|
|
 |
 |
网络入侵防护系统(IPS)规则5.6.7 升级包列表
| 名称:
eoi.unify.rulepatch.5.6.7.312.rule
|
版本:5.6.7.312 |
| MD5:b794b82afa0090547e01434d83531082 |
大小:10.06M |
描述:
绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.67,升级包导入后引擎会自动重启。
规则新增或更新列表:
新增: 22714 Adobe ColdFusion /CFIDE/adminapi/customtags/l10n.cfm 目录遍历漏洞 (CVE-2013-3336)
新增: 22715 APT/Crime Pack网络攻击流量特征
新增: 22708 Microsoft IE 8浏览器恶意代码攻击
修改: 21395 Microsoft XML核心服务XMLHTTP控件内存破坏漏洞
修改: 21420 Microsoft IE非法事件操作内存破坏漏洞(MS10-002)
修改: 50158 Telnet服务IAC选项炸弹攻击
NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.67.After upgrade package is imported,engine will automatically restart.
List of added or modified signatures:
Added: 22714 Adobe ColdFusion /CFIDE/adminapi/customtags/l10n.cfm Directory Traversal Vulnerability(CVE-2013-3336)
Added: 22715 APT/Crime Pack Network Attack Traffic Characteristics
Added: 22708 Microsoft IE 8 Browser Malicious Code Attack
Modified: 21395 Microsoft XML Core Server XMLHTTP Control Memory Corruption Vulnerability
Modified: 21420 Microsoft IE Illegal Event Operation Memory Corruption Vulnerability(MS10-002)
Modified: 50158 Telnet Service IAC Option Bomb |
| 发布时间:2013-05-23 17:19:03 |
| 名称:
eoi.unify.rulepatch.5.6.7.311.rule
|
版本:5.6.7.311 |
| MD5:c62c2e2e8fc921d77076caf1634e5252 |
大小:10.01M |
描述:
绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.67,升级包导入后引擎会自动重启。
规则新增或更新列表:
新增: 22708 Microsoft IE 8浏览器恶意代码攻击
新增:30610 ColdFusion 9 / 10 远程目录遍历漏洞
新增:22712 nginx ngx_http_parse.c chunk处理栈溢出漏洞
新增:41046 漏洞扫描器X-Scan CGI漏洞扫描操作
新增:41047 Web应用漏洞扫描器Nikto扫描操作
新增:21711 Huawei AR系列路由器SNMPv3 缓冲器溢出漏洞
新增:21712 nginx ngx_http_parse.c chunk处理栈溢出漏洞
新增:22707 Microsoft IE 8释放后重用远程代码执行漏洞(CVE-2013-1347)
NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.67.After upgrade package is imported,engine will automatically restart.
List of added or modified signatures:
Added: 22708 Microsoft IE 8 Browser Malicious Code Attack
Added: 30610 ColdFusion 9 / 10 Remote Directory Traversal Vulnerability
Added: 22712 nginx 'ngx_http_parse.c' Stack Buffer Overflow Vulnerability
Added: 41046 Vulnerability Scanner X-Scan CGI Scan Operation
Added: 41047 Web Application Vulnerability Scanner Nikto Scan Operation
Added: 22711 Huawei AR Series Router SNMPv3 Buffer Overflows Vulnerability
Added: 22712 nginx 'ngx_http_parse.c' Stack Buffer Overflow Vulnerability
Added: 22707 Microsoft IE 8 Use After Free Remote Code Execution Vulnerability(CVE-2013-1347) |
| 发布时间:2013-05-16 14:17:09 |
| 名称:
eoi.unify.rulepatch.5.6.7.310.rule
|
版本:5.6.7.310 |
| MD5:d0215b56833b070960f838cd8c8b26e2 |
大小:9.99M |
描述:
绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.67,升级包导入后引擎会自动重启。
规则新增或更新列表:
新增: 22707 Microsoft IE 8远程代码执行漏洞(CVE-2013-1347)
修改: 50098 Windows系统远程管理工具Remote Administrator用户认证
NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.67.After upgrade package is imported,engine will automatically restart.
List of added or modified signatures:
Added: 22707 Microsoft Internet Explorer Remote Code Execution Vulnerability(CVE-2013-1347)
Modified: 50098 Windows Remote Management Tool Remote Administrator Authentication |
| 发布时间:2013-05-04 19:37:31 |
| 名称:
eoi.unify.rulepatch.5.6.7.309.rule
|
版本:5.6.7.309 |
| MD5:473534ad1753550c66cc7b42c01b2f54 |
大小:9.26M |
描述:
绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.67,升级包导入后引擎会自动重启。
规则新增或更新列表:
新增: 22700 Linksys E1500 URL 重定向漏洞
修改: 50147 DB2数据库管理服务回应
NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.67.After upgrade package is imported,engine will automatically restart.
List of added or modified signatures:
Added: 22700 Linksys E1500 URL Redirection Vulnerability
Modified: 50147 DB2 Database Management Service Response
|
| 发布时间:2013-05-02 15:14:33 |
| 名称:
eoi.unify.rulepatch.5.6.7.308.rule
|
版本:5.6.7.308 |
| MD5:f82a85097bc5f9ccaebbe25a43068442 |
大小:9.26M |
描述:
绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.67,升级包导入后引擎会自动重启。
规则新增或更新列表:
新增: 30604 WHMCS grouppay 插件SQL注入漏洞
新增: 30605 PHP-AddressBook v6.2.4 SQL 注入漏洞
新增: 22698 PHP-AddressBook v6.2.4 跨站脚本漏洞
新增: 30603 phpVMS Virtual Airline Administration 'itemid' 参数 SQL注入漏洞
新增: 22696 Netgear DGN1000B setup.cgi 远程命令注入漏洞
新增: 22697 Linksys E1500/E2500 apply.cgi 远程命令注入漏洞
新增: 22695 BigAnt Server 2.97 DDNF 用户名字段溢出漏洞
新增: 30602 AXIGEN Mail Server "fileName"任意文件泄露和删除漏洞
修改: 50109 网络游戏石器时代客户端连接服务器
NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.67.After upgrade package is imported,engine will automatically restart.
List of added or modified signatures:
Added: 30604 WHMCS grouppay plugin SQL Injection <= 1.5
Added: 30605 PHP-AddressBook v6.2.4 SQL INJECTION
Added: 22698 PHP-AddressBook v6.2.4 XSS Vulnerability
Added: 30603 phpVMS Virtual Airline Administration 'itemid' Parameter SQL Injection Vulnerability
Added: 22696 Netgear DGN1000B setup.cgi Remote Command Execution
Added: 22697 Linksys E1500/E2500 apply.cgi Remote Command Injection
Added: 22695 BigAnt Server 2.97 DDNF Username Buffer Overflow
Added: 30602 Axigen Arbitrary File Read and Delete
Modified: 50109 Online Game "Stone Age"Client Connect Server
|
| 发布时间:2013-04-25 17:23:20 |
| 名称:
eoi.unify.rulepatch.5.6.7.307.rule
|
版本:5.6.7.307 |
| MD5:f4c7c3b8d7bb28af69f69db2dc9ae192 |
大小:9.30M |
描述:
绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.67,升级包导入后引擎会自动重启。
规则新增或更新列表:
新增: 10341 DDOS工具攻击告警
新增: 10342 PostgreSQL远程拒绝服务和代码执行漏洞
新增: 22687 MongoDB nativeHelper.apply 远程代码注入漏洞
新增: 22688 ESPCMS Cookie ecisp_order_list 参数SQL注入漏洞
新增: 22689 Plesk Panel远程命令执行漏洞(CVE-2012-1557)
新增: 22690 Adobe ColdFusion 远程命令执行(APSB13-03)
新增: 22691 Adobe ColdFusion 认证绕过漏洞(APSB13-03)
新增: 22693 Microsoft Remote Desktop ActiveX控件远程代码执行漏洞(CVE-2013-1296)(MS13-029)
新增: 30601 Adobe ColdFusion 目录遍历漏洞(APSB13-03)
新增: 30602 AXIGEN Mail Server "fileName"任意文件泄露和删除漏洞
修改: 50101 网络游戏泡泡堂客户端连接服务器
NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.67.After upgrade package is imported,engine will automatically restart.
