle Network Authentication Component Remote Code Execution Vulnerability New: 22506 Invision Power Board le 3.3.4 unserialize () PHP Code Execution Vulnerability
发布时间：2012-11-22 16:50:21

名称： eoi.unify.rulepatch.5.6.7.284.rule	版本：5.6.7.284
MD5：71db4d5acdba11f2331ce3a51c8fefdd	大小：6.46M
描述：绿盟NIDS/NIPS规则升级文件，适用于v5.6.7.39及以上版本。规则更新列表如下: 新增: 22507 CVE-2012-1538 Microsoft Internet Explorer CFormElement释放后重用漏洞(MS12-071) 新增: 22508 CVE-2012-1539 Microsoft Internet Explorer CTreePos释放后重用漏洞(MS12-071) 新增: 22509 CVE-2012-1885 Microsoft Excel SerAuxErrBar堆溢出漏洞(MS12-076) 新增: 22510 CVE-2012-1886 Microsoft Excel内存破坏漏洞(MS12-076) 新增: 22511 CVE-2012-1887 Microsoft Excel SST Invalid Length释放后重用漏洞(MS12-076) 新增: 22512 CVE-2012-2543 Microsoft Excel栈溢出漏洞(MS12-076) 新增: 22513 CVE-2012-2897 Microsoft Windows字体解析漏洞(MS12-075) 新增: 22514 CVE-2012-4775 Microsoft Internet Explorer CTreeNode释放后重用漏洞(MS12-071) NsFocus NIDS/NIPS rules upgrade file,apply to v5.6.7.39 and above.Signature Set Update: New: 22507 CVE-2012-1538 Microsoft Internet Explorer CFormElement Use After Free Vulnerability(MS12-071) New: 22508 CVE-2012-1539 Microsoft Internet Explorer CTreePos Use After Free Vulnerability(MS12-071) New: 22509 CVE-2012-1885 Microsoft Excel SerAuxErrBar Heap Overflow Vulnerability(MS12-076) New: 22510 CVE-2012-1886 Microsoft Excel Memory Corruption Vulnerability(MS12-076) New: 22511 CVE-2012-1887 Microsoft Excel SST Invalid Length Use After Free Vulnerability(MS12-076) New: 22512 CVE-2012-2543 Microsoft Excel Stack Overflow Vulnerability(MS12-076) New: 22513 CVE-2012-2897 Microsoft Windows Font Parsing Vulnerability(MS12-075) New: 22514 CVE-2012-4775 Microsoft Internet Explorer CTreeNode Use After Free Vulnerability(MS12-071)
发布时间：2012-11-14 15:46:48

名称： eoi.unify.rulepatch.5.6.7.282.rule	版本：5.6.7.282
MD5：7352b19ef0d22b61c1c8d6bcd751fdf2	大小：6.19M
描述：绿盟NIDS/NIPS规则升级文件，适用于v5.6.7.39及以上版本。规则更新列表如下: 新增: 30582 H3C及Huawei SNMP访问控制信息泄露漏洞 NsFocus NIDS/NIPS rules upgrade file,apply to v5.6.7.39 and above.Signature Set Update: New: 30582 HP/H3C and Huawei SNMP Weak Access to Critical Data
发布时间：2012-11-08 17:30:13

名称： eoi.unify.rulepatch.5.6.7.281.rule	版本：5.6.7.281
MD5：a035644a30a2cda6dfb7a3ec51d4819b	大小：6.11M
描述：绿盟NIDS/NIPS规则升级文件，适用于v5.6.7.39及以上版本。规则更新列表如下: 新增: 22487 Oracle Database身份验证协议离线口令破解漏洞修改: 30580 Shopex Cookie选项SQL注入漏洞 NsFocus NIDS/NIPS rules upgrade file,apply to v5.6.7.39 and above. .Signature Set Update: New: 22487 Oracle Database Authentication ProtocolSecurity Bypass Vulnerability Modify: 30580 Shopex Cookie Option SQL Injection Vulnerability
发布时间：2012-11-01 17:05:11

名称： eoi.unify.rulepatch.5.6.7.280.rule	版本：5.6.7.280
MD5：f66ee0c7be85696c9b46697a5bdccf14	大小：6.11M
描述：绿盟NIDS/NIPS规则升级文件，适用于v5.6.7.39及以上版本。规则更新列表如下: 修改: 30580 Shopex Cookie选项SQL注入漏洞 NsFocus NIDS/NIPS rules upgrade file,apply to v5.6.7.39 and above.Signature Set Update: Modify: 30580 Shopex Cookie Option SQL Injection Vulnerability
发布时间：2012-10-26 19:35:30

