首页-> 服务与支持-> 客户支持-> 售后服务

服务与支持

网络入侵防护系统(IPS)规则5.6.7 升级包列表

名称: eoi.unify.rulepatch.5.6.7.515.rule 版本:5.6.7.515
MD5:55ad828e76972811096ce1318f93ec83 大小:11.58M
描述:

本升级包为入侵防护特征库升级包,仅支持在固件版本5.6.7.56/67,引擎版本5.6.7.105上升级。升级包为全量升级包。升级后固件版本和引擎版本不变,规则版本变为5.6.7.515。

该升级包新增/改进的规则有:
新增:23492 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2015-1767)
新增:23493 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2015-2401)
新增:23494 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2015-2406)
新增:23495 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2015-2383)(MS15-065)
新增:23496 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2015-2389)(MS15-065)
新增:23497 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2015-2404)(MS15-065)
新增:23498 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2015-2408)(MS15-065)
新增:23499 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2015-2422)(MS15-065)
新增:41216 P.O.exe账户大盗木马连接服务器

注意事项:
1. 该升级包升级后引擎自动重启生效,不会造成会话中断,但ping包会丢3~5个,请选择合适的时间升级;

NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.105.This is a total upgrade package. After upgrade package is imported,engine will restart automatically .

List of added or modified signatures:
Added:23492 Microsoft Internet Explorer Remote Memory Corruption Vulnerability(CVE-2015-1767)
Added:23493 Microsoft Internet Explorer Remote Memory Corruption Vulnerability(CVE-2015-2401)
Added:23494 Microsoft Internet Explorer Remote Memory Corruption Vulnerability(CVE-2015-2406)
Added:23495 Microsoft Internet Explorer Remote Memory Corruption Vulnerability(CVE-2015-2383)(MS15-065)
Added:23496 Microsoft Internet Explorer Remote Memory Corruption Vulnerability(CVE-2015-2389)(MS15-065)
Added:23497 Microsoft Internet Explorer Remote Memory Corruption Vulnerability(CVE-2015-2404)(MS15-065)
Added:23498 Microsoft Internet Explorer Remote Memory Corruption Vulnerability(CVE-2015-2408)(MS15-065)
Added:23499 Microsoft Internet Explorer Remote Memory Corruption Vulnerability(CVE-2015-2422)(MS15-065)
Added:41216 P.O.exe steal account Trojan server connection

发布时间:2015-07-30 17:36:54
名称: eoi.unify.rulepatch.5.6.7.514.rule 版本:5.6.7.514
MD5:b4bd755eece46f537fa68cc5a141360e 大小:11.57M
描述:

本升级包为入侵防护特征库升级包,仅支持在固件版本5.6.7.56/67,引擎版本5.6.7.105上升级。升级包为全量升级包。升级后固件版本和引擎版本不变,规则版本变为5.6.7.514。

该升级包新增/改进的规则有:
新增:23490 Western Digital Arkeia远程代码执行漏洞
新增:41213 StartDownload.exe木马下载器连接服务器wiseinstaller信息收集
新增:41214 StartDownload.exe木马下载器连接服务器amazonaws下载恶意文件
新增:41215 StartDownload.exe木马下载器连接服务器mediaconfig状态监控

注意事项:
1. 该升级包升级后引擎自动重启生效,不会造成会话中断,但ping包会丢3~5个,请选择合适的时间升级;

NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.105.This is a total upgrade package. After upgrade package is imported,engine will restart automatically .

List of added or modified signatures:
Added:23490 Western Digital Arkeia Remote Code Execution
Added:41213 StartDownload.exe Trojan downloader wiseinstaller server connection information collection
Added:41214 StartDownload.exe Trojan downloader amazonaws server connection download malicious files
Added:41215 StartDownload.exe Trojan downloader mediaconfig server connection status monitoring

发布时间:2015-07-23 14:58:03
名称: eoi.unify.rulepatch.5.6.7.513.rule 版本:5.6.7.513
MD5:5fa2d846315dd23ea965fcde24cd7e24 大小:11.55M
描述:

本升级包为入侵防护特征库升级包,仅支持在固件版本5.6.7.56/67,引擎版本5.6.7.105上升级。升级包为全量升级包。升级后固件版本和引擎版本不变,规则版本变为5.6.7.513。

该升级包新增/改进的规则有:
新增:23488 AirLive IP监控相机命令注入漏洞

注意事项:
1. 该升级包升级后引擎自动重启生效,不会造成会话中断,但ping包会丢3~5个,请选择合适的时间升级;

NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.105.This is a total upgrade package. After upgrade package is imported,engine will restart automatically .

List of added or modified signatures:
Added:23488 AirLive IP Surveillance Cameras Command Injection Vulnerability

发布时间:2015-07-16 16:12:39
名称: eoi.unify.rulepatch.5.6.7.512.rule 版本:5.6.7.512
MD5:66a9034d12421e695658bc7598291e84 大小:11.54M
描述:

本升级包为入侵防护特征库升级包,仅支持在固件版本5.6.7.56/67,引擎版本5.6.7.105上升级。升级包为全量升级包。升级后固件版本和引擎版本不变,规则版本变为5.6.7.512。

该升级包新增/改进的规则有:
新增: 23489 Adobe Flash可疑0Day漏洞利用

注意事项:
1. 新增规则23489是针对Adobe Flash 0Day漏洞的缓解措施,默认不启用,用户可根据实际情况手动启用;
2. 该升级包升级后引擎自动重启生效,不会造成会话中断,但ping包会丢3~5个,请选择合适的时间升级;

NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.105.This is a total upgrade package. After upgrade package is imported,engine will restart automatically .

List of added or modified signatures:
Added: 23489 Adobe Flash Suspicious 0Day Vulnerability Exploition

发布时间:2015-07-10 12:58:08
名称: eoi.unify.rulepatch.5.6.7.511.rule 版本:5.6.7.511
MD5:eb08ac9fbbcaca814b52746b022ce811 大小:11.54M
描述:

本升级包为入侵防护特征库升级包,仅支持在固件版本5.6.7.56/67,引擎版本5.6.7.105上升级。升级包为全量升级包。升级后固件版本和引擎版本不变,规则版本变为5.6.7.511。

该升级包新增/改进的规则有:
新增: 23487 WordPress Plugin DZS Video Gallery 3.1.3 - 远程和本地文件泄露漏洞


注意事项:
1. 该升级包升级后引擎自动重启生效,不会造成会话中断,但ping包会丢3~5个,请选择合适的时间升级;

NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.105.This is a total upgrade package. After upgrade package is imported,engine will restart automatically .

List of added or modified signatures:
Added: 23487 WordPress Plugin DZS Video Gallery 3.1.3 - Remote and Local File Disclosure Vulnerability

发布时间:2015-07-09 14:43:44
名称: eoi.unify.rulepatch.5.6.7.509.rule 版本:5.6.7.509
MD5:98c7138345d4e980672008155ca4b966 大小:11.56M
描述:

本升级包为入侵防护特征库升级包,仅支持在固件版本5.6.7.56/67,引擎版本5.6.7.105上升级。升级包为全量升级包。升级后固件版本和引擎版本不变,规则版本变为5.6.7.509。

该升级包新增/改进的规则有:
新增: 23485 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2015-1741)(MS15-056)
新增: 23486 WordPress Persuasion Theme 2.x - 任意文件下载和文件删除

注意事项:
1. 该升级包升级后引擎自动重启生效,不会造成会话中断,但ping包会丢3~5个,请选择合适的时间升级;

NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.105.This is a total upgrade package. After upgrade package is imported,engine will restart automatically .

List of added or modified signatures:
Added: 23485 Microsoft Internet Explorer Remote Memory Corruption Vulnerability(CVE-2015-1741)(MS15-056)
Added: 23486 WordPress Persuasion Theme 2.x - Arbitrary File Download and File Deletion

发布时间:2015-07-02 17:45:45
名称: eoi.unify.rulepatch.5.6.7.508.rule 版本:5.6.7.508
MD5:9599a56876cbd8746bb04f2d37bcb8ae 大小:11.57M
描述:

本升级包为入侵防护特征库升级包,仅支持在固件版本5.6.7.56/67,引擎版本5.6.7.105上升级。升级包为全量升级包。升级后固件版本和引擎版本不变,规则版本变为5.6.7.508。

该升级包新增/改进的规则有:

新增: 41210 DDoS木马后门Linux.Mayday.f变种程序连接服务器
新增: 23483 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2015-1752)(MS15-056)
新增: 23482 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2015-1735)(MS15-056)
新增: 23481 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2015-1742)(MS15-056)
新增: 23480 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2015-1736)(MS15-056)
新增: 23479 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2015-1687)(MS15-056)
新增: 23478 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2015-1750)(MS15-056)
新增: 23477 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2015-1740)(MS15-056)
新增: 23476 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2015-1732)(MS15-056)
新增: 23475 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2015-1745)(MS15-056)
新增: 23474 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2015-1744)(MS15-056)
新增: 23472 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2015-1731)(MS15-056)

注意事项:
1. 该升级包升级后引擎自动重启生效,不会造成会话中断,但ping包会丢3~5个,请选择合适的时间升级;

NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.105.This is a total upgrade package. After upgrade package is imported,engine will restart automatically .

List of added or modified signatures:

Added: 41210 DDoS Trojan Linux.Mayday.f Variant Program Connecting Server
Added: 23483 Microsoft Internet Explorer Remote Memory Corruption Vulnerability(CVE-2015-1752)(MS15-056)
Added: 23482 Microsoft Internet Explorer Remote Memory Corruption Vulnerability(CVE-2015-1735)(MS15-056)
Added: 23481 Microsoft Internet Explorer CVE-2015-1742 Remote Memory Corruption Vulnerability
Added: 23480 Microsoft Internet Explorer CVE-2015-1736 Remote Memory Corruption Vulnerability
Added: 23479 Microsoft Internet Explorer CVE-2015-1687 Remote Memory Corruption Vulnerability
Added: 23478 Microsoft Internet Explorer Remote Memory Corruption Vulnerability(CVE-2015-1750)(MS15-056)
Added: 23477 Microsoft Internet Explorer Remote Memory Corruption Vulnerability
Added: 23476 Microsoft Internet Explorer Remote Memory Corruption Vulnerability(CVE-2015-1732)(MS15-056)
Added: 23475 Microsoft Internet Explorer Memory Corruption Vulnerability(CVE-2015-1745)(MS15-056)
Added: 23474 Microsoft Internet Explorer Memory Corruption Vulnerability(CVE-2015-1744)(MS15-056)
Added: 23472 Microsoft Internet Explorer Memory Corruption Vulnerability(CVE-2015-1731)(MS15-056)

发布时间:2015-06-25 15:47:46
名称: eoi.unify.rulepatch.5.6.7.507.rule 版本:5.6.7.507
MD5:a630003263fe60de2bfcb63a1e05493c 大小:11.56M
描述:

本升级包为入侵防护特征库升级包,仅支持在固件版本5.6.7.56/67,引擎版本5.6.7.105上升级。升级包为全量升级包。升级后固件版本和引擎版本不变,规则版本变为5.6.7.507。

该升级包新增/改进的规则有:
修改: 41209 海莲花(OceanLotus)特种木马连接服务器

注意事项:
1. 该升级包升级后引擎自动重启生效,不会造成会话中断,但ping包会丢3~5个,请选择合适的时间升级;

NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.105.This is a total upgrade package. After upgrade package is imported,engine will restart automatically .