List of added or modified signatures:
Added: 10341 DDOS tool attacking detection
Added: 10342 PostgreSQL Denial of Service And Remote Code Execution Vulnerability
Added: 22687 MongoDB nativeHelper.apply Remote Code Execution
Added: 22688 ESPCMS Cookie ecisp_order_list Parameter SQL Injection Vulnerability
Added: 22689 Plesk Panel Remote Command Execution Vulnerability(CVE-2012-1557)
Added: 22690 Adobe ColdFusion APSB13-03 Arbitrary Command Execution
Added: 22691 Adobe ColdFusion APSB13-03 Authentication Bypass
Added: 22693 Microsoft Remote Desktop ActiveX Control Remote Code Execution(CVE-2013-1296)(MS13-029)
Added: 30601 Adobe ColdFusion APSB13-03 Directory Traversal Vulnerability
Added: 30602 Axigen Arbitrary File Read and Delete
Modified: 50101 Online Game "paopaotang" Client Connect Server
|
| 发布时间:2013-04-18 16:52:22 |
| 名称:
eoi.unify.rulepatch.5.6.7.306.rule
|
版本:5.6.7.306 |
| MD5:8018908577d16456223a40f1d1265335 |
大小:9.96M |
描述:
绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.67,升级包导入后引擎会自动重启。
规则新增或更新列表:
新增: 20278 POP3服务AUTH命令超长参数溢出攻击
修改: 21328 Oracle Java远程代码执行攻击
修改: 22686 Mutiny命令注入漏洞(CVE-2012-3001)
修改: 50170 远程控制管理工具PcAnywhere登录连接
NSFocus NIDS/NIPS product signature update package, depends on engine v5.6.7.67.After upgrade package is imported,engine will automatically restart.
List of added or modified signatures:
Added: 20278 POP3 Service AUTH Command Over-Long Parameter Buffer Overflow
Modified: 21328 Oracle Java Remote Code Execution Attack
Modified: 22686 Mutiny Remote Command Execution(CVE-2012-3001)
Modified: 50170 Remote Management Tool PcAnywhere Login Connection
|
| 发布时间:2013-04-11 20:00:47 |
| 名称:
eoi.unify.rulepatch.5.6.7.305.rule
|
版本:5.6.7.305 |
| MD5:9036168fdde42c62d2903573c47eb813 |
大小:9.96M |
描述:
绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.67,升级包导入后引擎会自动重启。
规则新增或更新列表:
新增: 22680 Apache Struts ParametersInterceptor远程命令执行
新增: 22684 EMC AlphaStor NetWorker命令处理器命令注入漏洞
修改: 50054 TELNET服务用户执行su命令
NSFocus NIDS/NIPS product signature update package, depends on engine v5.6.7.67.After upgrade package is imported,engine will automatically restart.
List of added or modified signatures:
Added: 22680 Apache Struts ParametersInterceptor Remote Code Execution
Added: 22684 EMC AlphaStor Device Manager Command Execution
Modified: 50054 su Command Execution in TELNET Service
|
| 发布时间:2013-04-03 15:52:05 |
| 名称:
eoi.unify.rulepatch.5.6.7.304.rule
|
版本:5.6.7.304 |
| MD5:a9468d7bf247a5582c012b9dd1371312 |
大小:9.95M |
描述:
绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.67,升级包导入后引擎会自动重启。
规则新增或更新列表:
新增: 22676 Ruby on Rails attr_protected 远程安全绕过漏洞(CVE-2013-0276)
新增: 22677 PolarPearCms PHP 文件上传漏洞
新增: 22678 OpenPLI Webif 任意命令执行漏洞
修改: 50035 IMAP服务用户认证成功
NSFocus NIDS/NIPS product signature update package, depends on engine v5.6.7.67.After upgrade package is imported,engine will automatically restart.
List of added or modified signatures:
Added: 22676 Ruby on Rails attr_protected Security Bypass Vulnerability(CVE-2013-0276)
Added: 22677 PolarPearCms PHP File Upload Vulnerability
Added: 22678 OpenPLI Webif Arbitrary Command Execution
Modified: 50035 IMAP Service User Authentication Success
|
| 发布时间:2013-03-28 14:51:40 |
| 名称:
eoi.unify.rulepatch.5.6.7.303.rule
|
版本:5.6.7.303 |
| MD5:92004cd74821444f0a89e9f3f2e53438 |
大小:8.95M |
描述:
绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.62,升级包导入后引擎会自动重启。
规则新增或更新列表:
新增: 22662 Microsoft Visio Viewer VSD文件格式远程代码执行漏洞(CVE-2013-0079)(MS13-023)
新增: 22663 Microsoft SharePoint 回调函数权限提升漏洞(CVE-2013-0080)(MS13-024)
新增: 22664 Microsoft SharePoint 跨站脚本漏洞(CVE-2013-0083)(MS13-024)
新增: 22665 Microsoft Internet Explorer OnResize 释放后重用远程代码执行漏洞(CVE-2013-0087)(MS13-021)
新增: 22666 Microsoft Internet Explorer saveHistory 释放后重用远程代码执行漏洞(CVE-2013-0088)(MS13-021)
新增: 22667 Microsoft Internet Explorer CMarkupBehavio释放后重用远程代码执行漏洞(CVE-2013-0089)(MS13-021)
新增: 22668 Microsoft Internet Explorer CCaret 释放后重用远程代码执行漏洞(CVE-2013-0090)(MS13-021)
新增: 22669 Microsoft Internet Explorer CElement 释放后重用远程代码执行漏洞(CVE-2013-0091)(MS13-021)
新增: 22670 Microsoft Internet Explorer GetMarkupPtr 释放后重用远程代码执行漏洞(CVE-2013-0092)(MS13-021)
新增: 22671 Microsoft Internet Explorer onBeforeCopy 释放后重用远程代码执行漏洞(CVE-2013-0093)(MS13-021)
新增: 22672 Microsoft Internet Explorer removeChild 释放后重用远程代码执行漏洞(CVE-2013-0094)(MS13-021)
新增: 22674 多个HP LaserJet Pro Printer远程debug telnet shell漏洞(CVE-2012-5215)
新增: 22675 TP-Link 无线路由器后门利用
新增: 30598 Microsoft SharePoint 目录遍历漏洞(CVE-2013-0084)(MS13-024)
新增: 30599 Microsoft OneNote 信息泄露漏洞(CVE-2013-0086) (MS13-025)
修改: 50035 IMAP服务用户认证
NSFocus NIDS/NIPS product signature update package, depends on engine v5.6.7.62.After upgrade package is imported,engine will automatically restart.
List of added or modified signatures:
Added: 22662 Microsoft Visio Viewer VSD File Format Remote Code Execution(CVE-2013-0079)(MS13-023)
Added: 22663 Microsoft SharePoint Callback Function Elevation of Privilege (CVE-2013-0080)(MS13-024)
Added: 22664 Microsoft SharePoint XSS(CVE-2013-0083)(MS13-024)
Added: 22665 Microsoft Internet Explorer OnResize Use After Free Remote Code Execution(CVE-2013-0087)(MS13-021)
Added: 22666 Microsoft Internet Explorer saveHistory Use After Free Remote Code Execution(CVE-2013-0088)(MS13-021)
Added: 22667 Microsoft Internet Explorer CMarkupBehavio Use After Free Remote Code Execution(CVE-2013-0089)(MS13-021)
Added: 22668 Microsoft Internet Explorer CCaret Use After Free Remote Code Execution(CVE-2013-0090)(MS13-021)
Added: 22669 Microsoft Internet Explorer CElement Use After Free(CVE-2013-0091)(MS13-021)
Added: 22670 Microsoft Internet Explorer GetMarkupPtr Use After Free Remote Code Execution(CVE-2013-0092)(MS13-021)
Added: 22671 Microsoft Internet Explorer onBeforeCopy Use After Free Remote Code Execution (CVE-2013-0093)(MS13-021)
Added: 22672 Microsoft Internet Explorer removeChild Use After Free Remote Code Execution(CVE-2013-0094)(MS13-021)
Added: 22674 HP LaserJet Pro Printer Remote debug telnet shell Backdoor(CVE-2012-5215)
Added: 22675 TP-Link Router Backdoor Exploit
Added: 30598 Microsoft SharePoint Directory Traversal(CVE-2013-0084)(MS13-024)
Added: 30599 Microsoft OneNote Information Disclosure(CVE-2013-0086) (MS13-025)
Modified: 50035 IMAP Service User Authentication
|
| 发布时间:2013-03-21 15:52:41 |
| 名称:
eoi.unify.rulepatch.5.6.7.301.rule
|
版本:5.6.7.301 |
| MD5:789e0879a0effcd600c6501db652ce31 |
大小:9.87M |
描述:
绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.62,升级包导入后引擎会自动重启。
规则新增或更新列表:
新增: 22652 Movable Type Web 升级模块远程代码执行漏洞
新增: 22653 php-Charts 'url.php'任意PHP代码执行漏洞
修改: 22639 Microsoft Internet Explorer SLayoutRun释放后重用远程代码执行漏洞(MS13-009)
NSFocus NIDS/NIPS product signature update package, depends on engine v5.6.7.62.After upgrade package is imported,engine will automatically restart.