名称： eoi.unify.rulepatch.5.6.7.279.rule	版本：5.6.7.279
MD5：b185923fef443d8e3af20bc2fe124223	大小：6.06M
描述：绿盟NIDS/NIPS规则升级文件，适用于v5.6.7.39及以上版本。导入规则升级包之前需要导入5.6.7.39的引擎升级包,规则更新列表如下: 增加英文版本帮助文档 NsFocus NIDS/NIPS rules upgrade file,apply to v5.6.7.39 and above.5.6.7.39 engine upgrade package needs to be imported before importing rules upgrade package,Signature Set Update: increase the help document of English version
发布时间：2012-10-26 10:16:14

名称： eoi.unify.rulepatch.5.6.7.278.rule	版本：5.6.7.278
MD5：7388036129cf108d7e5216d785a46057	大小：5.88M
描述：绿盟NIDS/NIPS规则升级文件，适用于v5.6.7.39及以上版本。导入规则升级包之前需要导入5.6.7.39的引擎升级包,规则更新列表如下: 新增: 22482 InduSoft Web Studio 任意上传远程代码执行漏洞新增: 22483 Avaya WinPMD UniteHostRouter 缓冲区溢出漏洞新增: 22485 QNX QCONN 远程命令执行漏洞 NsFocus NIDS/NIPS rules upgrade file,apply to v5.6.7.39 and above.5.6.7.39 engine upgrade package needs to be imported before importing rules upgrade package,Signature Set Update: New: 22482 InduSoft Web Studio Arbitrary Upload Remote Code Execution New: 22483 Avaya WinPMD UniteHostRouter Buffer Overflow New: 22485 QNX QCONN Remote Command Execution Vulnerability
发布时间：2012-10-25 15:07:29

名称： eoi.unify.rulepatch.5.6.7.277.rule	版本：5.6.7.277
MD5：a09f9f8356fc54ee7bb715bd291c3199	大小：5.72M
描述：绿盟NIDS/NIPS规则升级文件，适用于v5.6.7.39及以上版本。导入规则升级包之前需要导入5.6.7.39的引擎升级包,规则更新列表如下: 新增: 30579 Indusoft WebStudio NTWebServer 远程文件存取新增: 22480 Auxilium RateMyPet 任意文件上传漏洞新增: 22477 CVE-2012-2552 Microsoft SQL Server Report Manager CVE-2012-2552 跨站脚本攻击漏洞（MS12-070）新增: 22481 Firefox 7/8 (8.0.1) nsSVGValue Out-of-Bounds 存取漏洞 NsFocus NIDS/NIPS rules upgrade file,apply to v5.6.7.39 and above.5.6.7.39 engine upgrade package needs to be imported before importing rules upgrade package,Signature Set Update: New: 30579 Indusoft WebStudio NTWebServer Remote File Access New: 22480 Auxilium RateMyPet Arbitrary File Upload Vulnerability New: 22477 CVE-2012-2552 Microsoft SQL Server Report Manager CVE-2012-2552 Cross Site Scripting Vulnerability(MS12-070) New: 22481 Firefox 7/8 (8.0.1) nsSVGValue Out-of-Bounds Access Vulnerability
发布时间：2012-10-18 16:10:40