List of added or modified signatures:
Modified: 41209 Special Trojan OceanLotus Connecting Server

发布时间:2015-06-18 16:01:56
名称: eoi.unify.rulepatch.5.6.7.506.rule 版本:5.6.7.506
MD5:30077ab3bedc38cf610c80a80ebe4d05 大小:11.55M
描述:

本升级包为入侵防护特征库升级包,仅支持在固件版本5.6.7.56/67,引擎版本5.6.7.104上升级。升级包为全量升级包。升级后固件版本和引擎版本不变,规则版本变为5.6.7.506。

该升级包新增/改进的规则有:
新增: 41209 海莲花(OceanLotus)特种木马连接服务器

注意事项:
1. 该升级包升级后引擎自动重启生效,不会造成会话中断,但ping包会丢3~5个,请选择合适的时间升级;

NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.104.This is a total upgrade package. After upgrade package is imported,engine will restart automatically .

List of added or modified signatures:
Added: 41209 Special Trojan OceanLotus Connecting Server

发布时间:2015-06-12 10:51:45
名称: eoi.unify.rulepatch.5.6.7.505.rule 版本:5.6.7.505
MD5:354eeace6d74a9a841e07c602bfc5828 大小:11.56M
描述:

本升级包为入侵防护特征库升级包,仅支持在固件版本5.6.7.56/67,引擎版本5.6.7.104上升级。升级包为全量升级包。升级后固件版本和引擎版本不变,规则版本变为5.6.7.505。

该升级包新增/改进的规则有:
修改: 21462 SMB服务远程代码执行攻击漏洞

注意事项:
1. 该升级包升级后引擎自动重启生效,不会造成会话中断,但ping包会丢3~5个,请选择合适的时间升级;

NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.104.This is a total upgrade package. After upgrade package is imported,engine will restart automatically .

List of added or modified signatures:
Modified: 21462 SMB Service Remote Code Execution Vulnerability

发布时间:2015-06-11 15:02:01
名称: eoi.unify.rulepatch.5.6.7.504.rule 版本:5.6.7.504
MD5:fd9296d57a3e0dfcca695fa44c647dc0 大小:12.49M
描述:

本升级包为入侵防护特征库升级包,仅支持在固件版本5.6.7.56/67,引擎版本5.6.7.104上升级。升级包为全量升级包。升级后固件版本和引擎版本不变,规则版本变为5.6.7.504。

该升级包新增/改进的规则有:
修改:29002 Web服务远程跨站脚本执行攻击

注意事项:
1. 该升级包升级后引擎自动重启生效,不会造成会话中断,但ping包会丢3~5个,请选择合适的时间升级;


NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.104.This is a total upgrade package. After upgrade package is imported,engine will restart automatically .

List of added or modified signatures:
Modified:29002 Web Service Remote Cross-Site Scripting

发布时间:2015-06-06 08:53:43
名称: eoi.unify.rulepatch.5.6.7.503.rule 版本:5.6.7.503
MD5:2f46defdfed25c3c8e3ec923e0e0eaaf 大小:11.56M
描述:

本升级包为入侵防护特征库升级包,仅支持在固件版本5.6.7.56/67,引擎版本5.6.7.104上升级。升级包为全量升级包。升级后固件版本和引擎版本不变,规则版本变为5.6.7.503。

该升级包新增/改进的规则有:
新增: 23447 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2015-1658)(MS15-043)
新增: 23449 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2015-1689)(MS15-043)
新增: 23450 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2015-1708)(MS15-043)
新增: 23451 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2015-1710)(MS15-043)

注意事项:
1. 该升级包升级后引擎自动重启生效,不会造成会话中断,但ping包会丢3~5个,请选择合适的时间升级;

NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.104.This is a total upgrade package. After upgrade package is imported,engine will restart automatically .

List of added or modified signatures:
Added: 23447 Microsoft Internet Explorer Memory Corruption Vulnerability(CVE-2015-1658)(MS15-043)
Added: 23449 Microsoft Internet Explorer Memory Corruption Vulnerability(CVE-2015-1689)(MS15-043)
Added: 23450 Microsoft Internet Explorer Memory Corruption Vulnerability(CVE-2015-1708)(MS15-043)
Added: 23451 Microsoft Internet Explorer Memory Corruption Vulnerability(CVE-2015-1712)(MS15-043)

发布时间:2015-05-28 14:54:46
名称: eoi.unify.rulepatch.5.6.7.502.rule 版本:5.6.7.502
MD5:f9d01ee7f78b48d3446854268b14e23a 大小:11.52M
描述:

本升级包为入侵防护特征库升级包,仅支持在固件版本5.6.7.56/67,引擎版本5.6.7.103上升级。升级包为全量升级包。升级后固件版本和引擎版本不变,规则版本变为5.6.7.502。

该升级包新增/改进的规则有:
新增: 23445 Microsoft Internet Explorer ASLR安全限制绕过漏洞(CVE-2015-1685)(MS15-043)
新增: 23446 Microsoft Internet Explorer内存破坏漏洞(CVE-2015-1709)(MS15-043)
新增: 23448 Microsoft Internet Explorer内存破坏漏洞(CVE-2015-1711)(MS15-043)
修改: 10398 PHP multipart/form-data 远程DOS漏洞

注意事项:
1. 该升级包升级后引擎自动重启生效,不会造成会话中断,但ping包会丢3~5个,请选择合适的时间升级;

NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.103.This is a total upgrade package. After upgrade package is imported,engine will restart automatically .

List of added or modified signatures:
Added: 23443 Xeams /FrontController CSRF Vulnerability
Added: 23445 Microsoft Internet Explorer ASLR Security Bypass Vulnerability(CVE-2015-1685)(MS15-043)
Added: 23446 Microsoft Internet Explorer Memory Corruption Vulnerability(CVE-2015-1709)(MS15-043)
Added: 23448 Microsoft Internet Explorer Memory Corruption Vulnerability(CVE-2015-1711)(MS15-043)
Modiffied: 10398 PHP multipart / form-data remote DOS Vulnerability

发布时间:2015-05-21 16:36:00
名称: eoi.unify.rulepatch.5.6.7.501.rule 版本:5.6.7.501
MD5:3f59d913491d160322de3e2809faa3d8 大小:12.49M
描述:

本升级包为入侵防护特征库升级包,仅支持在固件版本5.6.7.56/67,引擎版本5.6.7.103上升级。升级包为全量升级包。升级后固件版本和引擎版本不变,规则版本变为5.6.7.501。

该升级包新增/改进的规则有:
新增: 23453 Microsoft Internet Explorer 远程内存破坏漏洞(CVE-2015-1705)
新增: 23454 Microsoft Internet Explorer 远程内存破坏漏洞(CVE-2015-1718)
新增: 23444 SixApart MovableType Storable Perl 代码执行漏洞
新增: 23442 D-Link DSL-500B Gen 2 - (URL Filter Configuration Panel) 存储型XSS漏洞
新增: 23441 D-Link DSL-500B Gen 2 - (Parental Control Configuration Panel) 存储型XSS漏洞
新增: 23440 WordPress RevSlider文件上传和执行漏洞
新增: 23439 elFinder 2 远程命令执行(Via File Creation) 漏洞
新增: 10398 PHP multipart/form-data 远程DOS漏洞

注意事项:
1. 该升级包升级后引擎自动重启生效,不会造成会话中断,但ping包会丢3~5个,请选择合适的时间升级;


NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.103.This is a total upgrade package. After upgrade package is imported,engine will restart automatically .

List of added or modified signatures:
Added: 23453 Microsoft Internet Explorer Remote Memory Corruption Vulnerability( CVE-2015-1705)
Added: 23454 Microsoft Internet Explorer Remote Memory Corruption Vulnerability(CVE-2015-1718)
Added: 23444 SixApart MovableType Storable Perl Code Execution
Added: 23442 D-Link DSL-500B Gen 2 - (URL Filter Configuration Panel) Stored XSS
Added: 23441 D-Link DSL-500B Gen 2 - (Parental Control Configuration Panel) Stored XSS
Added: 23440 WordPress RevSlider File Upload and Execute Vulnerability
Added: 23439 elFinder 2 Remote Command Execution (Via File Creation) Vulnerability
Added: 10398 PHP multipart / form-data remote DOS Vulnerability

发布时间:2015-05-17 12:21:55
名称: eoi.unify.rulepatch.5.6.7.500.rule 版本:5.6.7.500
MD5:85b670078ae051b9083348cce2ffc463 大小:12.47M
描述:

本升级包为入侵防护特征库升级包,仅支持在固件版本5.6.7.56/67,引擎版本5.6.7.103上升级。升级包为全量升级包。升级后固件版本和引擎版本不变,规则

版本变为5.6.7.500。

该升级包新增/改进的规则有:
新增: 23436 Synology DiskStation Manager FileBrowser 组件目录遍历漏洞
新增: 23437 WordPress MiwoFTP Plugin <= 1.0.5 任意文件下载漏洞
新增: 23438 WordPress默认主题DOM XSS(跨站脚本)漏洞

注意事项:
1. 该升级包升级后引擎自动重启生效,不会造成会话中断,但ping包会丢3~5个,请选择合适的时间升级;





NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.103.This is a total upgrade package. After upgrade package is

imported,engine will restart automatically .

List of added or modified signatures:
Added: 23436 Synology DiskStation Manager FileBrowser Component Multiple Directory Traversal Vulnerabilities
Added: 23437 WordPress MiwoFTP Plugin <= 1.0.5 Arbitrary File Download
Added: 23438 Jetpack and Twenty Fifteen Vulnerable to DOM-Based XSS

发布时间:2015-05-14 15:03:52
名称: eoi.unify.rulepatch.5.6.7.499.rule 版本:5.6.7.499
MD5:b47bce5fc3a34f7e973b1e9c76c0bcb6 大小:11.48M
描述:

本升级包为入侵防护特征库升级包,仅支持在固件版本5.6.7.56/67,引擎版本5.6.7.103上升级。升级包为全量升级包。升级后固件版本和引擎版本不变,规则版本变为5.6.7.499。

该升级包新增/改进的规则有:
新增: 23427 Legend Perl IRC Bot远程代码执行漏洞
新增: 23426 Allegro RomPager HTTP Cookie处理安全限制绕过漏洞(CVE-2014-9222)
新增: 23425 WebUI 1.5b6远程代码执行漏洞
新增: 23424 Ubiquiti airCam RTSP服务远程缓冲区溢出漏洞
新增: 23423 Open-Letters Remote PHP代码注入漏洞
新增: 23422 Wolf CMS 0.8.2 任意文件上传漏洞
新增: 23421 WordPress Creative Contact Form上传漏洞
新增: 23420 WordPress Work The Flow上传漏洞
新增: 30672 Sixnet Sixview Web控制台目录遍历漏洞


注意事项:
1. 该升级包升级后引擎自动重启生效,不会造成会话中断,但ping包会丢3~5个,请选择合适的时间升级;

NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.103.This is a total upgrade package. After upgrade package is imported,engine will restart automatically .