List of added or modified signatures:
Added: 22652 Movable Type 4.2x, 4.3x Web Upgrade Remote Code Execution
Added: 22653 PHP-Charts v1.0 PHP Code Execution Vulnerability
Modified: 22639 Microsoft Internet Explorer SLayoutRun Use After Free Remote Code Excuted(MS13-009)
|
| 发布时间:2013-03-07 16:13:01 |
| 名称:
eoi.unify.rulepatch.5.6.7.300.rule
|
版本:5.6.7.300 |
| MD5:2ed1a6e111b528400a69fb50ef5afcce |
大小:9.85M |
描述:
绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.62,升级包导入后引擎会自动重启。
规则新增或更新列表:
新增: 22647 EMC NetWorker 'nsrindexd' RPC服务缓冲区溢出漏洞
新增: 22633 Microsoft Internet Explorer SetCapture释放后重用远程代码执行漏洞(MS13-009)
新增: 22634 Microsoft Internet Explorer COmWindowProxy释放后重用远程代码执行漏洞(MS13-009)
新增: 22635 Microsoft Internet Explorer CMarkup释放后重用远程代码执行漏洞(MS13-009)
新增: 22636 Microsoft Internet Explorer vtable释放后重用远程代码执行漏洞(MS13-009)
新增: 22637 Microsoft Internet Explorer LsGetTrailInfo释放后重用远程代码执行漏洞(MS13-009)
新增: 22638 Microsoft Internet Explorer pasteHTML释放后重用远程代码执行漏洞(MS13-009)
新增: 22639 Microsoft Internet Explorer SLayoutRun释放后重用远程代码执行漏洞(MS13-009)
新增: 22640 Microsoft Internet Explorer CPasteComma释放后重用远程代码执行漏洞(MS13-009)
新增: 22641 Microsoft Internet Explorer CObjectElem释放后重用远程代码执行漏洞(MS13-009)
新增: 22642 Microsoft Internet Explorer CHTML 释放后重用远程代码执行漏洞(MS13-009)
新增: 22643 Microsoft Internet Explorer Vector Markup Language 内存破坏漏洞(CVE-2013-0030)(MS13-010)
新增: 22644 Microsoft DirectShow 远程代码执行漏洞(CVE-2013-0077) (MS13-011)
新增: 22645 Microsoft Windows Object Linking and Embedding (OLE) Automation远程代码执行漏洞(MS13-020)
NSFocus NIDS/NIPS product signature update package, depends on engine v5.6.7.62.After upgrade package is imported,engine will automatically restart.
List of added or modified signatures:
Added: 22647 EMC NetWorker 'nsrindexd' RPC Service Buffer Overflow Vulnerability
Added: 22633 Microsoft Internet Explorer SetCapture Use After Free Remote Code Execution(MS13-009)
Added: 22634 Microsoft Internet Explorer COmWindowProxy Use After Free Remote Code Execution(MS13-009)
Added: 22635 Microsoft Internet Explorer CMarkup Use After Free Remote Code Execution(MS13-009)
Added: 22636 Microsoft Internet Explorer vtable Use After Free Remote Code Execution(MS13-009)
Added: 22637 Microsoft Internet Explorer LsGetTrailInfo Use After Free Remote Code Execution(MS13-009)
Added: 22638 Microsoft Internet Explorer pasteHTML Use After Free Remote Code Execution(MS13-009)
Added: 22639 Microsoft Internet Explorer SLayoutRun Use After Free Remote Code Excuted(MS13-009)
Added: 22640 Microsoft Internet Explorer CPasteComma Use After Free Remote Code Execution(MS13-009)
Added: 22641 Microsoft Internet Explorer CObjectElem Use After Free Remote Code Execution(MS13-009)
Added: 22642 Microsoft Internet Explorer CHTML Use After Free Remote Code Execution(MS13-009)
Added: 22643 Microsoft Internet Explorer Vector Markup Language Memory Corruption(CVE-2013-0030)(MS13-010)
Added: 22644 Microsoft DirectShow Remote Code Execution(CVE-2013-0077) (MS13-011)
Added: 22645 Microsoft Windows Object Linking and Embedding (OLE) Automation Remote Code Execution(MS13-020) |
| 发布时间:2013-02-28 16:36:20 |
| 名称:
eoi.unify.rulepatch.5.6.7.299.rule
|
版本:5.6.7.299 |
| MD5:c72ebf2dfd933e8e77e86cf3b0a05897 |
大小:9.96M |
描述:
绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.62,升级包导入后引擎会自动重启。
规则新增或更新列表:
新增: 22615 PHPCMS V9版本帐号管理页面POST参数SQL注入漏洞
NSFocus NIDS/NIPS product signature update package, depends on engine v5.6.7.62.After upgrade package is imported,engine will automatically restart.
List of added or modified signatures:
Added: 22615 PHPCMS V9 Account Manage POST Parameter SQL Injection Vulnerability
|
| 发布时间:2013-02-21 14:51:41 |
| 名称:
eoi.unify.rulepatch.5.6.7.298.rule
|
版本:5.6.7.298 |
| MD5:5675ddc21db3113c30983d5987caec28 |
大小:9.96M |
描述:
绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.62,升级包导入后引擎会自动重启。
规则新增或更新列表:
新增: 10338 Microsoft Windows SSL远程拒绝服务漏洞(MS04-011)
NSFocus NIDS/NIPS product signature update package, depends on engine v5.6.7.62.After upgrade package is imported,engine will automatically restart.
List of added or modified signatures:
Added: 10338 Microsoft Windows SSL Remote DoS Vulnerability
|
| 发布时间:2013-02-14 09:56:25 |
| 名称:
eoi.unify.rulepatch.5.6.7.297.rule
|
版本:5.6.7.297 |
| MD5:43061f80c84e2ddae78d9e030237e3ce |
大小:9.96M |
描述:
绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.62,升级包导入后引擎会自动重启。
规则新增或更新列表:
新增: 22630 Icinga history.cgi "show_history()" 缓冲区溢出漏洞
NSFocus NIDS/NIPS product signature update package, depends on engine v5.6.7.62.After upgrade package is imported,engine will automatically restart.
List of added or modified signatures:
Added: 22630 Icinga history.cgi "show_history()" Buffer Overflow Vulnerability
|
| 发布时间:2013-02-07 08:45:44 |
| 名称:
eoi.unify.rulepatch.5.6.7.296.rule
|
版本:5.6.7.296 |
| MD5:81b6e39dc77df186f890e3b9bbf6a2fe |
大小:9.96M |
描述:
绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.62,升级包导入后引擎会自动重启。
规则新增或更新列表:
新增: 30590 Web应用漏洞扫描工具WebInspect扫描操作
NSFocus NIDS/NIPS product signature update package, depends on engine v5.6.7.62.After upgrade package is imported,engine will automatically restart.
List of added or modified signatures:
Added: 30590 Web Application Vulnerability Scanner WebInspect Scan Operation
|
| 发布时间:2013-02-01 18:32:42 |
| 名称:
eoi.unify.rulepatch.5.6.7.295.rule
|
版本:5.6.7.295 |
| MD5:f88a08f7935429c956303124997d3a47 |
大小:9.90M |
描述:
绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.62,升级包导入后引擎会自动重启。
规则新增或更新列表:
新增: 22625 MoinMoin action/twikidraw.py和action/anywikidraw.py任意代码执行漏洞
新增: 30586 BigAnt IM Server SHU请求SQL注入漏洞
NSFocus NIDS/NIPS product signature update package, depends on engine v5.6.7.62.After upgrade package is imported,engine will automatically restart.
List of added or modified signatures:
Added: 22625 MoinMoin action/twikidraw.py action/anywikidraw.py Remote Code Execution Vulnerability
Added: 30586 BigAnt IM Server SHU request SQL injection vulnerability |
| 发布时间:2013-01-25 18:29:55 |
| 名称:
eoi.unify.rulepatch.5.6.7.294.rule
|
版本:5.6.7.294 |
| MD5:add96ce1168919b4f1664fe22fe8c2bd |
大小:9.79M |
描述:
绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.62,升级包导入后引擎会自动重启。
规则新增或更新列表:
新增: 22616 Symantec Messaging Gateway任意文件下载漏洞
新增: 22617 Foswiki MAKETEXT远程命令执行漏洞
新增: 22619 WordPress Asset-Manager PHP 文件上传漏洞
新增: 22620 WordPress WP-Property PHP 文件上传漏洞
NSFocus NIDS/NIPS product signature update package, depends on engine v5.6.7.62.After upgrade package is imported,engine will automatically restart.
List of added or modified signatures:
Added: 22616 Symantec Messaging Gateway 9.5 Log File Download Vulnerability
Added: 22617 Foswiki MAKETEXT Remote Command Execution
Added: 22619 WordPress Asset-Manager PHP File Upload Vulnerability
Added: 22620 WordPress WP-Property PHP File Upload Vulnerability
|
| 发布时间:2013-01-17 18:03:45 |
| 名称:
eoi.unify.rulepatch.5.6.7.293.rule
|
版本:5.6.7.293 |
| MD5:379db7aca76eb638cb4c31eaea513c7e |
大小:9.78M |
描述:
绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.62,升级包导入后引擎会自动重启。
规则新增或更新列表:
新增: 22621 Oracle Java 7 JmxMBeanServer类远程代码执行漏洞
NSFocus NIDS/NIPS product signature update package, depends on engine v5.6.7.62.After upgrade package is imported,engine will automatically restart.