名称： eoi.unify.rulepatch.5.6.7.276.rule	版本：5.6.7.276
MD5：6623cee1805acac054fad8c81d687efc	大小：5.72M
描述：绿盟NIDS/NIPS规则升级文件，适用于v5.6.7.39及以上版本。导入规则升级包之前需要导入5.6.7.39的引擎升级包,规则更新列表如下: 新增: 22470 phpMyAdmin server_sync.php 远程后门漏洞新增: 22471 qdPM v7 任意PHP文件上传漏洞新增: 22472 Oracle Business Transaction Management FlashTunnelService 远程代码执行漏洞新增: 22473 Adobe RoboHelp Server 8 任意文件上传执行新增: 22474 Avid Media Composer 5.5 - Avid Phonetic Indexer 缓冲区溢出漏洞新增: 22475 Energizer DUO Trojan 代码执行新增: 22476 FileWrangler 5.30 缓冲区溢出漏洞 NsFocus NIDS/NIPS rules upgrade file,apply to v5.6.7.39 and above.5.6.7.39 engine upgrade package needs to be imported before importing rules upgrade package,Signature Set Update: New: 22470 phpMyAdmin server_sync.php remote backdoor vulnerability New: 22471 qdPM v7 Arbitrary PHP File Upload Vulnerability New: 22472 Oracle Business Transaction Management FlashTunnelService Remote Code Execution New: 22473 Adobe RoboHelp Server 8 Arbitrary File Upload and Execute New: 22474 Avid Media Composer 5.5 - Avid Phonetic Indexer Buffer Overflow New: 22475 Energizer DUO Trojan Code Execution New: 22476 FileWrangler 5.30 Stack Buffer Overflow
发布时间：2012-10-11 12:22:15

名称： eoi.unify.rulepatch.5.6.7.275.rule	版本：5.6.7.275
MD5：2ed5cb3690c8fd0fbebc8bb52a82c14a	大小：5.72M
描述：绿盟NIDS/NIPS规则升级文件，适用于v5.6.7.39及以上版本。导入规则升级包之前需要导入5.6.7.39的引擎升级包,规则更新列表如下: 新增: 22466 Microsoft IE OnMove释放后重用远程代码执行漏洞新增: 22467 Microsoft IE事件监听器释放后重用远程代码执行漏洞新增: 22468 Microsoft IE布局释放后重用远程代码执行漏洞新增: 22469 Microsoft IE cloneNode释放后重用远程代码执行漏洞 NsFocus NIDS/NIPS rules upgrade file,apply to v5.6.7.39 and above.5.6.7.39 engine upgrade package needs to be imported before importing rules upgrade package,Signature Set Update: New: 22466 Microsoft Internet Explorer 8 and 9 OnMove Use After Free Remote Code Execution Vulnerability New: 22467 Microsoft Internet Explorer 8 and 9 Event Listener Use After Free Remote Code Execution Vulnerability New: 22468 Microsoft Internet Explorer 8 and 9 Layout Use After Free Remote Code Execution Vulnerability New: 22469 Microsoft Internet Explorer 8 and 9 cloneNode Use After Free Remote Code Execution Vulnerability
发布时间：2012-10-04 08:41:20

名称： eoi.unify.rulepatch.5.6.7.274.rule	版本：5.6.7.274
MD5：dece6ba82475c89fd3af7e056aad6dc8	大小：5.72M
描述：绿盟NIDS/NIPS规则升级文件，适用于v5.6.7.39及以上版本。导入规则升级包之前需要导入5.6.7.39的引擎升级包,规则更新列表如下: 新增: 22470 phpMyAdmin server_sync.php 远程后门漏洞 NsFocus NIDS/NIPS rules upgrade file,apply to v5.6.7.39 and above.5.6.7.39 engine upgrade package needs to be imported before importing rules upgrade package,Signature Set Update: New: 22470 phpMyAdmin server_sync.php remote backdoor vulnerability
发布时间：2012-09-26 18:55:08

名称： eoi.unify.rulepatch.5.6.7.271.rule	版本：5.6.7.271
MD5：38094100e8e5503ce7eb3bef3e76d5c4	大小：5.71M
描述：绿盟NIDS/NIPS规则升级文件，适用于v5.6.7.39及以上版本。导入规则升级包之前需要导入5.6.7.39的引擎升级包,规则更新列表如下: 新增: 22463 Microsoft IE 6/7/8/9 execCommand函数远程代码执行漏洞 NsFocus NIDS/NIPS rules upgrade file,apply to v5.6.7.39 and above.5.6.7.39 engine upgrade package needs to be imported before importing rules upgrade package,Signature Set Update: New: 22463 Microsoft IE 6/7/8/9 execCommand function Remote Execution
发布时间：2012-09-18 17:57:06