List of added or modified signatures:
Added: 23427 Legend Perl IRC Bot Remote Code Execution Vulnerability
Added: 23426 Allegro Software RomPager 'Fortune Cookie' Unspecified HTTP Authentication Bypass (CVE-2014-9222)
Added: 23425 WebUI 1.5b6 - Remote Code Execution Vulnerability
Added: 23424 Ubiquiti airCam RTSP Service Buffer Overflow Vulnerability
Added: 23423 Open-Letters Remote PHP Code Injection Vulnerability
Added: 23422 Wolf CMS 0.8.2 Arbitrary File Upload Exploit
Added: 23421 WordPress Creative Contact Form Upload Vulnerability
Added: 23420 WordPress Work The Flow Upload Vulnerability
Added: 30672 Sixnet Sixview Web Server Directory Traversal Vulnerability

发布时间:2015-05-07 16:42:47
名称: eoi.unify.rulepatch.5.6.7.498.rule 版本:5.6.7.498
MD5:e01a5901f18253254d61dc1b6aa803ce 大小:12.44M
描述:

本升级包为入侵防护特征库升级包,仅支持在固件版本5.6.7.56/67,引擎版本5.6.7.103上升级。升级包为全量升级包。升级后固件版本和引擎版本不变,规则版本变为5.6.7.498。

该升级包新增/改进的规则有:
新增: 23411 Microsoft Internet Explorer内存破坏漏洞(CVE-2015-1660)(MS15-032)
新增: 23412 D-Link/TRENDnet路由器远程命令执行漏洞
新增: 23413 WordPress Slideshow Gallery 1.4.6 Shell 上传漏洞 (CVE-2014-5460)
新增: 23414 Microsoft Internet Explorer内存破坏漏洞(CVE-2015-1665)(MS15-032)
新增: 23415 Microsoft Internet Explorer内存破坏漏洞(CVE-2015-1667)(MS15-032)
新增: 23416 WordPress N-Media Website Contact Form with File Upload 1.3.4 Shell上传漏洞
新增: 23417 ProFTPd 1.3.5远程命令执行
新增: 23418 WordPress Reflex Gallery 上传漏洞
新增: 23419 CUPS kerberos参数跨站脚本漏洞

注意事项:
1. 该升级包升级后引擎自动重启生效,不会造成会话中断,但ping包会丢3~5个,请选择合适的时间升级;

NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.103.This is a total upgrade package. After upgrade package is imported,engine will restart automatically .

List of added or modified signatures:
Added: 23411 Microsoft Internet Explorer CVE-2015-1660 Remote Memory Corruption Vulnerability
Added: 23412 D-Link/TRENDnet NCC Service Command Injection
Added: 23413 WordPress Slideshow Gallery 1.4.6 Shell Upload Vulnerability (CVE-2014-5460)
Added: 23414 Microsoft Internet Explorer CVE-2015-1665 Remote Memory Corruption Vulnerability
Added: 23415 Microsoft Internet Explorer CVE-2015-1667 Remote Memory Corruption Vulnerability
Added: 23416 WordPress N-Media Website Contact Form with File Upload 1.3.4 Shell Upload Vulnerability
Added: 23417 ProFTPd 1.3.5 Remote Command Execution
Added: 23418 WordPress Reflex Gallery Upload Vulnerability
Added: 23419 CUPS kerberos Parameter XSS Attack Vulnerability

发布时间:2015-04-30 14:40:44
名称: eoi.unify.rulepatch.5.6.7.497.rule 版本:5.6.7.497
MD5:215fffe34258024798a30d1303e2f2e5 大小:12.42M
描述:

本升级包为入侵防护特征库升级包,仅支持在固件版本5.6.7.56/67,引擎版本5.6.7.103上升级。升级包为全量升级包。升级后固件版本和引擎版本不变,规则版本变为5.6.7.497。

该升级包新增/改进的规则有:
新增: 23410 Microsoft Internet Explorer内存破坏漏洞(CVE-2015-1657)(MS15-032)
新增: 23409 Microsoft Internet Explorer内存破坏漏洞(CVE-2015-1652)(MS15-032)
新增: 23404 JBoss AS versions 3, 4, 5, 6 远程命令执行
新增: 23403 SolarWinds Firewall Security Manager 远程代码执行漏洞

注意事项:
1. 该升级包升级后引擎自动重启生效,不会造成会话中断,但ping包会丢3~5个,请选择合适的时间升级;

NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.103.This is a total upgrade package. After upgrade package is imported,engine will restart automatically .

List of added or modified signatures:
Added: 23410 Microsoft Internet Explorer CVE-2015-1657 Remote Memory Corruption Vulnerability
Added: 23409 Microsoft Internet Explorer CVE-2015-1652 Remote Memory Corruption Vulnerability
Added: 23404 JBoss AS versions 3, 4, 5, 6 - Remote Command Execution
Added: 23403 SolarWinds Firewall Security Manager Remote Code Execution Vulnerability

发布时间:2015-04-23 16:36:16
名称: eoi.unify.rulepatch.5.6.7.496.rule 版本:5.6.7.496
MD5:45511ab5a1b9f746f2a91e3dbac53e2a 大小:12.39M
描述:

本升级包为入侵防护特征库升级包,仅支持在固件版本5.6.7.56/67,引擎版本5.6.7.103上升级。升级包为全量升级包。升级后固件版本和引擎版本不变,规则版本变为5.6.7.496。

该升级包新增/改进的规则有:
新增: 41207 Ericsson Drutt Mobile Service Delivery Platform 开放重定向漏洞
新增: 23401 ZENworks Configuration Management 远程命令执行和目录遍历漏洞
新增: 23397 JBoss Seam参数化EL表达式远程代码执行和任意文件上传漏洞
新增: 23398 Airties Air5650v3TT路由器栈缓冲区远程溢出漏洞
修改: 41074 TP-Link路由器固件未授权下载口令泄露漏洞
新增: 23396 TFTP Server Read Request远程缓冲区溢出漏洞
新增: 23408 Microsoft Windows HTTP.sys远程代码执行漏洞(CVE-2015-1635)(MS15-034)

注意事项:
1. 该升级包升级后引擎自动重启生效,不会造成会话中断,但ping包会丢3~5个,请选择合适的时间升级;

NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.103.This is a total upgrade package. After upgrade package is imported,engine will restart automatically .

List of added or modified signatures:
Added: 41207 Ericsson Drutt MSDP (3PI Manager) Open Redirect
Added: 23401 ZENworks Configuration Management Remote Code Execution/Directory Traversal
Added: 23397 JBoss Seam Expression Language Remote Code Execution and Arbitrary File Upload
Added: 23398 Airties Air5650v3TT Remote Stack Overflow
Modiffied: 41074 TP-Link Router Firmware Unauthorized Download Password Discloure
Added: 23396 TFTP Server Read Request Remote Buffer Overflow Vulnerability
Added: 23408 Microsoft Windows HTTP.sys Remote Code Execution Vulnerability(CVE-2015-1635)(MS15-034)

发布时间:2015-04-16 11:04:59
名称: eoi.unify.rulepatch.5.6.7.494.rule 版本:5.6.7.494
MD5:64970909ce322418def9af88c98fe6bd 大小:12.37M
描述:

本升级包为入侵防护特征库升级包,仅支持在固件版本5.6.7.56/67,引擎版本5.6.7.103上升级。升级包为全量升级包。升级后固件版本和引擎版本不变,规则版本变为5.6.7.494。


该升级包新增/改进的规则有:
新增: 30669 WordPress Slider Revolution Responsive插件任意文件下载漏洞
新增: 23390 WebGate Control Center 4.8.7 GetThumbnail栈溢出漏洞
新增: 30670 Wordpress aspose-doc-exporter插件任意文件下载漏洞
新增: 23389 WebGate eDVR Manager 2.6.4 SiteName栈溢出漏洞
新增: 23387 fSense 2.2 多个XSS漏洞
新增: 23391 WebGate WinRDS 2.0.8 StopSiteAllChannel栈溢出漏洞


注意事项:
1. 该升级包升级后引擎自动重启生效,不会造成会话中断,但ping包会丢3~5个,请选择合适的时间升级;

NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine 5.6.7.103.This is a total upgrade package. After upgrade package is imported,engine will restart automatically.

List of added or modified signatures:

Added: 30669 WordPress Slider Revolution Responsive Plugin Arbitrary File Download Vulnerability
Added: 23390 WebGate Control Center 4.8.7 GetThumbnail Stack Overflow
Added: 30670 Wordpress aspose-doc-exporter Plugin Arbitrary File Download Vulnerability
Added: 23389 WebGate eDVR Manager 2.6.4 SiteName Stack Overflow
Added: 23387 fSense 2.2 multiple XSS vulnerabilities
Added: 23391 WebGate WinRDS 2.0.8 StopSiteAllChannel Stack Overflow

发布时间:2015-04-09 17:15:32
名称: eoi.unify.rulepatch.5.6.7.493.rule 版本:5.6.7.493
MD5:9a74710c0ef8f59764fb2123e96716c7 大小:11.39M
描述:

本升级包为入侵防护特征库升级包,仅支持在固件版本5.6.7.56/67,引擎版本5.6.7.101上升级。升级包为全量升级包。升级后固件版本和引擎版本不变,规则版本变为5.6.7.493。

该升级包新增/改进的规则有:
新增: 23385 WP Marketplace 远程命令执行漏洞
新增: 23386 WebGate eDVR Manager WESPMonitor.WESPMonitorCtrl.1 LoadImageEx Stack 缓冲区溢出远程代码执行漏洞
新增: 23384 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2015-0052)(MS15-009)
新增: 30668 EMC Watch4Net和ViPR SRM 目录遍历漏洞
新增: 23382 Microsoft Internet Explorer ASLR安全限制绕过漏洞(CVE-2015-0069)(MS15-009)
新增: 23380 ManageEngine DeviceExpert跨站请求伪造漏洞
新增: 23381 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2015-0053)(MS15-009)
新增: 23379 Microsoft Internet Explorer ASLR安全限制绕过漏洞(CVE-2015-0051)(MS15-009)


注意事项:
1. 该升级包升级后引擎自动重启生效,不会造成会话中断,但ping包会丢3~5个,请选择合适的时间升级;

NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.101.This is a total upgrade package. After upgrade package is imported,engine will restart automatically .

List of added or modified signatures:
Added: 23385 WP Marketplace Remote Code Execution
Added: 23386 WebGate eDVR Manager WESPMonitor.WESPMonitorCtrl.1 LoadImageEx Stack Buffer Overflow Remote Code Execution Vulnerability
Added: 23384 Microsoft Internet Explorer CVE-2015-0052 Remote Memory Corruption Vulnerability
Added: 30668 EMC Watch4Net and ViPR SRM Directory Traversal Vulnerability
Added: 23382 Microsoft Internet Explorer CVE-2015-0069 ASLR Security Bypass Vulnerability
Added: 23380 ManageEngine DeviceExpert CSRF Vulnerability
Added: 23381 Microsoft Internet Explorer CVE-2015-0053 Remote Memory Corruption Vulnerability
Added: 23379 Microsoft Internet Explorer CVE-2015-0051 ASLR Security Bypass Vulnerability

发布时间:2015-04-02 15:13:19
名称: eoi.unify.rulepatch.5.6.7.492.rule 版本:5.6.7.492
MD5:1efb9c7562f90111ccea6c2c67d43578 大小:11.38M
描述:

本升级包为入侵防护特征库升级包,仅支持在固件版本5.6.7.56/67,引擎版本5.6.7.101上升级。升级包为全量升级包。升级后固件版本和引擎版本不变,规则版本变为5.6.7.492。

该升级包新增/改进的规则有:
新增: 23377 TWiki Debugenableplugins 远程代码执行
新增: 23375 Microsoft Internet Explorer CVE-2015-1634 远程代码执行内存破坏漏洞
新增: 23376 Microsoft Exchange Server CVE-2015-1632 跨站脚本漏洞


注意事项:
1. 该升级包升级后引擎自动重启生效,不会造成会话中断,但ping包会丢3~5个,请选择合适的时间升级;

NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.101.This is a total upgrade package. After upgrade package is imported,engine will restart automatically .