List of added or modified signatures:
New: 22621 Oracle Java 7 JmxMBeanServer Remote Code Execution
|
| 发布时间:2013-01-12 15:05:12 |
| 名称:
eoi.unify.rulepatch.5.6.7.292.rule
|
版本:5.6.7.292 |
| MD5:ca96efc6ed68960521681225886b737c |
大小:9.76M |
描述:
绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.62,升级包导入后引擎会自动重启。
规则新增或更新列表:
新增: 22618 CVE-2013-0010 System Center Operations Manager Web Console XSS漏洞(MS13-003)
新增: 10337 CVE-2013-0005 Open Data Protocol Replace拒绝服务漏洞(MS13-007)
新增: 20612 TrackerCam PHP参数远程缓冲区溢出攻击
新增: 20613 SGI IRIX lpsched远程命令执行攻击
修改: 50140 PPTV网络电视流媒体播放(TCP)
修改: 50193 PPTV网络电视流媒体播放(UDP)
修改: 50158 Telnet服务IAC选项炸弹攻击
NSFocus NIDS/NIPS product signature update package, depends on engine v5.6.7.62.After upgrade package is imported,engine will automatically restart.
List of added or modified signatures:
New: 22618 CVE-2013-0010 System Center Operations Manager Web Console XSS Vulnerability(MS13-003)
New: 10337 CVE-2013-0005 Open Data Protocol Replace Denial of Service Vulnerability(MS13-007)
New: 20612 TrackerCam PHP Parameter Remote Buffer Overflow
New: 20613 SGI IRIX lpsched Remote Command Execution
Modify: 50140 PPTV Network TV Streaming Media Playing (TCP)
Modify: 50193 PPTV Network TV Streaming Media Playing (UDP)
Modify: 50158 Telnet Service IAC Option Bomb |
| 发布时间:2013-01-10 16:54:50 |
| 名称:
eoi.unify.rulepatch.5.6.7.291.rule
|
版本:5.6.7.291 |
| MD5:9cff605f2dff0dca57720f47e8741265 |
大小:10.19M |
描述:
绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.62,升级包导入后引擎会自动重启。
规则新增或更新列表:
新增: 22609 Microsoft IE mshtml!CDwnBindInfo对象释放后重用代码执行漏洞
新增: 22607 PHPCMS V9版poster_click函数SQL注入漏洞
NSFocus NIDS/NIPS product signature update package, depends on engine v5.6.7.62.After upgrade package is imported engine will automatically restart.
List of added or modified signatures:
New: 22609 Microsoft Internet Explorer CDwnBindInfo Object Use-After-Free Vulnerability
New: 22607 PHPCMS V9 poster_click function SQL injection vulnerability |
| 发布时间:2012-12-31 14:10:55 |
| 名称:
eoi.unify.rulepatch.5.6.7.290.rule
|
版本:5.6.7.290 |
| MD5:bd175d838f93501d570608c2d7b36214 |
大小:10.17M |
描述:
绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.62,升级包导入后引擎会自动重启。
规则新增或更新列表:
新增: 22602 Nagios XI 网络监控器Graph Explorer组件命令注入漏洞
新增: 22603 Splunk 5.0 用户自定义程序远程执行漏洞
新增: 22606 WordPress 多个CMSMasters主题'upload.php'任意文件上传漏洞
NSFocus NIDS/NIPS product signature update package, depends on engine v5.6.7.62.After upgrade package is imported,engine will automatically restart.
List of added or modified signatures:
New: 22602 Nagios XI Network Monitor Graph Explorer Component Command Injection
New: 22603 Splunk 5.0 Custom App Remote Code Execution
New: 22606 Clockstone and other CMSMasters Theme File Upload Vulnerabilities |
| 发布时间:2012-12-27 17:31:42 |
| 名称:
eoi.unify.rulepatch.5.6.7.289.rule
|
版本:5.6.7.289 |
| MD5:96ce19cf17248f6a52555be275f22dca |
大小:6.40M |
描述:
绿盟NIDS/NIPS规则升级文件,适用于v5.6.7.39及以上版本。规则更新列表如下:
新增: 22599 OracleMySQL/MariaDB acl_get()和check_grant_db_routine()函数缓冲区溢出漏洞
新增: 22600 HP Data Protector DtbClsLogin缓冲区溢出漏洞
NsFocus NIDS/NIPS rules upgrade file,apply to v5.6.7.39 and above.Signature Set Update:
New: 22599 OracleMySQL/MariaDB acl_get() and check_grant_db_routine() function buffer overflow vulnerability
New: 22600 HP Data Protector DtbClsLogin Buffer Overflow
|
| 发布时间:2012-12-20 15:44:22 |
| 名称:
eoi.unify.rulepatch.5.6.7.288.rule
|
版本:5.6.7.288 |
| MD5:64fdbfbd3641d73981d5802e8f3a00f4 |
大小:6.46M |
描述:
绿盟NIDS/NIPS规则升级文件,适用于v5.6.7.39及以上版本。规则更新列表如下:
新增: 22593 CVE-2012-1537 Microsoft DirectPlay堆溢出漏洞(MS12-082)
新增: 22594 CVE-2012-2539 Microsoft Word RTF 'listoverridecount'远程代码执行漏洞(MS12-079)
新增: 22595 CVE-2012-2556 Microsoft OpenType字体解析漏洞(MS12-078)
新增: 22596 CVE-2012-4774 Microsoft Windows文件名解析漏洞(MS12-081)
新增: 22597 CVE-2012-4786 Microsoft TrueType字体解析漏洞(MS12-078)
新增: 22598 CVE-2012-4787 Microsoft Internet Explorer Improper Ref Counting释放后重用漏洞(MS12-077)
NsFocus NIDS/NIPS rules upgrade file,apply to v5.6.7.39 and above.Signature Set Update:
New: 22593 CVE-2012-1537 Microsoft DirectPlay Heap Overflow Vulnerability(MS12-082)
New: 22594 CVE-2012-2539 Microsoft Word RTF 'listoverridecount' Remote Code Execution Vulnerability(MS12-079)
New: 22595 CVE-2012-2556 Microsoft OpenType Font Parsing Vulnerability(MS12-078)
New: 22596 CVE-2012-4774 Microsoft Windows Filename Parsing Vulnerability(MS12-081)
New: 22597 CVE-2012-4786 Microsoft TrueType Font Parsing Vulnerability(MS12-078)
New: 22598 CVE-2012-4787 Microsoft Internet Explorer Improper Ref Counting Use After Free Vulnerability(MS12-077)
|
| 发布时间:2012-12-11 16:17:08 |
| 名称:
eoi.unify.rulepatch.5.6.7.287.rule
|
版本:5.6.7.287 |
| MD5:10386772e5ad709ede163ebfb636719a |
大小:6.46M |
描述:
绿盟NIDS/NIPS规则升级文件,适用于v5.6.7.39及以上版本。规则更新列表如下:
新增: 22588 Samsung打印机固件管理账号后门
NsFocus NIDS/NIPS rules upgrade file,apply to v5.6.7.39 and above.Signature Set Update:
New: 22588 Samsung printer firmware management account backdoor
|
| 发布时间:2012-12-06 17:08:59 |
| 名称:
eoi.unify.rulepatch.5.6.7.286.rule
|
版本:5.6.7.286 |
| MD5:e1a4c90229b19477955ce6c9885aa094 |
大小:6.51M |
描述:
绿盟NIDS/NIPS规则升级文件,适用于v5.6.7.39及以上版本。规则更新列表如下:
新增: 22532 WordPress plugin Foxypress uploadify.php任意代码执行漏洞
新增: 22529 Bitweaver多个跨站脚本执行和本地文件包含漏洞
NsFocus NIDS/NIPS rules upgrade file,apply to v5.6.7.39 and above.Signature Set Update:
New: 22532 WordPress plugin Foxypress uploadify.php Arbitrary Code Execution Vulnerability
New: 22529 Bitweaver multiple Cross Site Scripting and Local File Inclusion Vulnerability
|
| 发布时间:2012-11-29 15:17:30 |
| 名称:
eoi.unify.rulepatch.5.6.7.285.rule
|
版本:5.6.7.285 |
| MD5:df7625d99ec85e1c09a497fa41accb50 |
大小:6.47M |
描述:
绿盟NIDS/NIPS规则升级文件,适用于v5.6.7.39及以上版本。规则更新列表如下:
新增: 22504 Oracle Network Authentication组件远程代码执行漏洞
新增: 22506 Invision Power Board le 3.3.4 unserialize() PHP代码执行漏洞
NsFocus NIDS/NIPS rules upgrade file,apply to v5.6.7.39 and above.Signature Set Update:
New: 22504 Oracle Network Authentication Component Remote Code Execution Vulnerability
New: 22506 Invision Power Board le 3.3.4 unserialize () PHP Code Execution Vulnerability
|
| 发布时间:2012-11-22 16:50:21 |
| 名称:
eoi.unify.rulepatch.5.6.7.284.rule
|
版本:5.6.7.284 |
| MD5:71db4d5acdba11f2331ce3a51c8fefdd |
大小:6.46M |
描述:
绿盟NIDS/NIPS规则升级文件,适用于v5.6.7.39及以上版本。规则更新列表如下:
新增: 22507 CVE-2012-1538 Microsoft Internet Explorer CFormElement释放后重用漏洞(MS12-071)
新增: 22508 CVE-2012-1539 Microsoft Internet Explorer CTreePos释放后重用漏洞(MS12-071)
新增: 22509 CVE-2012-1885 Microsoft Excel SerAuxErrBar堆溢出漏洞(MS12-076)
新增: 22510 CVE-2012-1886 Microsoft Excel内存破坏漏洞(MS12-076)
新增: 22511 CVE-2012-1887 Microsoft Excel SST Invalid Length释放后重用漏洞(MS12-076)
新增: 22512 CVE-2012-2543 Microsoft Excel栈溢出漏洞(MS12-076)
新增: 22513 CVE-2012-2897 Microsoft Windows字体解析漏洞(MS12-075)
新增: 22514 CVE-2012-4775 Microsoft Internet Explorer CTreeNode释放后重用漏洞(MS12-071)
NsFocus NIDS/NIPS rules upgrade file,apply to v5.6.7.39 and above.Signature Set Update:
New: 22507 CVE-2012-1538 Microsoft Internet Explorer CFormElement Use After Free Vulnerability(MS12-071)
New: 22508 CVE-2012-1539 Microsoft Internet Explorer CTreePos Use After Free Vulnerability(MS12-071)
New: 22509 CVE-2012-1885 Microsoft Excel SerAuxErrBar Heap Overflow Vulnerability(MS12-076)
New: 22510 CVE-2012-1886 Microsoft Excel Memory Corruption Vulnerability(MS12-076)
New: 22511 CVE-2012-1887 Microsoft Excel SST Invalid Length Use After Free Vulnerability(MS12-076)
New: 22512 CVE-2012-2543 Microsoft Excel Stack Overflow Vulnerability(MS12-076)
New: 22513 CVE-2012-2897 Microsoft Windows Font Parsing Vulnerability(MS12-075)
New: 22514 CVE-2012-4775 Microsoft Internet Explorer CTreeNode Use After Free Vulnerability(MS12-071)
|
| 发布时间:2012-11-14 15:46:48 |
| 名称:
eoi.unify.rulepatch.5.6.7.282.rule
|
版本:5.6.7.282 |
| MD5:7352b19ef0d22b61c1c8d6bcd751fdf2 |
大小:6.19M |
描述:
绿盟NIDS/NIPS规则升级文件,适用于v5.6.7.39及以上版本。规则更新列表如下:
新增: 30582 H3C及Huawei SNMP访问控制信息泄露漏洞
NsFocus NIDS/NIPS rules upgrade file,apply to v5.6.7.39 and above.Signature Set Update:
New: 30582 HP/H3C and Huawei SNMP Weak Access to Critical Data
|
| 发布时间:2012-11-08 17:30:13 |
| 名称:
eoi.unify.rulepatch.5.6.7.281.rule
|
版本:5.6.7.281 |
| MD5:a035644a30a2cda6dfb7a3ec51d4819b |
大小:6.11M |
描述:
绿盟NIDS/NIPS规则升级文件,适用于v5.6.7.39及以上版本。规则更新列表如下:
新增: 22487 Oracle Database身份验证协议离线口令破解漏洞
修改: 30580 Shopex Cookie选项SQL注入漏洞
NsFocus NIDS/NIPS rules upgrade file,apply to v5.6.7.39 and above. .Signature Set Update:
New: 22487 Oracle Database Authentication ProtocolSecurity Bypass Vulnerability
Modify: 30580 Shopex Cookie Option SQL Injection Vulnerability
|
| 发布时间:2012-11-01 17:05:11 |
| 名称:
eoi.unify.rulepatch.5.6.7.280.rule
|
版本:5.6.7.280 |
| MD5:f66ee0c7be85696c9b46697a5bdccf14 |
大小:6.11M |
描述:
绿盟NIDS/NIPS规则升级文件,适用于v5.6.7.39及以上版本。规则更新列表如下:
修改: 30580 Shopex Cookie选项SQL注入漏洞
NsFocus NIDS/NIPS rules upgrade file,apply to v5.6.7.39 and above.Signature Set Update:
Modify: 30580 Shopex Cookie Option SQL Injection Vulnerability
|
| 发布时间:2012-10-26 19:35:30 |
| 名称:
eoi.unify.rulepatch.5.6.7.279.rule
|
版本:5.6.7.279 |
| MD5:b185923fef443d8e3af20bc2fe124223 |
大小:6.06M |
描述:
绿盟NIDS/NIPS规则升级文件,适用于v5.6.7.39及以上版本。导入规则升级包之前需要导入5.6.7.39的引擎升级包,规则更新列表如下:
增加英文版本帮助文档
NsFocus NIDS/NIPS rules upgrade file,apply to v5.6.7.39 and above.5.6.7.39 engine upgrade package needs to be imported before importing rules upgrade package,Signature Set Update:
increase the help document of English version |
| 发布时间:2012-10-26 10:16:14 |
| 名称:
eoi.unify.rulepatch.5.6.7.278.rule
|
版本:5.6.7.278 |
| MD5:7388036129cf108d7e5216d785a46057 |
大小:5.88M |
描述:
绿盟NIDS/NIPS规则升级文件,适用于v5.6.7.39及以上版本。导入规则升级包之前需要导入5.6.7.39的引擎升级包,规则更新列表如下:
新增: 22482 InduSoft Web Studio 任意上传远程代码执行漏洞
新增: 22483 Avaya WinPMD UniteHostRouter 缓冲区溢出漏洞
新增: 22485 QNX QCONN 远程命令执行漏洞
NsFocus NIDS/NIPS rules upgrade file,apply to v5.6.7.39 and above.5.6.7.39 engine upgrade package needs to be imported before importing rules upgrade package,Signature Set Update:
New: 22482 InduSoft Web Studio Arbitrary Upload Remote Code Execution
New: 22483 Avaya WinPMD UniteHostRouter Buffer Overflow
New: 22485 QNX QCONN Remote Command Execution Vulnerability
|
| 发布时间:2012-10-25 15:07:29 |
| 名称:
eoi.unify.rulepatch.5.6.7.277.rule
|
版本:5.6.7.277 |
| MD5:a09f9f8356fc54ee7bb715bd291c3199 |
大小:5.72M |
描述:
绿盟NIDS/NIPS规则升级文件,适用于v5.6.7.39及以上版本。导入规则升级包之前需要导入5.6.7.39的引擎升级包,规则更新列表如下:
新增: 30579 Indusoft WebStudio NTWebServer 远程文件存取
新增: 22480 Auxilium RateMyPet 任意文件上传漏洞
新增: 22477 CVE-2012-2552 Microsoft SQL Server Report Manager CVE-2012-2552 跨站脚本攻击漏洞(MS12-070)
新增: 22481 Firefox 7/8 (8.0.1) nsSVGValue Out-of-Bounds 存取漏洞
NsFocus NIDS/NIPS rules upgrade file,apply to v5.6.7.39 and above.5.6.7.39 engine upgrade package needs to be imported before importing rules upgrade package,Signature Set Update:
New: 30579 Indusoft WebStudio NTWebServer Remote File Access
New: 22480 Auxilium RateMyPet Arbitrary File Upload Vulnerability
New: 22477 CVE-2012-2552 Microsoft SQL Server Report Manager CVE-2012-2552 Cross Site Scripting Vulnerability(MS12-070)
New: 22481 Firefox 7/8 (8.0.1) nsSVGValue Out-of-Bounds Access Vulnerability
|
| 发布时间:2012-10-18 16:10:40 |
| 名称:
eoi.unify.rulepatch.5.6.7.276.rule
|
版本:5.6.7.276 |
| MD5:6623cee1805acac054fad8c81d687efc |
大小:5.72M |
描述:
绿盟NIDS/NIPS规则升级文件,适用于v5.6.7.39及以上版本。导入规则升级包之前需要导入5.6.7.39的引擎升级包,规则更新列表如下:
新增: 22470 phpMyAdmin server_sync.php 远程后门漏洞
新增: 22471 qdPM v7 任意PHP文件上传漏洞
新增: 22472 Oracle Business Transaction Management FlashTunnelService 远程代码执行漏洞
新增: 22473 Adobe RoboHelp Server 8 任意文件上传执行
新增: 22474 Avid Media Composer 5.5 - Avid Phonetic Indexer 缓冲区溢出漏洞
新增: 22475 Energizer DUO Trojan 代码执行
新增: 22476 FileWrangler 5.30 缓冲区溢出漏洞
NsFocus NIDS/NIPS rules upgrade file,apply to v5.6.7.39 and above.5.6.7.39 engine upgrade package needs to be imported before importing rules upgrade package,Signature Set Update:
New: 22470 phpMyAdmin server_sync.php remote backdoor vulnerability