名称： eoi.unify.rulepatch.5.6.7.269.rule	版本：5.6.7.269
MD5：390dc24add970a52633b4ba362bc0683	大小：5.36M
描述：绿盟NIDS/NIPS规则升级文件，适用于v5.6.7.39及以上版本。导入规则升级包之前需要导入5.6.7.39的引擎升级包,规则更新列表如下: 新增: 22452 CVE-2012-2536 Microsoft System Center Configuration Manager反射型跨站脚本漏洞(MS12-062) 新增: 22453 CVE-2012-1892 Microsoft Visual Studio Team Foundation Server跨站脚本漏洞(MS12-061) NsFocus NIDS/NIPS rules upgrade file,apply to v5.6.7.39 and above.5.6.7.39 engine upgrade package needs to be imported before importing rules upgrade package,Signature Set Update: New: 22452 CVE-2012-2536 Microsoft System Center Configuration Manager Reflected XSS Vulnerability(MS12-062) New: 22453 CVE-2012-1892 Microsoft Visual Studio Team Foundation Server XSS Vulnerability(MS12-061)
发布时间：2012-09-12 14:58:49

名称： eoi.unify.rulepatch.5.6.7.267.rule	版本：5.6.7.267
MD5：ab80a71051a2cd6586b12c2a05cbd16b	大小：5.36M
描述：绿盟NIDS/NIPS规则升级文件，适用于v5.6.7.39及以上版本。导入规则升级包之前需要导入5.6.7.39的引擎升级包,规则更新列表如下: 新增: 50460 远程控制工具TeamViewer连接新增: 22401 MODBUS TCP-强制监听模式新增: 22402 MODBUS TCP-功能代码扫描新增: 22403 MODBUS TCP-点列表扫描新增: 22404 MODBUS TCP-应答异常代码延迟新增: 22405 HTTP蠕虫熊猫烧香下载恶意代码 NsFocus NIDS/NIPS rules upgrade file,apply to v5.6.7.39 and above.Import rules upgrade package need to import 5.6.7.39 engine upgrade package,Signature Set Update: New: 50460 Remote Control Tool TeamViewer Connection New: 22401 Modbus TCP Force Listen Only Mode New: 22402 Modbus TCP Function Code Scan New: 22403 Modbus TCP Points List Scan New: 22404 Modbus TCP Acknowledge Exception Code Delay New: 22405 HTTP Worm Panda Burn Incense download malicious code
发布时间：2012-09-06 17:44:53

名称： eoi.unify.rulepatch.5.6.7.266.rule	版本：5.6.7.266
MD5：ea1bdca5ea4940078b59c73d62ca488a	大小：5.36M
描述：绿盟NIDS/NIPS规则升级文件，适用于v5.6.7.39及以上版本。导入规则升级包之前需要导入5.6.7.39的引擎升级包,规则更新列表如下: 新增: 22431 Java 7 Applet远程代码执行漏洞新增: 22432 Apache Struts2 Skill名称远程代码执行漏洞新增: 50459 DNS隧道攻击工具NSTX连接 NsFocus NIDS/NIPS rules upgrade file,apply to v5.6.7.39 and above.5.6.7.39 engine upgrade package needs to be imported before importing rules upgrade package,Signature Set Update: New: 22431 Java 7 Applet Remote Code Execution Vulnerability New: 22432 Apache Struts2 Skill Name Remote Code Execution Vulnerability New: 50459 DNS tunnel attack tool NSTX connect
发布时间：2012-08-28 18:30:40