List of added or modified signatures:
Added: 23377 TWiki Debugenableplugins Remote Code Execution
Added: 23375 Microsoft Internet Explorer CVE-2015-1634 Remote Memory Corruption Vulnerability
Added: 23376 Microsoft Exchange Server CVE-2015-1632 Cross Site Scripting Vulnerability

发布时间:2015-03-26 15:56:27
名称: eoi.unify.rulepatch.5.6.7.491.rule 版本:5.6.7.491
MD5:111311ccd46f4516e59dba028d07706b 大小:11.28M
描述:

本升级包为入侵防护特征库升级包,仅支持在固件版本5.6.7.56/67,引擎版本5.6.7.101上升级。升级包为全量升级包。升级后固件版本和引

擎版本不变,规则版本变为5.6.7.491。

该升级包新增/改进的规则有:
新增: 23370 Microsoft Internet Explorer CVE-2015-1623(MS15-018) 释放后重利用远程代码执行内存破坏漏洞
新增: 23371 Microsoft Internet Explorer CVE-2015-1625(MS15-018) 越界数组访问远程代码执行内存破坏漏洞
新增: 23372 Microsoft Exchange Server XSS CVE-2015-1628(MS15-018)漏洞
新增: 23373 Microsoft Internet Explorer CVE-2015-1622 远程代码执行内存破坏漏洞
新增: 23374 Microsoft Internet Explorer CVE-2015-0100 Use After Free 远程代码执行漏洞
新增: 23365 Microsoft Internet Explorer CVE-2015-0032 远程代码执行内存破坏漏洞
新增: 23369 Microsoft Internet Explorer CVE-2015-0099 远程代码执行内存破坏漏洞
修改: 23345 Easy File Sharing Web Server 6.8 - 堆栈溢出漏洞


注意事项:
1. 该升级包升级后引擎自动重启生效,不会造成会话中断,但ping包会丢3~5个,请选择合适的时间升级;

NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.101.This is a total upgrade package. After

upgrade package is imported,engine will restart automatically .

List of added or modified signatures:
Added: 23370 Microsoft Internet Explorer CVE-2015-1623(MS15-018) Use After Free Remote Code Execution Vulnerability
Added: 23371 Microsoft Internet Explorer CVE-2015-1625(MS15-018) out-of-bounds array access Remote Code Execution

Vulnerability
Added: 23372 Microsoft Exchange Server XSS CVE-2015-1628(MS15-018)Vulnerability
Added: 23373 Microsoft Internet Explorer CVE-2015-1622 Remote Memory Corruption Vulnerability
Added: 23374 Microsoft Internet Explorer CVE-2015-0100 Use After Free Remote Code Execution Vulnerability
Added: 23365 Microsoft Internet Explorer CVE-2015-0032 Remote Memory Corruption Vulnerability
Added: 23369 Microsoft Internet Explorer CVE-2015-0099 Remote Memory Corruption Vulnerability
Modified: 23345 Easy File Sharing Web Server 6.8 - Stack Buffer Overflow Vulnerability

发布时间:2015-03-19 14:53:42
名称: eoi.unify.rulepatch.5.6.7.490.rule 版本:5.6.7.490
MD5:d740e8ab445c5bf96cfd01b303682959 大小:11.18M
描述:

本升级包为入侵防护特征库升级包,仅支持在固件版本5.6.7.56/67,引擎版本5.6.7.101上升级。升级包为全量升级包。升级后固件版本和引擎版本不变,规则版本变为5.6.7.490。
该升级包新增/改进的规则有:

修改: 23331 Microsoft Internet Explorer CVE-2015-0019 远程代码执行内存破坏漏洞
修改: 23332 HP 客户端自动化命令注入
修改: 50520 Novalite远程控制木马
修改: 40958 木马后门程序Chopper Webshell检测

注意事项:
1. 该升级包升级后引擎自动重启生效,不会造成会话中断,但ping包会丢3~5个,请选择合适的时间升级;

NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.101.This is a total upgrade package. After upgrade package is imported,engine will restart automatically .

Modified: 23331 Microsoft Internet Explorer CVE-2015-0019 Remote Memory Corruption Vulnerability
Modified: 23332 HP Client Automation Command Injection
Modified: 50520 Backdoor/Trojan Novalite Remote Control
Modified: 40958 Backdoor/Trojan Chopper Webshell Detection

发布时间:2015-03-12 17:31:32
名称: eoi.unify.rulepatch.5.6.7.489.rule 版本:5.6.7.489
MD5:694da0ffcef9fc8278abb33b5754ff7a 大小:11.16M
描述:

本升级包为入侵防护特征库升级包,仅支持在固件版本5.6.7.56/67,引擎版本5.6.7.101上升级。升级包为全量升级包。升级后固件版本和引擎版本不变,规则版本变为5.6.7.489。

该升级包新增/改进的规则有:
新增: 10389 Net-SNMP GETBULK远程拒绝服务漏洞
新增: 23323 HP Data Protector 8.x远程代码执行
新增: 23324 ManageEngine NetFlow Analyzer 任意文件下载
新增: 23325 Microsoft Internet Explorer CVE-2015-0017 远程代码执行内存破坏漏洞
新增: 23327 Microsoft Internet Explorer CVE-2015-0018 远程代码执行内存破坏漏洞
新增: 23330 Microsoft Internet Explorer CVE-2014-8967 释放后重利用远程代码执行漏洞
新增: 23331 Microsoft Internet Explorer CVE-2015-0019 远程代码执行内存破坏漏洞
新增: 23332 HP 客户端自动化命令注入
新增: 50520 Novalite远程控制木马
修改: 40958 木马后门程序Chopper Webshell检测


注意事项:
1. 该升级包升级后引擎自动重启生效,不会造成会话中断,但ping包会丢3~5个,请选择合适的时间升级;

NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.101.This is a total upgrade package. After upgrade package is imported,engine will restart automatically .

List of added or modified signatures:
Added: 10389 Net-SNMP GETBULK Remote Denial of Service Vulnerability
Added: 23323 HP Data Protector 8.x - Remote Command Execution
Added: 23324 ManageEngine NetFlow Analyzer Arbitrary File Download
Added: 23325 Microsoft Internet Explorer CVE-2015-0017 Remote Memory Corruption Vulnerability
Added: 23327 Microsoft Internet Explorer CVE-2015-0018 Remote Memory Corruption Vulnerability
Added: 23330 Microsoft Internet Explorer CVE-2014-8967 Use After Free Remote Code Execution Vulnerability
Added: 23331 Microsoft Internet Explorer CVE-2015-0019 Remote Memory Corruption Vulnerability
Added: 23332 HP Client Automation Command Injection
Added: 50520 Backdoor/Trojan Novalite Remote Control
Modified: 40958 Backdoor/Trojan Chopper Webshell Detection

发布时间:2015-03-05 14:02:27
名称: eoi.unify.rulepatch.5.6.7.488.rule 版本:5.6.7.488
MD5:6a41d9aa895f5b11c1bf88b51856d40a 大小:11.10M
描述:

本升级包为入侵防护特征库升级包,仅支持在固件版本5.6.7.56/67,引擎版本5.6.7.101上升级。升级包为全量升级包。升级后固件版本和引擎版本不变,规则版本变为5.6.7.488。

该升级包新增/改进的规则有:
修改: 30571 JWPlayer远程跨站脚本执行漏洞
修改: 21281 Microsoft SharePoint跨站脚本执行漏洞(MS11-074)(CVE-2011-1893)


注意事项:
1. 该升级包升级后引擎自动重启生效,不会造成会话中断,但ping包会丢3~5个,请选择合适的时间升级;

NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.101.This is a total upgrade package. After upgrade package is imported,engine will restart automatically .

List of added or modified signatures:
Modified: 30571 JWPlayer Remote Cross-Site Scripting Vulnerability
Modified: 21281 Microsoft SharePoint Cross Site Scripting Vulnerability(MS11-074)(CVE-2011-1893)

发布时间:2015-02-26 16:46:41
名称: eoi.unify.rulepatch.5.6.7.487.rule 版本:5.6.7.487
MD5:e0ae09494cf95c4f2cc0ccf51b562128 大小:11.10M
描述:

本升级包为入侵防护特征库升级包,仅支持在固件版本5.6.7.56/67,引擎版本5.6.7.101上升级。升级包为全量升级包。升级后固件版本和引擎版本不变,规则版本变为5.6.7.487。

该升级包新增/改进的规则有:
修改: 22501 Webmin /file/show.cgi远程命令执行漏洞
修改: 21750 HP OpenView Network Node Manager OpenView5.exe CGI缓冲区溢出漏洞


注意事项:
1. 该升级包升级后引擎自动重启生效,不会造成会话中断,但ping包会丢3~5个,请选择合适的时间升级;

NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.101.This is a total upgrade package. After upgrade package is imported,engine will restart automatically .

List of added or modified signatures:
Modified: 22501 Webmin / file / show.cgi Remote Command Execution Vulnerability
Modified: 21750 HP OpenView Network Node Manager OpenView5.exe CGI Buffer Overflow Vulnerability

发布时间:2015-02-19 12:13:06
名称: eoi.unify.rulepatch.5.6.7.486.rule 版本:5.6.7.486
MD5:cc79992c8cf3a20ffedcb7f6d5a95109 大小:11.09M
描述:

本升级包为入侵防护特征库升级包,仅支持在固件版本5.6.7.56/67,引擎版本5.6.7.101上升级。升级包为全量升级包。升级后固件版本和引擎版本不变,规则版本变为5.6.7.486。

该升级包新增/改进的规则有:

新增: 23320 Fritz!Box Webcm 未认证命令注入漏洞
新增: 23316 Novell ZENworks Configuration Management UploadServlet远程代码执行
新增: 23318 Pandora FMS 远程代码执行漏洞

注意事项:
1. 该升级包升级后引擎自动重启生效,不会造成会话中断,但ping包会丢3~5个,请选择合适的时间升级;

NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.101.This is a total upgrade package. After upgrade package is imported,engine will restart automatically .