New: 22471 qdPM v7 Arbitrary PHP File Upload Vulnerability
New: 22472 Oracle Business Transaction Management FlashTunnelService Remote Code Execution
New: 22473 Adobe RoboHelp Server 8 Arbitrary File Upload and Execute
New: 22474 Avid Media Composer 5.5 - Avid Phonetic Indexer Buffer Overflow
New: 22475 Energizer DUO Trojan Code Execution
New: 22476 FileWrangler 5.30 Stack Buffer Overflow
|
| 发布时间:2012-10-11 12:22:15 |
| 名称:
eoi.unify.rulepatch.5.6.7.275.rule
|
版本:5.6.7.275 |
| MD5:2ed5cb3690c8fd0fbebc8bb52a82c14a |
大小:5.72M |
描述:
绿盟NIDS/NIPS规则升级文件,适用于v5.6.7.39及以上版本。导入规则升级包之前需要导入5.6.7.39的引擎升级包,规则更新列表如下:
新增: 22466 Microsoft IE OnMove释放后重用远程代码执行漏洞
新增: 22467 Microsoft IE事件监听器释放后重用远程代码执行漏洞
新增: 22468 Microsoft IE布局释放后重用远程代码执行漏洞
新增: 22469 Microsoft IE cloneNode释放后重用远程代码执行漏洞
NsFocus NIDS/NIPS rules upgrade file,apply to v5.6.7.39 and above.5.6.7.39 engine upgrade package needs to be imported before importing rules upgrade package,Signature Set Update:
New: 22466 Microsoft Internet Explorer 8 and 9 OnMove Use After Free Remote Code Execution Vulnerability
New: 22467 Microsoft Internet Explorer 8 and 9 Event Listener Use After Free Remote Code Execution Vulnerability
New: 22468 Microsoft Internet Explorer 8 and 9 Layout Use After Free Remote Code Execution Vulnerability
New: 22469 Microsoft Internet Explorer 8 and 9 cloneNode Use After Free Remote Code Execution Vulnerability
|
| 发布时间:2012-10-04 08:41:20 |
| 名称:
eoi.unify.rulepatch.5.6.7.274.rule
|
版本:5.6.7.274 |
| MD5:dece6ba82475c89fd3af7e056aad6dc8 |
大小:5.72M |
描述:
绿盟NIDS/NIPS规则升级文件,适用于v5.6.7.39及以上版本。导入规则升级包之前需要导入5.6.7.39的引擎升级包,规则更新列表如下:
新增: 22470 phpMyAdmin server_sync.php 远程后门漏洞
NsFocus NIDS/NIPS rules upgrade file,apply to v5.6.7.39 and above.5.6.7.39 engine upgrade package needs to be imported before importing rules upgrade package,Signature Set Update:
New: 22470 phpMyAdmin server_sync.php remote backdoor vulnerability
|
| 发布时间:2012-09-26 18:55:08 |
| 名称:
eoi.unify.rulepatch.5.6.7.271.rule
|
版本:5.6.7.271 |
| MD5:38094100e8e5503ce7eb3bef3e76d5c4 |
大小:5.71M |
描述:
绿盟NIDS/NIPS规则升级文件,适用于v5.6.7.39及以上版本。导入规则升级包之前需要导入5.6.7.39的引擎升级包,规则更新列表如下:
新增: 22463 Microsoft IE 6/7/8/9 execCommand函数远程代码执行漏洞
NsFocus NIDS/NIPS rules upgrade file,apply to v5.6.7.39 and above.5.6.7.39 engine upgrade package needs to be imported before importing rules upgrade package,Signature Set Update:
New: 22463 Microsoft IE 6/7/8/9 execCommand function Remote Execution
|
| 发布时间:2012-09-18 17:57:06 |
| 名称:
eoi.unify.rulepatch.5.6.7.269.rule
|
版本:5.6.7.269 |
| MD5:390dc24add970a52633b4ba362bc0683 |
大小:5.36M |
描述:
绿盟NIDS/NIPS规则升级文件,适用于v5.6.7.39及以上版本。导入规则升级包之前需要导入5.6.7.39的引擎升级包,规则更新列表如下:
新增: 22452 CVE-2012-2536 Microsoft System Center Configuration Manager反射型跨站脚本漏洞(MS12-062)
新增: 22453 CVE-2012-1892 Microsoft Visual Studio Team Foundation Server跨站脚本漏洞(MS12-061)
NsFocus NIDS/NIPS rules upgrade file,apply to v5.6.7.39 and above.5.6.7.39 engine upgrade package needs to be imported before importing rules upgrade package,Signature Set Update:
New: 22452 CVE-2012-2536 Microsoft System Center Configuration Manager Reflected XSS Vulnerability(MS12-062)
New: 22453 CVE-2012-1892 Microsoft Visual Studio Team Foundation Server XSS Vulnerability(MS12-061)
|
| 发布时间:2012-09-12 14:58:49 |
| 名称:
eoi.unify.rulepatch.5.6.7.267.rule
|
版本:5.6.7.267 |
| MD5:ab80a71051a2cd6586b12c2a05cbd16b |
大小:5.36M |
描述:
绿盟NIDS/NIPS规则升级文件,适用于v5.6.7.39及以上版本。导入规则升级包之前需要导入5.6.7.39的引擎升级包,规则更新列表如下:
新增: 50460 远程控制工具TeamViewer连接
新增: 22401 MODBUS TCP-强制监听模式
新增: 22402 MODBUS TCP-功能代码扫描
新增: 22403 MODBUS TCP-点列表扫描
新增: 22404 MODBUS TCP-应答异常代码延迟
新增: 22405 HTTP蠕虫熊猫烧香下载恶意代码
NsFocus NIDS/NIPS rules upgrade file,apply to v5.6.7.39 and above.Import rules upgrade package need to import 5.6.7.39 engine upgrade package,Signature Set Update:
New: 50460 Remote Control Tool TeamViewer Connection
New: 22401 Modbus TCP Force Listen Only Mode
New: 22402 Modbus TCP Function Code Scan
New: 22403 Modbus TCP Points List Scan
New: 22404 Modbus TCP Acknowledge Exception Code Delay
New: 22405 HTTP Worm Panda Burn Incense download malicious code
|
| 发布时间:2012-09-06 17:44:53 |
| 名称:
eoi.unify.rulepatch.5.6.7.266.rule
|
版本:5.6.7.266 |
| MD5:ea1bdca5ea4940078b59c73d62ca488a |
大小:5.36M |
描述:
绿盟NIDS/NIPS规则升级文件,适用于v5.6.7.39及以上版本。导入规则升级包之前需要导入5.6.7.39的引擎升级包,规则更新列表如下:
新增: 22431 Java 7 Applet远程代码执行漏洞
新增: 22432 Apache Struts2 Skill名称远程代码执行漏洞
新增: 50459 DNS隧道攻击工具NSTX连接
NsFocus NIDS/NIPS rules upgrade file,apply to v5.6.7.39 and above.5.6.7.39 engine upgrade package needs to be imported before importing rules upgrade package,Signature Set Update:
New: 22431 Java 7 Applet Remote Code Execution Vulnerability
New: 22432 Apache Struts2 Skill Name Remote Code Execution Vulnerability
New: 50459 DNS tunnel attack tool NSTX connect
|
| 发布时间:2012-08-28 18:30:40 |
| 名称:
eoi.unify.rulepatch.5.6.7.265.rule
|
版本:5.6.7.265 |
| MD5:81fa54fcd576f205be93b33301c251e6 |
大小:5.34M |
描述:
新增: 22416 Symantec Web Gateway 5.0.2.18 pbcontrol.php代码注入漏洞
新增: 22417 Zenoss 3 showDaemonXMLConfig代码执行漏洞
新增: 22418 CuteFlow v2.11.2任意文件上传漏洞
新增: 22419 WebPageTest任意PHP文件上传漏洞
新增: 22420 EGallery PHP文件上传漏洞
新增: 22421 Cisco Linksys PlayerPT ActiveX控件缓冲区溢出漏洞
新增: 22422 Cisco Linksys PlayerPT ActiveX Control SetSource sURL参数缓冲区溢出漏洞
新增: 22423 Dell SonicWALL (Plixer) Scrutinizer 9 SQL注入漏洞
新增: 22424 Simple Web Server Connection Header缓冲区溢出漏洞
新增: 22425 Microsoft Office SharePoint Server 2007远程代码执行漏洞
新增: 22426 Novell ZENworks Configuration Management Preboot Service 0x21缓冲区溢出漏洞
新增: 22427 Novell ZENworks Configuration Management Preboot Service 0x4c缓冲区溢出漏洞
新增: 22428 Novell ZENworks Configuration Management Preboot Service 0x06缓冲区溢出漏洞
新增: 22429 Novell ZENworks Configuration Management Preboot Service 0x6c缓冲区溢出漏洞
新增: 22353 Citect SCADA ODBC服务器远程栈溢出漏洞
新增: 22354 RealWin SCADA服务器远程栈溢出漏洞
新增: 22355 Winlog Pro畸形报文栈缓冲区溢出漏洞
新增: 22356 WonderWare SuiteLink slssvc.exe远程拒绝服务漏洞
新增: 22357 ClearSCADA堆溢出漏洞