名称： eoi.unify.rulepatch.5.6.7.265.rule	版本：5.6.7.265
MD5：81fa54fcd576f205be93b33301c251e6	大小：5.34M
描述：新增: 22416 Symantec Web Gateway 5.0.2.18 pbcontrol.php代码注入漏洞新增: 22417 Zenoss 3 showDaemonXMLConfig代码执行漏洞新增: 22418 CuteFlow v2.11.2任意文件上传漏洞新增: 22419 WebPageTest任意PHP文件上传漏洞新增: 22420 EGallery PHP文件上传漏洞新增: 22421 Cisco Linksys PlayerPT ActiveX控件缓冲区溢出漏洞新增: 22422 Cisco Linksys PlayerPT ActiveX Control SetSource sURL参数缓冲区溢出漏洞新增: 22423 Dell SonicWALL (Plixer) Scrutinizer 9 SQL注入漏洞新增: 22424 Simple Web Server Connection Header缓冲区溢出漏洞新增: 22425 Microsoft Office SharePoint Server 2007远程代码执行漏洞新增: 22426 Novell ZENworks Configuration Management Preboot Service 0x21缓冲区溢出漏洞新增: 22427 Novell ZENworks Configuration Management Preboot Service 0x4c缓冲区溢出漏洞新增: 22428 Novell ZENworks Configuration Management Preboot Service 0x06缓冲区溢出漏洞新增: 22429 Novell ZENworks Configuration Management Preboot Service 0x6c缓冲区溢出漏洞新增: 22353 Citect SCADA ODBC服务器远程栈溢出漏洞新增: 22354 RealWin SCADA服务器远程栈溢出漏洞新增: 22355 Winlog Pro畸形报文栈缓冲区溢出漏洞新增: 22356 WonderWare SuiteLink slssvc.exe远程拒绝服务漏洞新增: 22357 ClearSCADA堆溢出漏洞新增: 22358 Invensys Wonderware InBatch lm_tcp服务缓冲区溢出漏洞新增: 22359 Ecava IntegraXor目录遍历漏洞新增: 22360 RealWin特制报文处理多个栈溢出漏洞新增: 22361 Intellicom HMS HICP协议Hostname字段缓冲区溢出漏洞新增: 22362 WellinTech KingView HistorySvr.exe堆缓冲区溢出漏洞新增: 22363 NetBiter webSCADA目录遍历漏洞新增: 22364 VxWorks信息泄露漏洞新增: 22365 Automated Solutions Modbus/TCP Master OPC Server堆缓冲区溢出漏洞新增: 22366 IGSS SCADA系统目录遍历和下载漏洞新增: 22367 IGSS SCADA系统目录遍历上传和覆盖漏洞新增: 22368 IGSS SCADA ListAll Function缓冲区溢出漏洞新增: 22369 IGSS SCADA Write File Function缓冲区溢出漏洞新增: 22370 IGSS SCADA ReadFile Function缓冲区溢出漏洞新增: 22371 IGSS SCADA Delete Function缓冲区溢出漏洞新增: 22372 IGSS SCADA RenameFile Function缓冲区溢出漏洞新增: 22374 IGSS SCADA FileInfo Function缓冲区溢出漏洞新增: 22375 IGSS SCADA RMS Report Add Command缓冲区溢出漏洞新增: 22376 IGSS SCADA RMS Report Template ReadFile Command缓冲区溢出漏洞新增: 22377 IGSS SCADA RMS Report Template WriteFile Command缓冲区溢出漏洞新增: 22378 IGSS SCADA RMS Report Template Rename Command缓冲区溢出漏洞新增: 22379 IGSS SCADA RMS Report Template Delete Command缓冲区溢出漏洞新增: 22380 IGSS SCADA STDREP Request缓冲区溢出漏洞新增: 22382 RealFlex RealWin SCADA SCPC_TXTEVENT strcpy()缓冲区溢出漏洞新增: 22381 IGSS SCADA dc.exe Server目录遍历任意文件执行漏洞新增: 22384 RealFlex RealWin SCADA On_FC_CTAGLIST_FCS_CADDTAG缓冲区溢出漏洞新增: 22385 RealFlex RealWin SCADA On_FC_CTAGLIST_FCS_CDELTAG缓冲区溢出漏洞新增: 22386 RealFlex RealWin SCADA On_FC_CTAGLIST_FCS_ADDTAGMS缓冲区溢出漏洞新增: 22387 RealFlex RealWin SCADA On_FC_RFUSER_FCS_LOGIN缓冲区溢出漏洞新增: 22388 RealFlex RealWin SCADA On_FC_BINFILE_FCS_FILE缓冲区溢出漏洞新增: 22389 RealFlex RealWin SCADA On_FC_MISC_FCS_MSGBROADCAST缓冲区溢出漏洞新增: 22390 RealFlex RealWin SCADA On_FC_MISC_FCS_MSGSEND缓冲区溢出漏洞新增: 22392 RealFlex RealWin SCADA On_FC_CGETTAG_FCS_GETCHANNELTELEMETRY缓冲区溢出漏洞新增: 22391 RealFlex RealWin SCADA On_FC_CGETTAG_FCS_GETTELEMETRY缓冲区溢出漏洞新增: 22393 RealFlex RealWin SCADA On_FC_CGETTAG_FCS_SETTELEMETRY缓冲区溢出漏洞新增: 22394 RealFlex RealWin SCADA On_FC_CGETTAG_FCS_SETCHANNELTELEMETRY缓冲区溢出漏洞新增: 22395 RealFlex RealWin SCADA On_FC_SCRIPT_FCS_STARTPROG缓冲区溢出漏洞新增: 22396 Iconics