List of added or modified signatures:
Added: 23320 Fritz!Box Webcm Unauthenticated Command Injection
Added: 23316 Novell ZENworks Configuration Management UploadServlet Remote Code Execution
Added: 23318 Pandora FMS Remote Code Execution

发布时间:2015-02-12 16:51:41
名称: eoi.unify.rulepatch.5.6.7.485.rule 版本:5.6.7.485
MD5:c2a934bdbbd98d690712dec7331920b6 大小:10.42M
描述:

本升级包为入侵防护特征库升级包,仅支持在固件版本5.6.7.56/67,引擎版本5.6.7.98上升级。升级包为全量升级包。升级后固件版本和引擎版本不变,规则版本变为5.6.7.485。

该升级包新增/改进的规则有:
新增: 23312 AT-TFTP Server超长文件名远程缓冲区溢出漏洞
新增: 23314 Sambar 6 搜索结果缓冲区溢出
修改: 20708 SIPfoundry sipXtapi畸形CSeq字段处理远程缓冲区溢出攻击
修改: 21711 Roxio CinePlayer ActiveX Control缓冲区溢出漏洞


注意事项:
1. 该升级包升级后引擎自动重启生效,不会造成会话中断,但ping包会丢3~5个,请选择合适的时间升级;

NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.98.This is a total upgrade package. After upgrade package is imported,engine will restart automatically .

List of added or modified signatures:
Added: 23312 Allied Telesyn TFTP Server Long Filename Overflow
Added: 23314 Sambar 6 Search Results Buffer Overflow
Modified: 20708 SIPfoundry sipXtapi Malformed CSeq Field Handling Remote Buffer Overflow
Modified: 21711 Roxio CinePlayer ActiveX Control Buffer Overflow Vulnerability

发布时间:2015-02-05 15:29:24
名称: eoi.unify.rulepatch.5.6.7.484.rule 版本:5.6.7.484
MD5:5edd5c771089d2773eaa7b731b8f761b 大小:10.41M
描述:

本升级包为入侵防护特征库升级包,仅支持在固件版本5.6.7.56/67,引擎版本5.6.7.93上升级。升级包为全量升级包。升级后固件版本和引擎版本不变,规则版本变为5.6.7.484。

该升级包新增/改进的规则有:
新增: 20935 MySQL yaSSL SSL Hello报文缓冲区溢出漏洞
新增: 21593 网络蠕虫Nimda TFTP请求Admin.dll
新增: 23303 ProjectSend 任意文件上传漏洞
新增: 23304 Pandora v3.1 - 验证绕过和任意文件上传漏洞
新增: 23305 WP Symposium <= 14.11 - 未认证 Shell 上传
新增: 23306 Lexmark MarkVision Enterprise 任意文件上传漏洞
新增: 23307 ASUS路由器固件ASUSWRT LAN后门命令执行漏洞
新增: 23308 ManageEngine的多个产品通过身份验证的文件上传
新增: 41194 CTB-Locker比特币敲诈者病毒恶意文件下载
新增: 23315 GNU glibc gethostbyname缓冲区溢出漏洞


注意事项:
1. 该升级包升级后引擎自动重启生效,不会造成会话中断,但ping包会丢3~5个,请选择合适的时间升级;

NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.93.This is a total upgrade package. After upgrade package is imported,engine will restart automatically .

List of added or modified signatures:
Added: 20935 MySQL yaSSL SSL Hello Message Buffer Overflow
Added: 21593 Nimda Worm TFTP Request Admin.dll
Added: 23303 ProjectSend Arbitrary File Upload
Added: 23304 Pandora v3.1 - Auth Bypass and Arbitrary File Upload Vulnerability
Added: 23305 WP Symposium <= 14.11 - Unauthenticated Shell Upload
Added: 23306 Lexmark MarkVision Enterprise Arbitrary File Upload
Added: 23307 ASUSWRT LAN Backdoor Command Execution
Added: 23308 ManageEngine Multiple Products Authenticated File Upload
Added: 41194 CTB-Locker Bitcoin Backmail Virus Malicious File Downloading
Added: 23315 GNU glibc gethostbyname Buffer Overflow Vulnerability

发布时间:2015-01-28 21:08:13
名称: eoi.unify.rulepatch.5.6.7.482.rule 版本:5.6.7.482
MD5:800f8a3446392868a4bb385b23c2bdcd 大小:10.37M
描述:

本升级包为入侵防护特征库升级包,仅支持在固件版本5.6.7.56/67,引擎版本5.6.7.93上升级。升级包为全量升级包。升级后固件版本和引擎版本不变,规则版本变为5.6.7.482。

该升级包新增/改进的规则有:
新增: 21961 Symantec System Center Alert Management System (xfr.exe) Arbitrary Command Execution
新增: 23301 Numara / BMC Track-It! FileStorageService 任意文件上传漏洞
新增: 23298 FreePBX 跨站脚本执行和命令注入漏洞
新增: 23300 Sun Java Web Start 双引号注入
新增: 22851 OpenX 'flowplayer-3.1.1.min.js'后门漏洞
新增: 23296 Orbit Downloader Connecting日志消息栈溢出漏洞
新增: 23295 Support Incident Tracker (SiT!)输入验证漏洞



注意事项:
1. 该升级包升级后引擎自动重启生效,不会造成会话中断,但ping包会丢3~5个,请选择合适的时间升级;

NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.93.This is a total upgrade package. After upgrade package is imported,engine will restart automatically .

List of added or modified signatures:
Added: 21961 Symantec System Center Alert Management System (xfr.exe) Arbitrary Command Execution
Added: 23301 Numara / BMC Track-It! FileStorageService Arbitrary File Upload
Added: 23298 FreePBX 2.10.0 / 2.9.0 callmenum Remote Code Execution
Added: 23300 Java Web Start Double Quote Injection Remote Code Execution
Added: 22851 OpenX Backdoor PHP Code Execution
Added: 23296 Orbit Downloader Connecting Log Creation Buffer Overflow
Added: 23295 Support Incident Tracker Arbitrary File Upload Vulnerability

发布时间:2015-01-22 14:29:46
名称: eoi.unify.rulepatch.5.6.7.481.rule 版本:5.6.7.481
MD5:98266361da4e0c64a363e86e026ce5b3 大小:10.36M
描述:

本升级包为入侵防护特征库升级包,仅支持在固件版本5.6.7.56/67,引擎版本5.6.7.93上升级。升级包为全量升级包。升级后固件版本和引擎版本不变,规则版本变为5.6.7.481。

该升级包新增/改进的规则有:
新增: 22851 OpenX 'flowplayer-3.1.1.min.js'后门漏洞
新增: 23295 Support Incident Tracker (SiT!)输入验证漏洞
新增: 23296 Orbit Downloader Connecting日志消息栈溢出漏洞
新增: 23298 FreePBX 跨站脚本执行和命令注入漏洞

注意事项:
1. 该升级包升级后引擎自动重启生效,不会造成会话中断,但ping包会丢3~5个,请选择合适的时间升级。

NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.93.This is a total upgrade package. After upgrade package is imported,engine will restart automatically .

List of added or modified signatures:
Added: 22851 OpenX Backdoor PHP Code Execution
Added: 23295 Support Incident Tracker Arbitrary File Upload Vulnerability
Added: 23296 Orbit Downloader Connecting Log Creation Buffer Overflow
Added: 23298 FreePBX 2.10.0 / 2.9.0 callmenum Remote Code Execution

发布时间:2015-01-15 17:07:56
名称: eoi.unify.rulepatch.5.6.7.480.rule 版本:5.6.7.480
MD5:a88194b7a5a2efb640906532818b6db2 大小:10.34M
描述:

本升级包为入侵防护特征库升级包,仅支持在固件版本5.6.7.56/67,引擎版本5.6.7.93上升级。升级包为全量升级包。升级后固件版本和引擎版本不变,规则版本变为5.6.7.480。

该升级包新增/改进的规则有:
新增: 23287 Java MixerSequencer对象GM_Song结构处理漏洞
新增: 23289 LifeSize Room远程命令注入漏洞
新增: 23290 Evological EvoCam HTTP GET请求远程溢出漏洞
新增: 10388 Apache Tomcat哈希碰撞拒绝服务漏洞
修改: 22802 Apache Tomcat mod_jk二进制代码执行攻击

注意事项:
1. 该升级包升级后引擎自动重启生效,不会造成会话中断,但ping包会丢3~5个,请选择合适的时间升级。

NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.93.This is a total upgrade package. After upgrade package is imported,engine will restart automatically .

List of added or modified signatures:
Added: 23287 Java MixerSequencer Object GM_Song Structure Handling Vulnerability
Added: 23289 LifeSize Room Command Injection
Added: 23290 MacOS X EvoCam HTTP GET Buffer Overflow
Added: 10388 Apache Tomcat Hash Collision Denial of Service Vulnerability
Modified: 22802 Apache Tomcat mod_jk Arbitrary Code Execution

发布时间:2015-01-08 14:53:55
名称: eoi.unify.rulepatch.5.6.7.479.rule 版本:5.6.7.479
MD5:347501349dad9cc0101e0b159bf35898 大小:10.26M
描述:

本升级包为入侵防护特征库升级包,仅支持在固件版本5.6.7.56/67,引擎版本5.6.7.93上升级。升级包为全量升级包。升级后固件版本和引擎版本不变,规则版本变为5.6.7.479。

该升级包新增/改进的规则有:
新增: 23284 openSIS "modname" PHP 代码注入漏洞
新增: 23286 HP SiteScope多个远程代码执行漏洞
新增: 23283 vtiger CRM 'validateSession()' 身份验证绕过漏洞
新增: 23282 GitLab 'SSH key upload'功能远程代码执行漏洞
新增: 23280 RealNetworks RealPlayer QCP解析缓冲区溢出漏洞
新增: 23281 GitList远程代码执行漏洞
新增: 23279 VMTurbo Operations Manager '/cgi-bin/vmtadmin.cgi'远程命令执行漏洞
新增: 21948 DaqFactory HMI NETB请求缓冲区溢出漏洞
新增: 41189 DNS Flood 僵尸网络通讯
新增: 41190 Linux间谍木马 APT 图兰(Turla) 通信
新增: 23278 PhpWiki Ploticus模块命令注入漏洞



注意事项:
1. 该升级包升级后引擎自动重启生效,不会造成会话中断,但ping包会丢3~5个,请选择合适的时间升级。

NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.93.This is a total upgrade package. After upgrade package is imported,engine

will restart automatically .

List of added or modified signatures:
Added: 23284 OpenSIS 'modname' - PHP Code Execution
Added: 23286 HP SiteScope Remote Code Execution
Added: 23283 vTiger CRM SOAP AddEmailAttachment Arbitrary File Upload
Added: 23282 Gitlab-shell Code Execution
Added: 23280 RealNetworks RealPlayer QCP Parsing Buffer Overflow Vulnerability
Added: 23281 Gitlist Unauthenticated Remote Command Execution
Added: 23279 VMTurbo Operations Manager 4.6 vmtadmin.cgi Remote Command Execution
Added: 21948 DaqFactory HMI NETB Request Overflow
Added: 41189 DNS Flood BotNet Communication
Added: 41190 Linux Spyware Trojans APT (Turla) Communication
Added: 23278 PhpWiki - Remote Command Execution

发布时间:2015-01-01 14:48:42
名称: eoi.unify.rulepatch.5.6.7.478.rule 版本:5.6.7.478
MD5:5f735300b833b67e84a98d5ab183e706 大小:10.25M
描述:

本升级包为入侵防护特征库升级包,仅支持在固件版本5.6.7.56/67,引擎版本5.6.7.93上升级。升级包为全量升级包。升级后固件版本和引擎版本不变,规则版本变为5.6.7.478。

该升级包新增/改进的规则有:
新增: 23274 Trend Micro Control Manager 'CmdProcessor.exe'远程代码执行漏洞
新增: 23275 Zabbix任意命令执行漏洞(CVE-2013-3628)
新增: 23276 Supermicro Onboard IPMI close_window.cgi缓冲区溢出漏洞
修改: 22488 Novell ZENworks Asset Management 7.5 配置存取漏洞

注意事项:
1. 该升级包升级后引擎自动重启生效,不会造成会话中断,但ping包会丢3~5个,请选择合适的时间升级。

NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.93.This is a total upgrade package. After upgrade package is imported,engine will restart automatically .