新增: 22358 Invensys Wonderware InBatch lm_tcp服务缓冲区溢出漏洞
新增: 22359 Ecava IntegraXor目录遍历漏洞
新增: 22360 RealWin特制报文处理多个栈溢出漏洞
新增: 22361 Intellicom HMS HICP协议Hostname字段缓冲区溢出漏洞
新增: 22362 WellinTech KingView HistorySvr.exe堆缓冲区溢出漏洞
新增: 22363 NetBiter webSCADA目录遍历漏洞
新增: 22364 VxWorks信息泄露漏洞
新增: 22365 Automated Solutions Modbus/TCP Master OPC Server堆缓冲区溢出漏洞
新增: 22366 IGSS SCADA系统目录遍历和下载漏洞
新增: 22367 IGSS SCADA系统目录遍历上传和覆盖漏洞
新增: 22368 IGSS SCADA ListAll Function缓冲区溢出漏洞
新增: 22369 IGSS SCADA Write File Function缓冲区溢出漏洞
新增: 22370 IGSS SCADA ReadFile Function缓冲区溢出漏洞
新增: 22371 IGSS SCADA Delete Function缓冲区溢出漏洞
新增: 22372 IGSS SCADA RenameFile Function缓冲区溢出漏洞
新增: 22374 IGSS SCADA FileInfo Function缓冲区溢出漏洞
新增: 22375 IGSS SCADA RMS Report Add Command缓冲区溢出漏洞
新增: 22376 IGSS SCADA RMS Report Template ReadFile Command缓冲区溢出漏洞
新增: 22377 IGSS SCADA RMS Report Template WriteFile Command缓冲区溢出漏洞
新增: 22378 IGSS SCADA RMS Report Template Rename Command缓冲区溢出漏洞
新增: 22379 IGSS SCADA RMS Report Template Delete Command缓冲区溢出漏洞
新增: 22380 IGSS SCADA STDREP Request缓冲区溢出漏洞
新增: 22382 RealFlex RealWin SCADA SCPC_TXTEVENT strcpy()缓冲区溢出漏洞
新增: 22381 IGSS SCADA dc.exe Server目录遍历任意文件执行漏洞
新增: 22384 RealFlex RealWin SCADA On_FC_CTAGLIST_FCS_CADDTAG缓冲区溢出漏洞
新增: 22385 RealFlex RealWin SCADA On_FC_CTAGLIST_FCS_CDELTAG缓冲区溢出漏洞
新增: 22386 RealFlex RealWin SCADA On_FC_CTAGLIST_FCS_ADDTAGMS缓冲区溢出漏洞
新增: 22387 RealFlex RealWin SCADA On_FC_RFUSER_FCS_LOGIN缓冲区溢出漏洞
新增: 22388 RealFlex RealWin SCADA On_FC_BINFILE_FCS_*FILE缓冲区溢出漏洞
新增: 22389 RealFlex RealWin SCADA On_FC_MISC_FCS_MSGBROADCAST缓冲区溢出漏洞
新增: 22390 RealFlex RealWin SCADA On_FC_MISC_FCS_MSGSEND缓冲区溢出漏洞
新增: 22392 RealFlex RealWin SCADA On_FC_CGETTAG_FCS_GETCHANNELTELEMETRY缓冲区溢出漏洞
新增: 22391 RealFlex RealWin SCADA On_FC_CGETTAG_FCS_GETTELEMETRY缓冲区溢出漏洞
新增: 22393 RealFlex RealWin SCADA On_FC_CGETTAG_FCS_SETTELEMETRY缓冲区溢出漏洞
新增: 22394 RealFlex RealWin SCADA On_FC_CGETTAG_FCS_SETCHANNELTELEMETRY缓冲区溢出漏洞
新增: 22395 RealFlex RealWin SCADA On_FC_SCRIPT_FCS_STARTPROG缓冲区溢出漏洞
新增: 22396 Iconics Genesis SCADA释放未初始化的内存触发选项漏洞
新增: 22397 Iconics Genesis SCADA整数溢出漏洞
新增: 22398 Siemens Tecnomatix FactoryLink CSService CSMSG filter缓冲区溢出漏洞
新增: 22399 Siemens Tecnomatix FactoryLink CSService GetFile path缓冲区溢出漏洞
新增: 22400 Siemens Tecnomatix FactoryLink CSService GetFileInfo path缓冲区溢出漏洞
新增: 22383 RealFlex RealWin SCADA On_FC_CONNECT_FCS_LOGIN缓冲区溢出漏洞
New: 22416 Symantec Web Gateway 5.0.2.18 pbcontrol.php Command Injection Vulnerability
New: 22417 Zenoss 3 showDaemonXMLConfig Command Execution Vulnerability
New: 22418 CuteFlow v2.11.2 Arbitrary File Upload Vulnerability
New: 22419 WebPageTest Arbitrary PHP File Upload Vulnerability
New: 22420 EGallery PHP File Upload Vulnerability
New: 22421 Cisco Linksys PlayerPT ActiveX Control Buffer Overflow Vulnerability
New: 22422 Cisco Linksys PlayerPT ActiveX Control SetSource sURL argument Buffer Overflow Vulnerability
New: 22423 Dell SonicWALL (Plixer) Scrutinizer 9 SQL Injection Vulnerability
New: 22424 Simple Web Server Connection Header Buffer Overflow Vulnerability
New: 22425 Microsoft Office SharePoint Server 2007 Remote Code Execution Vulnerability
New: 22426 Novell ZENworks Configuration Management Preboot Service 0x21 Buffer Overflow Vulnerability
New: 22427 Novell ZENworks Configuration Management Preboot Service 0x4c Buffer Overflow Vulnerability
New: 22428 Novell ZENworks Configuration Management Preboot Service 0x06 Buffer Overflow Vulnerability
New: 22429 Novell ZENworks Configuration Management Preboot Service 0x6c Buffer Overflow Vulnerability
New: 22353 Citect SCADA ODBC Server Remote Stack Overflow Vulnerability Vulnerability
New: 22354 RealWin SCADA Server Remote Stack Overflow Vulnerability Vulnerability
New: 22355 Winlog Pro Malformed Packets Stack Buffer Overflow Vulnerability Vulnerability
New: 22356 WonderWare SuiteLink slssvc.exe Remote Denial of Service Vulnerability Vulnerability
New: 22357 ClearSCADA Heap Overflow Vulnerability Vulnerability
New: 22358 Invensys Wonderware InBatch lm_tcp Service Buffer Overflow Vulnerability Vulnerability
New: 22359 Ecava IntegraXor Directory Traversal Vulnerability Vulnerability
New: 22360 RealWin Specially Crafted Packet Processing Stack Overflow Vulnerability Vulnerability
New: 22361 Intellicom HMS HICP Agreement Hostname Field Buffer Overflow Vulnerability Vulnerability
New: 22362 WellinTech KingView HistorySvr.exe Heap Buffer Overflow Vulnerability Vulnerability
New: 22363 NetBiter webSCADA Directory Traversal Vulnerability Vulnerability
New: 22364 VxWorks Information Disclosure Vulnerability Vulnerability
New: 22365 Automated Solutions Modbus/TCP Master OPC Server Heap Buffer Overflow Vulnerability Vulnerability
New: 22366 IGSS SCADA System Directory Traversal and Download Vulnerability Vulnerability
New: 22367 IGSS SCADA System Directory Traversal Upload and Overwrite Vulnerability Vulnerability
New: 22368 IGSS SCADA ListAll Function Buffer Overflow Vulnerability Vulnerability
New: 22369 IGSS SCADA Write File Function Buffer Overflow Vulnerability Vulnerability
New: 22370 IGSS SCADA ReadFile Function Buffer Overflow Vulnerability Vulnerability
New: 22371 IGSS SCADA Delete Function Buffer Overflow Vulnerability Vulnerability
New: 22372 IGSS SCADA RenameFile Function Buffer Overflow Vulnerability Vulnerability
New: 22374 IGSS SCADA FileInfo Function Buffer Overflow Vulnerability Vulnerability
New: 22375 IGSS SCADA RMS Report Add Command Buffer Overflow Vulnerability Vulnerability
New: 22376 IGSS SCADA RMS Report Template ReadFile Command Buffer Overflow Vulnerability Vulnerability
New: 22377 IGSS SCADA RMS Report Template WriteFile Command Buffer Overflow Vulnerability Vulnerability
New: 22378 IGSS SCADA RMS Report Template Rename Command Buffer Overflow Vulnerability Vulnerability
New: 22379 IGSS SCADA RMS Report Template Delete Command Buffer Overflow Vulnerability Vulnerability
New: 22380 IGSS SCADA STDREP Request Buffer Overflow Vulnerability Vulnerability