Genesis SCADA释放未初始化的内存触发选项漏洞新增: 22397 Iconics Genesis SCADA整数溢出漏洞新增: 22398 Siemens Tecnomatix FactoryLink CSService CSMSG filter缓冲区溢出漏洞新增: 22399 Siemens Tecnomatix FactoryLink CSService GetFile path缓冲区溢出漏洞新增: 22400 Siemens Tecnomatix FactoryLink CSService GetFileInfo path缓冲区溢出漏洞新增: 22383 RealFlex RealWin SCADA On_FC_CONNECT_FCS_LOGIN缓冲区溢出漏洞 New: 22416 Symantec Web Gateway 5.0.2.18 pbcontrol.php Command Injection Vulnerability New: 22417 Zenoss 3 showDaemonXMLConfig Command Execution Vulnerability New: 22418 CuteFlow v2.11.2 Arbitrary File Upload Vulnerability New: 22419 WebPageTest Arbitrary PHP File Upload Vulnerability New: 22420 EGallery PHP File Upload Vulnerability New: 22421 Cisco Linksys PlayerPT ActiveX Control Buffer Overflow Vulnerability New: 22422 Cisco Linksys PlayerPT ActiveX Control SetSource sURL argument Buffer Overflow Vulnerability New: 22423 Dell SonicWALL (Plixer) Scrutinizer 9 SQL Injection Vulnerability New: 22424 Simple Web Server Connection Header Buffer Overflow Vulnerability New: 22425 Microsoft Office SharePoint Server 2007 Remote Code Execution Vulnerability New: 22426 Novell ZENworks Configuration Management Preboot Service 0x21 Buffer Overflow Vulnerability New: 22427 Novell ZENworks Configuration Management Preboot Service 0x4c Buffer Overflow Vulnerability New: 22428 Novell ZENworks Configuration Management Preboot Service 0x06 Buffer Overflow Vulnerability New: 22429 Novell ZENworks Configuration Management Preboot Service 0x6c Buffer Overflow Vulnerability New: 22353 Citect SCADA ODBC Server Remote Stack Overflow Vulnerability Vulnerability New: 22354 RealWin SCADA Server Remote Stack Overflow Vulnerability Vulnerability New: 22355 Winlog Pro Malformed Packets Stack Buffer Overflow Vulnerability Vulnerability New: 22356 WonderWare SuiteLink slssvc.exe Remote Denial of Service Vulnerability Vulnerability New: 22357 ClearSCADA Heap Overflow Vulnerability Vulnerability New: 22358 Invensys Wonderware InBatch lm_tcp Service Buffer Overflow Vulnerability Vulnerability New: 22359 Ecava IntegraXor Directory Traversal Vulnerability Vulnerability New: 22360 RealWin Specially Crafted Packet Processing Stack Overflow Vulnerability Vulnerability New: 22361 Intellicom HMS HICP Agreement Hostname Field Buffer Overflow Vulnerability Vulnerability New: 22362 WellinTech KingView HistorySvr.exe Heap Buffer Overflow Vulnerability Vulnerability New: 22363 NetBiter webSCADA Directory Traversal Vulnerability Vulnerability New: 22364 VxWorks Information Disclosure Vulnerability Vulnerability New: 22365 Automated Solutions Modbus/TCP Master OPC Server Heap Buffer Overflow Vulnerability Vulnerability New: 22366 IGSS SCADA System Directory Traversal and Download Vulnerability Vulnerability New: 22367 IGSS SCADA System Directory Traversal Upload and Overwrite Vulnerability Vulnerability New: 22368 IGSS SCADA ListAll Function Buffer Overflow Vulnerability Vulnerability New: 22369 IGSS SCADA Write File Function Buffer Overflow Vulnerability Vulnerability New: 22370 IGSS