List of added or modified signatures:
Added: 23274 Trend Micro Control Manager 'CmdProcessor.exe' Remote Code Execution Vulnerability
Added: 23275 Zabbix Authenticated Remote Command Execution (CVE-2013-3628)
Added: 23276 Supermicro Onboard IPMI close_window.cgi Buffer Overflow
Modified: 22488 Novell ZENworks Asset Management 7.5 Configuration Access

发布时间:2014-12-25 15:54:41
名称: eoi.unify.rulepatch.5.6.7.477.rule 版本:5.6.7.477
MD5:58500947a8622644a133799f4c9e9598 大小:10.24M
描述:

本升级包为入侵防护特征库升级包,仅支持在固件版本5.6.7.56/67,引擎版本5.6.7.93上升级。升级包为全量升级包。升级后固件版本和引

擎版本不变,规则版本变为5.6.7.477。

该升级包新增/改进的规则有:
新增: 23259 GLPI install.php 远程命令执行漏洞
新增: 23260 Joomla Media Manager 文件上传漏洞
新增: 23261 Cisco Prime Data Center Network Manager 多个远程命令执行漏洞
新增: 23263 GroundWork monarch_scan.cgi OS命令注入漏洞
新增: 23265 Forum Livre busca2.asp palavra参数XSS跨站攻击漏洞
新增: 23268 Pandora FMS SQLi 远程代码执行
新增: 23269 Symantec Workspace Streaming任意文件上传漏洞
新增: 23270 Ericom AccessNow Server 'AccessServer32.exe'栈缓冲区溢出漏洞
新增: 23271 NAS4Free任意远程代码执行漏洞
新增: 23272 Apache Struts2开发模式命令执行漏洞
新增: 41186 Java JNLP自动安装运行应用程序

注意事项:
1. 该升级包升级后引擎自动重启生效,不会造成会话中断,但ping包会丢3~5个,请选择合适的时间升级。

NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.93.This is a total upgrade package. After

upgrade package is imported,engine will restart automatically .

List of added or modified signatures:
Added: 23259 GLPI install.php Remote Command Execution
Added: 23260 Joomla Media Manager File Upload Vulnerability
Added: 23261 Cisco Prime Data Center Network Manager - Arbitrary File Upload
Added: 23263 GroundWork monarch_scan.cgi OS Command Injection
Added: 23265 Forum Livre busca2.asp palavra Parameter HTTP Post Cross Site Scripting
Added: 23268 GLPI install.php Remote Command Execution
Added: 23269 Symantec Workspace Streaming Arbitrary File Upload
Added: 23270 Ericom AccessNow Server Buffer Overflow
Added: 23271 NAS4Free - Arbitrary Remote Code Execution
Added: 23272 Apache Struts2 Development Mode Command Execution Vulnerability
Added: 41186 Java JNLP Automatically Install and Run Applications

发布时间:2014-12-18 17:44:52
名称: eoi.unify.rulepatch.5.6.7.476.rule 版本:5.6.7.476
MD5:07738ca9f17b24d1fe53fbb7b79459cc 大小:10.22M
描述:

本升级包为入侵防护特征库升级包,仅支持在固件版本5.6.7.56/67,引擎版本5.6.7.93上升级。升级包为全量升级包。升级后固件版本和引擎版本不变,规则版本变为5.6.7.476。

该升级包新增/改进的规则有:
新增: 23255 Squash YAML代码执行漏洞
新增: 23221 BigAnt IM Server 任意文件上传漏洞
新增: 23222 ManageEngine Eventlog Analyzer任意文件上传漏洞
新增: 23220 多个Honeywell产品'HscRemoteDeploy.dll' Activex远程代码执行漏洞
新增: 23211 Firefox 5.0-15.0.1 __exposedProps__ XCS远程命令执行漏洞
新增: 41184 Oracle Event Processing FileUploadServlet Arbitrary 文件上传漏洞
新增: 23214 Quest InTrust 'AnnotateX.dll'未初始化指针代码执行漏洞
新增: 23212 育碧UPLAY ActiveX控件远程命令执行漏洞
新增: 21890 ASUS Net4Switch ipswcom.dll ActiveX缓冲区溢出漏洞



注意事项:
1. 该升级包升级后引擎自动重启生效,不会造成会话中断,但ping包会丢3~5个,请选择合适的时间升级。

NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.93.This is a total upgrade package. After upgrade package is imported,engine will restart automatically .

List of added or modified signatures:
Added: 23255 Squash YAML Code Execution
Added: 23221 BigAnt Server 2.97 - DUPF Command Arbitrary File Upload
Added: 23222 ManageEngine Eventlog Analyzer Arbitrary File Upload
Added: 23220 Honeywell HSC Remote Deployer ActiveX Code Execution Vulnerability
Added: 23211 Firefox 5.0-15.0.1 __exposedProps__ XCS Code Execution
Added: 41184 Oracle Event Processing FileUploadServlet Arbitrary File Upload
Added: 23214 Quest InTrust Annotation Objects Uninitialized Pointer
Added: 23212 Ubisoft UPLAY Active X Control Arbitrary Code Execution
Added: 21890 ASUS Net4Switch ipswcom.dll ActiveX Stack Buffer Overflow

发布时间:2014-12-11 14:40:00
名称: eoi.unify.rulepatch.5.6.7.475.rule 版本:5.6.7.475
MD5:23078eedb688b2e833bae7bc2dd3fe51 大小:10.22M
描述:

本升级包为入侵防护特征库升级包,仅支持在固件版本5.6.7.56/67,引擎版本5.6.7.93上升级。升级包为全量升级包。升级后固件版本和引擎版本不变,规则版本变为5.6.7.475。

该升级包新增/改进的规则有:
修改: 21856 Sun Java JRE getSoundbank file:// URI Buffer Overflow
新增: 22661 NetIQ eDirectory Novell NCP实现栈缓冲区溢出漏洞
新增: 23194 HP Intelligent Management Center UAM缓冲区溢出漏洞
新增: 23195 KeyHelp ActiveX LaunchTriPane远程命令执行漏洞
新增: 23196 Sun Java Web Start的插件命令行参数注入漏洞(2012)
新增: 23197 IBM Lotus产品UploadControl ActiveX缓冲区溢出漏洞
新增: 23198 IBM Lotus Notes客户端"notes" URI处理器漏洞
新增: 23203 MantisBT XmlImportExport Plugin PHP代码注入漏洞
新增: 23204 海康威视设备RTSP 请求缓冲区溢出代码执行漏洞
新增: 23205 Apple QuickTime MIME类型缓冲区溢出漏洞
新增: 30653 CA Arcserve D2D GWT RPC 凭证信息泄露


注意事项:
1. 该升级包升级后引擎自动重启生效,不会造成会话中断,但ping包会丢3~5个,请选择合适的时间升级。

NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.93.This is a total upgrade package. After upgrade package is imported,engine will restart automatically .

List of added or modified signatures:
Modified: 21856 Sun Java JRE getSoundbank file:// URI Buffer Overflow
Added: 22661 Novell eDirectory 8 Buffer Overflow
Added: 23194 HP Intelligent Management Center UAM Buffer Overflow
Added: 23195 KeyHelp ActiveX LaunchTriPane Remote Code Execution Vulnerability
Added: 23196 Sun Java Web Start Plugin Command Line Argument Injection (2012)
Added: 23197 IBM Lotus UploadControl ActiveX Buffer Overflow
Added: 23198 IBM Lotus Notes Client URL Handler Command Injection
Added: 23203 MantisBT XmlImportExport Plugin PHP Code Injection Vulnerability
Added: 23204 Hikvision DVR RTSP Request Buffer Overflow Remote Code Execution
Added: 23205 Apple QuickTime MIME Type Buffer Overflow
Added: 30653 CA Arcserve D2D GWT RPC Credential Information Disclosure

发布时间:2014-12-04 15:54:53
名称: eoi.unify.rulepatch.5.6.7.474.rule 版本:5.6.7.474
MD5:13a7b4c9ce967f0b18171f0502279b98 大小:10.21M
描述:

本升级包为入侵防护特征库升级包,仅支持在固件版本5.6.7.56/67,引擎版本5.6.7.93上升级。升级包为全量升级包。升级后固件版本和引

擎版本不变,规则版本变为5.6.7.474。

该升级包新增/改进的规则有:
新增: 23179 贝尔金路由器0day溢出漏洞
新增: 23180 VICIDIAL 'manager_send.php'远程命令注入漏洞
新增: 23181 Apache Struts includeParams 远程代码执行
新增: 23182 Oracle WebCenter Content CheckOutAndOpen.dll ActiveX 远程代码执行漏洞
新增: 23183 ZoneMinder视频服务器packageControl远程命令执行漏洞
新增: 23184 Nagios 远程插件执行者任意命令执行漏洞
新增: 23186 Active Collab "chat module" PHP注入漏洞
新增: 23187 HP Data Protector 创建文件夹缓冲区溢出漏洞
新增: 23188 Sysax Multi Server Create Folder缓冲区溢出漏洞
新增: 23189 Ektron CMS 'XslCompiledTransform'类远程代码执行漏洞
新增: 23191 op5 Appliance system-op5config组件op5config/welcome密码参数远程命令执行漏洞
新增: 23192 HP StorageWorks Virtual SAN Appliance SAN/iQ远程命令注入漏洞
新增: 23193 Apache Struts 开发模式 OGNL 执行
新增: 41182 IBM Cognos tm1admsd.exe 溢出漏洞


注意事项:
1. 该升级包升级后引擎自动重启生效,不会造成会话中断,但ping包会丢3~5个,请选择合适的时间升级。

NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.93.This is a total upgrade package. After

upgrade package is imported,engine will restart automatically .