New: 22382 RealFlex RealWin SCADA SCPC_TXTEVENT strcpy() Buffer Overflow Vulnerability Vulnerability
New: 22381 IGSS SCADA dc.exe Server Directory Traversal Arbitrary File Execution Vulnerability Vulnerability
New: 22384 RealFlex RealWin SCADA On_FC_CTAGLIST_FCS_CADDTAG Buffer Overflow Vulnerability Vulnerability
New: 22385 RealFlex RealWin SCADA On_FC_CTAGLIST_FCS_CDELTAG Buffer Overflow Vulnerability Vulnerability
New: 22386 RealFlex RealWin SCADA On_FC_CTAGLIST_FCS_ADDTAGMS Buffer Overflow Vulnerability Vulnerability
New: 22387 RealFlex RealWin SCADA On_FC_RFUSER_FCS_LOGIN Buffer Overflow Vulnerability Vulnerability
New: 22388 RealFlex RealWin SCADA On_FC_BINFILE_FCS_*FILE Buffer Overflow Vulnerability Vulnerability
New: 22389 RealFlex RealWin SCADA On_FC_MISC_FCS_MSGBROADCAST Buffer Overflow Vulnerability Vulnerability
New: 22390 RealFlex RealWin SCADA On_FC_MISC_FCS_MSGSEND Buffer Overflow Vulnerability Vulnerability
New: 22392 RealFlex RealWin SCADA On_FC_CGETTAG_FCS_GETCHANNELTELEMETRY Buffer Overflow Vulnerability Vulnerability
New: 22391 RealFlex RealWin SCADA On_FC_CGETTAG_FCS_GETTELEMETRY Buffer Overflow Vulnerability Vulnerability
New: 22393 RealFlex RealWin SCADA On_FC_CGETTAG_FCS_SETTELEMETRY Buffer Overflow Vulnerability Vulnerability
New: 22394 RealFlex RealWin SCADA On_FC_CGETTAG_FCS_SETCHANNELTELEMETRY Buffer Overflow Vulnerability Vulnerability
New: 22395 RealFlex RealWin SCADA On_FC_SCRIPT_FCS_STARTPROG Buffer Overflow Vulnerability Vulnerability
New: 22396 Iconics Genesis SCADA Freeing of Unitialized Memory Trigger Option Vulnerability Vulnerability
New: 22397 Iconics Genesis SCADA Integer Overflow Vulnerability Vulnerability
New: 22398 Siemens Tecnomatix FactoryLink CSService CSMSG filter Buffer Overflow Vulnerability Vulnerability
New: 22399 Siemens Tecnomatix FactoryLink CSService GetFile path Buffer Overflow Vulnerability Vulnerability
New: 22400 Siemens Tecnomatix FactoryLink CSService GetFileInfo path Buffer Overflow Vulnerability Vulnerability
New: 22383 RealFlex RealWin SCADA On_FC_CONNECT_FCS_LOGIN Buffer Overflow Vulnerability Vulnerability |
| 发布时间:2012-08-23 18:38:58 |
| 名称:
eoi.unify.rulepatch.5.6.7.264.rule
|
版本:5.6.7.264 |
| MD5:93539012e6daebd5f8a0b8eb696b2243 |
大小:5.33M |
描述:
新增: 22343 CVE-2012-1526 Microsoft Internet Explorer Layout内存破坏漏洞(MS12-052)
新增: 22344 CVE-2012-1850 Windows Networking Components远程管理协议拒绝服务漏洞(MS12-054)
新增: 22345 CVE-2012-1851 Windows Networking Components Print Spooler服务格式化串漏洞(MS12-054)
新增: 22346 CVE-2012-1852 Windows Networking Components远程管理协议堆溢出漏洞(MS12-054)
新增: 22347 CVE-2012-1853 Windows Networking Components远程管理协议栈溢出漏洞(MS12-054)
新增: 22348 CVE-2012-2521 Microsoft Internet Explorer Asynchronous NULL Object Access远程代码执行漏洞(MS12-052)
新增: 22349 CVE-2012-2522 Microsoft Internet Explorer Virtual Function Table Corruption远程代码执行漏洞(MS12-052)
新增: 22350 CVE-2012-2523 Microsoft Internet Explorer JavaScript 整数溢出远程代码执行漏洞(MS12-052)
新增: 22351 CVE-2012-2526 Microsoft远程桌面协议漏洞(MS12-053)
新增: 22352 CVE-2012-1889 MSXML未初始化内存破坏漏洞(MS12-043)
新增: 30577 pcAnywhere登录扫描
新增: 22329 S40 0.4.2 CMS目录遍历漏洞
新增: 22330 Log1 CMS writeInfo() PHP代码注入漏洞
新增: 22331 PHP Volunteer Management System v1.0.2任意文件上传漏洞
新增: 22332 Apache Struts远程命令执行漏洞
新增: 22333 GIMP script-fu Server缓冲区溢出漏洞
新增: 22334 Symantec Web Gateway 5.0.2.8 relfile文件包含漏洞
新增: 22335 WeBid converter.php远程PHP代码注入漏洞
新增: 22336 appRain CMF Arbitrary PHP文件上传漏洞
新增: 22337 Lattice Semiconductor ispVM System XCF文件处理泄露漏洞
新增: 22338 MPlayer SAMI Subtitle文件缓冲区溢出漏洞
新增: 22339 OpenOffice OLE Importer DocumentSummaryInformation Stream处理溢出漏洞
新增: 22340 QuickShare File Server 1.2.1目录遍历漏洞
新增: 22341 RabidHamster R4 Log Entry sprintf()缓冲区溢出漏洞
New: 22343 CVE-2012-1526 Microsoft Internet Explorer Layout Memory Corruption Vulnerability(MS12-052)
New: 22344 CVE-2012-1850 Windows Networking Components Remote Administration Protocol Denial of Service Vulnerability(MS12-054)
New: 22345 CVE-2012-1851 Windows Networking Components Print Spooler Service Format String Vulnerability(MS12-054)
New: 22346 CVE-2012-1852 Windows Networking Components Remote Administration Protocol Heap Overflow Vulnerability(MS12-054)
New: 22347 CVE-2012-1853 Windows Networking Components Remote Administration Protocol Stack Overflow Vulnerability(MS12-054)
New: 22348 CVE-2012-2521 Microsoft Internet Explorer Asynchronous NULL Object Access Remote Code Execution Vulnerability(MS12-052)
New: 22349 CVE-2012-2522 Microsoft Internet Explorer Virtual Function Table Corruption Remote Code Execution Vulnerability(MS12-052)
New: 22350 CVE-2012-2523 Microsoft Internet Explorer JavaScript Integer Overflow Remote Code Execution Vulnerability(MS12-052)
New: 22351 CVE-2012-2526 Microsoft Remote Desktop Protocol Vulnerability(MS12-053)
New: 22352 CVE-2012-1889 MSXML Uninitialized Memory Corruption Vulnerability(MS12-043)
New: 30577 pcAnywhere Login Scanner
New: 22329 S40 0.4.2 CMS Directory Traversal Vulnerability
New: 22330 Log1 CMS writeInfo() PHP Code Injection Vulnerability
New: 22331 PHP Volunteer Management System v1.0.2 Arbitrary File Upload Vulnerability
New: 22332 Apache Struts Remote Command Execution Vulnerability
New: 22333 GIMP script-fu Server Buffer Overflow Vulnerability
New: 22334 Symantec Web Gateway 5.0.2.8 relfile File Inclusion Vulnerability
New: 22335 WeBid converter.php Remote PHP Code Injection Vulnerability
New: 22336 appRain CMF Arbitrary PHP File Upload Vulnerability
New: 22337 Lattice Semiconductor ispVM System XCF File Handling Overflow Vulnerability
New: 22338 MPlayer SAMI Subtitle File Buffer Overflow Vulnerability
New: 22339 OpenOffice OLE Importer DocumentSummaryInformation Stream Handling Overflow Vulnerability
New: 22340 QuickShare File Server 1.2.1 Directory Traversal Vulnerability
New: 22341 RabidHamster R4 Log Entry sprintf() Buffer Overflow Vulnerability
|
| 发布时间:2012-08-17 19:54:48 |
|
|
|
|
|