SCADA ReadFile Function Buffer Overflow Vulnerability Vulnerability New: 22371 IGSS SCADA Delete Function Buffer Overflow Vulnerability Vulnerability New: 22372 IGSS SCADA RenameFile Function Buffer Overflow Vulnerability Vulnerability New: 22374 IGSS SCADA FileInfo Function Buffer Overflow Vulnerability Vulnerability New: 22375 IGSS SCADA RMS Report Add Command Buffer Overflow Vulnerability Vulnerability New: 22376 IGSS SCADA RMS Report Template ReadFile Command Buffer Overflow Vulnerability Vulnerability New: 22377 IGSS SCADA RMS Report Template WriteFile Command Buffer Overflow Vulnerability Vulnerability New: 22378 IGSS SCADA RMS Report Template Rename Command Buffer Overflow Vulnerability Vulnerability New: 22379 IGSS SCADA RMS Report Template Delete Command Buffer Overflow Vulnerability Vulnerability New: 22380 IGSS SCADA STDREP Request Buffer Overflow Vulnerability Vulnerability New: 22382 RealFlex RealWin SCADA SCPC_TXTEVENT strcpy() Buffer Overflow Vulnerability Vulnerability New: 22381 IGSS SCADA dc.exe Server Directory Traversal Arbitrary File Execution Vulnerability Vulnerability New: 22384 RealFlex RealWin SCADA On_FC_CTAGLIST_FCS_CADDTAG Buffer Overflow Vulnerability Vulnerability New: 22385 RealFlex RealWin SCADA On_FC_CTAGLIST_FCS_CDELTAG Buffer Overflow Vulnerability Vulnerability New: 22386 RealFlex RealWin SCADA On_FC_CTAGLIST_FCS_ADDTAGMS Buffer Overflow Vulnerability Vulnerability New: 22387 RealFlex RealWin SCADA On_FC_RFUSER_FCS_LOGIN Buffer Overflow Vulnerability Vulnerability New: 22388 RealFlex RealWin SCADA On_FC_BINFILE_FCS_FILE Buffer Overflow Vulnerability Vulnerability New: 22389 RealFlex RealWin SCADA On_FC_MISC_FCS_MSGBROADCAST Buffer Overflow Vulnerability Vulnerability New: 22390 RealFlex RealWin SCADA On_FC_MISC_FCS_MSGSEND Buffer Overflow Vulnerability Vulnerability New: 22392 RealFlex RealWin SCADA On_FC_CGETTAG_FCS_GETCHANNELTELEMETRY Buffer Overflow Vulnerability Vulnerability New: 22391 RealFlex RealWin SCADA On_FC_CGETTAG_FCS_GETTELEMETRY Buffer Overflow Vulnerability Vulnerability New: 22393 RealFlex RealWin SCADA On_FC_CGETTAG_FCS_SETTELEMETRY Buffer Overflow Vulnerability Vulnerability New: 22394 RealFlex RealWin SCADA On_FC_CGETTAG_FCS_SETCHANNELTELEMETRY Buffer Overflow Vulnerability Vulnerability New: 22395 RealFlex RealWin SCADA On_FC_SCRIPT_FCS_STARTPROG Buffer Overflow Vulnerability Vulnerability New: 22396 Iconics Genesis SCADA Freeing of Unitialized Memory Trigger Option Vulnerability Vulnerability New: 22397 Iconics Genesis SCADA Integer Overflow Vulnerability Vulnerability New: 22398 Siemens Tecnomatix FactoryLink CSService CSMSG filter Buffer Overflow Vulnerability Vulnerability New: 22399 Siemens Tecnomatix FactoryLink CSService GetFile path Buffer Overflow Vulnerability Vulnerability New: 22400 Siemens Tecnomatix FactoryLink CSService GetFileInfo path Buffer Overflow Vulnerability Vulnerability New: 22383 RealFlex RealWin SCADA On_FC_CONNECT_FCS_LOGIN Buffer Overflow Vulnerability Vulnerability
发布时间：2012-08-23 18:38:58