List of added or modified signatures:
Added: 23179 Belkin Router 0day Overflow Vulnerability
Added: 23180 VICIDIAL 'manager_send.php' Command Injection Vulnerability
Added: 23181 Apache Struts includeParams Remote Code Execution
Added: 23182 Oracle WebCenter Content CheckOutAndOpen.dll ActiveX Remote Code Execution
Added: 23183 ZoneMinder Video Server packageControl Command Execution
Added: 23184 Nagios Remote Plugin Executor Arbitrary Command Execution
Added: 23186 Active Collab "chat module" Remote PHP Code Injection Exploit
Added: 23187 HP Data Protector Create New Folder Buffer Overflow
Added: 23188 Sysax Multi Server Create Folder Buffer Overflow
Added: 23189 Ektron CMS XSLT Transform Remote Code Execution
Added: 23191 op5 Appliance system-op5config components op5config / welcome password parameters Remote Command Execution

Vulnerability
Added: 23192 HP StorageWorks Virtual SAN Appliance Command Execution
Added: 23193 Apache Struts Developer Mode OGNL Execution
Added: 41182 IBM Cognos tm1admsd.exe Overflow Vulnerability

发布时间:2014-11-27 15:56:53
名称: eoi.unify.rulepatch.5.6.7.473.rule 版本:5.6.7.473
MD5:8cd275cd70180be1401a5375f44c7e7c 大小:10.22M
描述:

本升级包为入侵防护特征库升级包,仅支持在固件版本5.6.7.56/67,引擎版本5.6.7.93上升级。升级包为全量升级包。升级后固件版本和引擎版本不变,规则版本变为5.6.7.473。

该升级包新增/改进的规则有:
新增: 23156 Horde 框架反序化PHP代码执行漏洞
新增: 23162 Rocket Servergraph Admin Center fileRequestor远程代码执行漏洞
新增: 23171 JIRA Issues Collector目录遍历漏洞
新增: 23170 SkyBlueCanvas 'index.php'远程命令注入漏洞
新增: 23169 vtiger CRM安装脚本远程代码执行漏洞
新增: 23161 Visual Mining NetCharts Server 任意文件上传漏洞
新增: 23168 windows OLE 自动化数组远程代码执行漏洞
新增: 23165 F5 iControl远程命令注入漏洞
新增: 30652 IE URL属性信息泄露
新增: 23158 OWA信域绕过漏洞
新增: 23159 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2014-6347)
新增: 23163 横河电机株式会社CENTUM CS 3000 BKFSim_vhfd.exe 缓冲区溢出
修改: 30570 Microsoft远程桌面协议RDP远程代码执行漏洞扫描


注意事项:
1. 该升级包升级后引擎自动重启生效,不会造成会话中断,但ping包会丢3~5个,请选择合适的时间升级。

NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.93.This is a total upgrade package. After upgrade package is imported,engine will restart automatically .

List of added or modified signatures:
Added: 23156 Horde Framework Unserialize PHP Code Execution
Added: 23162 Rocket Servergraph Admin Center fileRequestor Remote Code Execution
Added: 23171 JIRA Issues Collector Directory Traversal
Added: 23170 SkyBlueCanvas 'index.php' Remote Code Execution
Added: 23169 Vtiger CRM Install Unauthenticated Remote Command Execution
Added: 23161 Visual Mining NetCharts Server Arbitrary File Upload Vulnerability
Added: 23168 Windows OLE Automation Array Remote Code Execution Vulnerability
Added: 23165 F5 iControl Remote Command Execution
Added: 30652 IE URL Property Information Disclosure
Added: 23158 Outlook Web Access trusted Domain bypass
Added: 23159 Microsoft Internet Explorer Remote Momery Corruption Vulnerabiliy(CVE-2014-6347)
Added: 23163 Yokogawa CS3000 BKFSim_vhfd.exe Buffer Overflow
Modified: 30570 Microsoft Remote Desktop Protocol RDP remote code execution vulnerability scan

发布时间:2014-11-20 16:58:44
名称: eoi.unify.rulepatch.5.6.7.472.rule 版本:5.6.7.472
MD5:0752fe9168a7a5a9981205a443424973 大小:9.77M
描述:

本升级包为入侵防护特征库升级包,仅支持在固件版本5.6.7.56/67,引擎版本5.6.7.93上升级。升级包为全量升级包。升级后固件版本和引擎版本不变,规则版本变为5.6.7.472。

该升级包新增/改进的规则有:
修改: 23144 ManageEngine OpManager / Social IT任意文件上传漏洞
修改: 23145 Wordpress InfusionSoft 插件上传漏洞

注意事项:
1. 该升级包升级后引擎自动重启生效,不会造成会话中断,但ping包会丢3~5个,请选择合适的时间升级。

NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.93.This is a total upgrade package. After upgrade package is imported,engine will restart automatically .

List of added or modified signatures:
Modified: 23144 ManageEngine OpManager / Social IT Arbitrary File Upload
Modified: 23145 Wordpress InfusionSoft Plugin Upload Vulnerability

发布时间:2014-11-13 17:12:05
名称: eoi.unify.rulepatch.5.6.7.471.rule 版本:5.6.7.471
MD5:a8069e2820a4f0b2a6aa1579327dfb7f 大小:9.95M
描述:

本升级包为入侵防护特征库升级包,仅支持在固件版本5.6.7.56/67,引擎版本5.6.7.93上升级。升级包为全量升级包。升级后固件版本和引擎版本不变,规则版本变为5.6.7.471。

该升级包新增/改进的规则有:
新增: 23148 Joomla Akeeba Kickstart反序化远程代码执行漏洞
新增: 23153 tnftp ftp客户端任意命令执行漏洞(CVE-2014-8517)

注意事项:
1. 该升级包升级后引擎自动重启生效,不会造成会话中断,但ping包会丢3~5个,请选择合适的时间升级。

NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.93.This is a total upgrade package. After upgrade package is imported,engine will restart automatically .

List of added or modified signatures:
Added: 23148 Joomla Akeeba Kickstart Unserialize Remote Code Execution
Added: 23153 tnftp ftp client arbitrary command execution vulnerability (CVE-2014-8517)

发布时间:2014-11-06 17:16:39
名称: eoi.unify.rulepatch.5.6.7.470.rule 版本:5.6.7.470
MD5:e0d51347de4cae891a5dcf16167d2acf 大小:9.77M
描述:

本升级包为入侵防护特征库升级包,仅支持在固件版本5.6.7.56/67,引擎版本5.6.7.93上升级。升级包为全量升级包。升级后固件版本和引擎版本不变,规则版本变为5.6.7.470。

该升级包新增/改进的规则有:
新增: 23132 Railo 远程文件包含漏洞
新增: 23143 Rejetto HTTP File Server 'ParserLib.pas'远程命令执行漏洞
新增: 23144 ManageEngine OpManager / Social IT任意文件上传漏洞
新增: 23145 Wordpress InfusionSoft 插件上传漏洞

注意事项:
1. 该升级包升级后引擎自动重启生效,不会造成会话中断,但ping包会丢3~5个,请选择合适的时间升级。

NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.93.This is a total upgrade package. After upgrade package is imported,engine will restart automatically .

List of added or modified signatures:
Added: 23132 Railo Remote File Include Vulnerability
Added: 23143 Rejetto HttpFileServer 'ParserLib.pas' Remote Command Execution
Added: 23144 ManageEngine OpManager / Social IT Arbitrary File Upload
Added: 23145 Wordpress InfusionSoft Plugin Upload Vulnerability

发布时间:2014-10-30 16:32:38
名称: eoi.unify.rulepatch.5.6.7.469.rule 版本:5.6.7.469
MD5:f59d68cdb54ec2c05c87be5f11eb9217 大小:9.77M
描述:

本升级包为入侵防护特征库升级包,仅支持在固件版本5.6.7.56/67,引擎版本5.6.7.91上升级。升级包为全量升级包。升级后固件版本和引擎版本不变,规则版本变为5.6.7.469。

该升级包新增/改进的规则有:
修改: 23056 Microsoft Internet Explorer 11释放后重利用漏洞(CVE-2014-1765)

注意事项:
1. 该升级包升级后引擎自动重启生效,不会造成会话中断,但ping包会丢3~5个,请选择合适的时间升级。

NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.85.This is a total upgrade package. After upgrade package is imported,engine will restart automatically .

List of added or modified signatures:
Modified: 23056 Microsoft Internet Explorer 11 UAF Vulnerability(CVE-2014-1765)

发布时间:2014-10-23 15:34:35
名称: eoi.unify.rulepatch.5.6.7.468.rule 版本:5.6.7.468
MD5:01d25a57e633371d5dbe147872d56f14 大小:9.77M
描述:

本升级包为入侵防护特征库升级包,仅支持在固件版本5.6.7.56/67,引擎版本5.6.7.85上升级。升级包为全量升级包。升级后固件版本和引擎版本不变,规则版本变为5.6.7.468。

该升级包新增/改进的规则有:
修改: 22796 Apache Struts远程代码执行漏洞(CVE-2013-2251)
修改: 30647 GNU Bash 环境变量远程命令执行漏洞(CVE-2014-6271)

注意事项:
1. 该升级包升级后引擎自动重启生效,不会造成会话中断,但ping包会丢3~5个,请选择合适的时间升级。

NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.85.This is a total upgrade package. After upgrade package is imported,engine will restart automatically .

List of added or modified signatures:
Modified: 22796 Apache Struts Remote Code Execution(CVE-2013-2251)
Modified: 30647 GNU Bash Environment Variables Remote Command Execution (CVE-2014-6271)

发布时间:2014-10-16 17:31:27
名称: eoi.unify.rulepatch.5.6.7.467.rule 版本:5.6.7.467
MD5:0a5964202e81b2492cd680d3e3f30bd2 大小:9.77M
描述:

本升级包为入侵防护特征库升级包,仅支持在固件版本5.6.7.56/67,引擎版本5.6.7.85上升级。升级包为全量升级包。升级后固件版本和引擎版本不变,规则版本变为5.6.7.467。

该升级包新增/改进的规则有:
新增: 23131 ManageEngine产品任意文件上传漏洞
新增: 23134 HP AutoPass许可证服务器文件上传漏洞

注意事项:
1. 该升级包升级后引擎自动重启生效,不会造成会话中断,但ping包会丢3~5个,请选择合适的时间升级。

NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.85.This is a total upgrade package. After upgrade package is imported,engine will restart automatically .

List of added or modified signatures:
Added: 23131 ManageEngine Desktop Central StatusUpdate Arbitrary File Upload
Added: 23134 HP AutoPass License Server File Upload

发布时间:2014-10-09 15:11:11
名称: eoi.unify.rulepatch.5.6.7.466.rule 版本:5.6.7.466
MD5:1bba6dd44b4be3626da16bde2d6487c6 大小:9.76M
描述:

本升级包为入侵防护特征库升级包,仅支持在固件版本5.6.7.56/67,引擎版本5.6.7.85上升级。升级包为全量升级包。升级后固件版本和引擎版本不变,规则版本变为5.6.7.466。

该升级包新增/改进的规则有:
修改: 30647 GNU Bash 环境变量远程命令执行漏洞(CVE-2014-6271)

注意事项:
1. 该升级包升级后引擎自动重启生效,不会造成会话中断,但ping包会丢3~5个,请选择合适的时间升级。

NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.85.This is a total upgrade package. After upgrade package is imported,engine will restart automatically .

List of added or modified signatures:
Modified: 30647 GNU Bash Environment Variables Remote Command Execution (CVE-2014-6271)

发布时间:2014-10-02 17:05:54
名称: eoi.unify.rulepatch.5.6.7.465.rule 版本:5.6.7.465
MD5:fdfb097c8db6271cb1fc36ff361179b2 大小:9.76M
描述:

本升级包为入侵防护特征库升级包,仅支持在固件版本5.6.7.56/67,引擎版本5.6.7.85上升级。升级包为全量升级包。升级后固件版本和引擎版本不变,规则版本变为5.6.7.465。

该升级包新增/改进的规则有:
新增: 30647 GNU Bash 环境变量远程命令执行漏洞(CVE-2014-6271)

注意事项:
1. 该升级包升级后引擎自动重启生效,不会造成会话中断,但ping包会丢3~5个,请选择合适的时间升级

NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.85.This is a total upgrade package. After upgrade package is imported,engine will restart automatically .