名称： eoi.unify.rulepatch.5.6.7.264.rule	版本：5.6.7.264
MD5：93539012e6daebd5f8a0b8eb696b2243	大小：5.33M
描述：新增: 22343 CVE-2012-1526 Microsoft Internet Explorer Layout内存破坏漏洞(MS12-052) 新增: 22344 CVE-2012-1850 Windows Networking Components远程管理协议拒绝服务漏洞(MS12-054) 新增: 22345 CVE-2012-1851 Windows Networking Components Print Spooler服务格式化串漏洞(MS12-054) 新增: 22346 CVE-2012-1852 Windows Networking Components远程管理协议堆溢出漏洞(MS12-054) 新增: 22347 CVE-2012-1853 Windows Networking Components远程管理协议栈溢出漏洞(MS12-054) 新增: 22348 CVE-2012-2521 Microsoft Internet Explorer Asynchronous NULL Object Access远程代码执行漏洞(MS12-052) 新增: 22349 CVE-2012-2522 Microsoft Internet Explorer Virtual Function Table Corruption远程代码执行漏洞(MS12-052) 新增: 22350 CVE-2012-2523 Microsoft Internet Explorer JavaScript 整数溢出远程代码执行漏洞(MS12-052) 新增: 22351 CVE-2012-2526 Microsoft远程桌面协议漏洞(MS12-053) 新增: 22352 CVE-2012-1889 MSXML未初始化内存破坏漏洞(MS12-043) 新增: 30577 pcAnywhere登录扫描新增: 22329 S40 0.4.2 CMS目录遍历漏洞新增: 22330 Log1 CMS writeInfo() PHP代码注入漏洞新增: 22331 PHP Volunteer Management System v1.0.2任意文件上传漏洞新增: 22332 Apache Struts远程命令执行漏洞新增: 22333 GIMP script-fu Server缓冲区溢出漏洞新增: 22334 Symantec Web Gateway 5.0.2.8 relfile文件包含漏洞新增: 22335 WeBid converter.php远程PHP代码注入漏洞新增: 22336 appRain CMF Arbitrary PHP文件上传漏洞新增: 22337 Lattice Semiconductor ispVM System XCF文件处理泄露漏洞新增: 22338 MPlayer SAMI Subtitle文件缓冲区溢出漏洞新增: 22339 OpenOffice OLE Importer DocumentSummaryInformation Stream处理溢出漏洞新增: 22340 QuickShare File Server 1.2.1目录遍历漏洞新增: 22341 RabidHamster R4 Log Entry sprintf()缓冲区溢出漏洞 New: 22343 CVE-2012-1526 Microsoft Internet Explorer Layout Memory Corruption Vulnerability(MS12-052) New: 22344 CVE-2012-1850 Windows Networking Components Remote Administration Protocol Denial of Service Vulnerability(MS12-054) New: 22345 CVE-2012-1851 Windows Networking Components Print Spooler Service Format String Vulnerability(MS12-054) New: 22346 CVE-2012-1852 Windows Networking Components Remote Administration Protocol Heap Overflow Vulnerability(MS12-054) New: 22347 CVE-2012-1853 Windows Networking Components Remote Administration Protocol Stack Overflow Vulnerability(MS12-054) New: 22348 CVE-2012-2521 Microsoft Internet Explorer Asynchronous NULL Object Access Remote Code Execution Vulnerability(MS12-052) New: 22349 CVE-2012-2522 Microsoft Internet Explorer Virtual Function Table Corruption Remote Code Execution Vulnerability(MS12-052) New: 22350 CVE-2012-2523 Microsoft Internet Explorer JavaScript Integer Overflow Remote Code Execution Vulnerability(MS12-052) New: 22351 CVE-2012-2526 Microsoft Remote Desktop Protocol Vulnerability(MS12-053) New: 22352 CVE-2012-1889 MSXML Uninitialized Memory Corruption Vulnerability(MS12-043) New: 30577 pcAnywhere Login Scanner New: 22329 S40 0.4.2 CMS Directory Traversal Vulnerability New: 22330 Log1 CMS writeInfo() PHP Code Injection Vulnerability New: 22331 PHP Volunteer Management System v1.0.2 Arbitrary File Upload Vulnerability New: 22332 Apache Struts Remote Command Execution Vulnerability New: 22333 GIMP script-fu Server Buffer Overflow Vulnerability New: 22334 Symantec Web Gateway 5.0.2.8 relfile File Inclusion Vulnerability New: 22335 WeBid converter.php Remote PHP Code Injection Vulnerability New: 22336 appRain CMF Arbitrary PHP File Upload Vulnerability New: 22337 Lattice Semiconductor ispVM System XCF File Handling Overflow Vulnerability New: 22338 MPlayer SAMI Subtitle File Buffer Overflow Vulnerability New: 22339 OpenOffice OLE Importer DocumentSummaryInformation Stream Handling Overflow Vulnerability New: 22340 QuickShare File Server 1.2.1 Directory Traversal Vulnerability New: 22341 RabidHamster R4 Log Entry sprintf() Buffer Overflow Vulnerability
发布时间：2012-08-17 19:54:48