List of added or modified signatures:
Added: 30647 GNU Bash Environment Variables Remote Command Execution (CVE-2014-6271)

发布时间:2014-09-26 16:20:18
名称: eoi.unify.rulepatch.5.6.7.464.rule 版本:5.6.7.464
MD5:8717ffca6a0b2b82783629b850e50ae1 大小:9.76M
描述:

本升级包为入侵防护特征库升级包,仅支持在固件版本5.6.7.56/67,引擎版本5.6.7.85上升级。升级包为全量升级包。升级后固件版本和引擎版本不变,规则版本变为5.6.7.464。

该升级包新增/改进的规则有:
新增: 23123 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2014-4080)(MS14-052)
新增: 23124 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2014-4081)(MS14-052)
新增: 23125 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2014-4082)(MS14-052)
新增: 23126 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2014-4084)(MS14-052)
新增: 23127 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2014-4086)(MS14-052)
新增: 23128 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2014-4088)(MS14-052)
新增: 23129 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2014-4089)(MS14-052)
新增: 23130 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2014-4092)(MS14-052)
注意事项:
1. 该升级包升级后引擎自动重启生效,不会造成会话中断,但ping包会丢3~5个,请选择合适的时间升级。

NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.85.This is a total upgrade package. After upgrade package is imported,engine will restart automatically .

List of added or modified signatures:
Added: 23123 Microsoft Internet Explorer Remote Memory Corruption Vulnerability(CVE-2014-4080)(MS14-052)
Added: 23124 Microsoft Internet Explorer Remote Memory Corruption Vulnerability(CVE-2014-4081)(MS14-052)
Added: 23125 Microsoft Internet Explorer Remote Memory Corruption Vulnerability(CVE-2014-4082)(MS14-052)
Added: 23126 Microsoft Internet Explorer Remote Corruption Vulnerability(CVE-2014-4084)(MS14-052)
Added: 23127 Microsoft Internet Explorer Remote Corruption Vulnerability(CVE-2014-4086)(MS14-052)
Added: 23128 Microsoft Internet Explorer Remote Corruption Vulnerability(CVE-2014-4088)(MS14-052)
Added: 23129 Microsoft Internet Explorer Remote Memory Corruption Vulnerability(CVE-2014-4089)(MS14-052)
Added: 23130 Microsoft Internet Explorer Remote Memory Corruption Vulnerability(CVE-2014-4092)(MS14-052)

发布时间:2014-09-25 15:35:53
名称: eoi.unify.rulepatch.5.6.7.463.rule 版本:5.6.7.463
MD5:ff60cc5f1972f16dd54e6a7edbb957a8 大小:10.19M
描述:

本升级包为入侵防护特征库升级包,仅支持在固件版本5.6.7.56/67,引擎版本5.6.7.85上升级。升级包为全量升级包。升级后固件版本和引擎版本不变,规则版本变为5.6.7.463。

该升级包新增/改进的规则有:
新增: 23121 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2014-2799)(MS14-052)
新增: 23122 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2014-4065)(MS14-052)

注意事项:
1. 该升级包升级后引擎自动重启生效,不会造成会话中断,但ping包会丢3~5个,请选择合适的时间升级。

NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.85.This is a total upgrade package. After upgrade package is imported,engine will restart automatically .

List of added or modified signatures:
Added: 23121 Microsoft Internet Explorer Remote Memory Corruption Vulnerability(CVE-2014-2799)(MS14-052)
Added: 23122 Microsoft Internet Explorer Remote Memory Corruption Vulnerability(CVE-2014-4065)(MS14-052)

发布时间:2014-09-18 17:21:37
名称: eoi.unify.rulepatch.5.6.7.462.rule 版本:5.6.7.462
MD5:546e4a9bdef14ce8dfe1b7994b2936de 大小:10.18M
描述:

本升级包为入侵防护特征库升级包,仅支持在固件版本5.6.7.56/67,引擎版本5.6.7.85上升级。升级包为全量升级包。升级后固件版本和引擎版本不变,规则版本变为5.6.7.462。

该升级包新增/改进的规则有:
修改:21299 SelectElement远程代码执行漏洞
修改:20867 Novell Messenger Server 2.0 Accept-Language溢出漏洞

注意事项:
1. 该升级包升级后引擎自动重启生效,不会造成会话中断,但ping包会丢3~5个,请选择合适的时间升级。

NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.85.This is a total upgrade package. After upgrade package is imported,engine will restart automatically .

List of added or modified signatures:
Modified: 21299 SelectElement Remote Code Execution Vulnerability
Modified: 20867 Novell Messenger Server 2.0 Accept-Language Overflow

发布时间:2014-09-11 16:52:40
名称: eoi.unify.rulepatch.5.6.7.461.rule 版本:5.6.7.461
MD5:48fd394e310ec4213e3cc2a2d2dcb14e 大小:10.16M
描述:

本升级包为入侵防护特征库升级包,仅支持在固件版本5.6.7.56/67,引擎版本5.6.7.85上升级。升级包为全量升级包。升级后固件版本和引擎版本不变,规则版本变为5.6.7.461。

该升级包新增/改进的规则有:
修改:41033 木马后门程序Black Hole通信

注意事项:
1. 该升级包升级后引擎自动重启生效,不会造成会话中断,但ping包会丢3~5个,请选择合适的时间升级。

NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.85.This is a total upgrade package. After upgrade package is imported,engine will restart automatically .

List of added or modified signatures:
Modified: 41033 Backdoor/Trojan Black Hole Communication

发布时间:2014-09-04 15:36:56
名称: eoi.unify.rulepatch.5.6.7.460.rule 版本:5.6.7.460
MD5:1332339440cb9d76788c679ae5bcfb5f 大小:10.13M
描述:

本升级包为入侵防护特征库升级包,仅支持在固件版本5.6.7.56/67,引擎版本5.6.7.85上升级。升级包为全量升级包。升级后固件版本和引擎版本不变,规则版本变为5.6.7.460。

该升级包新增/改进的规则有:
新增: 23071 Microsoft Internet Explorer内存破坏漏洞(CVE-2014-4050)(MS14-051)
新增: 23072 Microsoft Internet Explorer内存破坏漏洞(CVE-2014-4063)(MS14-051)
新增: 23073 Microsoft Internet Explorer内存破坏漏洞(CVE-2014-4057)(MS14-051)

注意事项:
1. 该升级包升级后引擎自动重启生效,不会造成会话中断,但ping包会丢3~5个,请选择合适的时间升级。

NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.85.This is a total upgrade package. After upgrade package is imported,engine will restart automatically .

List of added or modified signatures:
Added: 23071 Microsoft Internet Explorer Memory Corruption Vulnerability(CVE-2014-4050)(MS14-051)
Added: 23072 Microsoft Internet Explorer Memory Corruption Vulnerability(CVE-2014-4063)(MS14-051)
Added: 23073 Microsoft Internet Explorer Memory corruption Vulnerability(CVE-2014-4057)(MS14-051)

发布时间:2014-08-28 18:12:19
名称: eoi.unify.rulepatch.5.6.7.459.rule 版本:5.6.7.459
MD5:f754bf6196fe0505c16db98d6cee79d7 大小:10.11M
描述:

本升级包为入侵防护特征库升级包,仅支持在固件版本5.6.7.56/67,引擎版本5.6.7.85上升级。升级包为全量升级包。升级后固件版本和引擎版本不变,规则版本变为5.6.7.459。

该升级包新增/改进的规则有:
新增:23068 Microsoft Internet Explorer内存破坏漏洞(CVE-2014-2820)(MS14-051)
新增:23069 Microsoft Internet Explorer内存破坏漏洞(CVE-2014-2823)(MS14-051)
新增:23070 Microsoft Internet Explorer内存破坏漏洞(CVE-2014-2824)(MS14-051)

注意事项:
1. 该升级包升级后引擎自动重启生效,不会造成会话中断,但ping包会丢3~5个,请选择合适的时间升级。

NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.85.This is a total upgrade package. After upgrade package is imported,engine will restart automatically .

List of added or modified signatures:
Add: 23068 Microsoft Internet Explorer Memory Corruption vulnerability (CVE-2014-2820)(MS14-051)
Add: 23069 Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2014-2823)(MS14-051)
Add: 23070 Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2014-2824)(MS14-051)

发布时间:2014-08-21 16:39:46
名称: eoi.unify.rulepatch.5.6.7.458.rule 版本:5.6.7.458
MD5:4d727e0d5c6de830a345e1dbdc8a940a 大小:10.11M
描述:

本升级包为入侵防护特征库升级包,仅支持在固件版本5.6.7.56/67,引擎版本5.6.7.85上升级。升级包为全量升级包。升级后固件版本和引擎版本不变,规则版本变为5.6.7.458。

该升级包新增/改进的规则有:
修改:70003 非默认端口上发现已知协议



注意事项:
1. 该升级包升级后引擎自动重启生效,不会造成会话中断,但ping包会丢3~5个,请选择合适的时间升级。

NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.85.This is a total upgrade package. After upgrade package is imported,engine will restart automatically .

List of added or modified signatures:
Modified:70003 Known Protocol on Non-default Port

发布时间:2014-08-14 18:03:02
名称: eoi.unify.rulepatch.5.6.7.457.rule 版本:5.6.7.457
MD5:4c9299592df177bf555266b681309373 大小:10.11M
描述:

本升级包为入侵防护特征库升级包,仅支持在固件版本5.6.7.56/67,引擎版本5.6.7.85上升级。升级包为全量升级包。升级后固件版本和引擎版本不变,规则版本变为5.6.7.457。

该升级包新增/改进的规则有:
修改:22985 HP Storage Data 备份客户端服务远程代码执行



注意事项:
1. 该升级包升级后引擎自动重启生效,不会造成会话中断,但ping包会丢3~5个,请选择合适的时间升级。

NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.85.This is a total upgrade package. After upgrade package is imported,engine will restart automatically .

List of added or modified signatures:
Modified:22985 HP Data Protector Backup Client Service Remote Code Execution

发布时间:2014-08-07 18:31:01
名称: eoi.unify.rulepatch.5.6.7.456.rule 版本:5.6.7.456
MD5:f4dd1661366af7979e23b34a39f921a5 大小:10.10M
描述:

本升级包为入侵防护特征库升级包,仅支持在固件版本5.6.7.56/67,引擎版本5.6.7.85上升级。升级包为全量升级包。升级后固件版本和引擎版本不变,规则版本变为5.6.7.456。

该升级包新增/改进的规则有:
修改:23048 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2014-1785)(MS14-035)



注意事项:
1. 该升级包升级后引擎自动重启生效,不会造成会话中断,但ping包会丢3~5个,请选择合适的时间升级。

NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.85.This is a total upgrade package. After upgrade package is imported,engine will restart automatically .

List of added or modified signatures:
Modified:23048 Microsoft Internet Explorer Memory Corruption(CVE-2014-1785)(MS14-035)

发布时间:2014-07-31 14:45:57
名称: eoi.unify.rulepatch.5.6.7.455.rule 版本:5.6.7.455
MD5:f4d1c477189b7872d222694d62cdd2ca 大小:10.10M
描述:

本升级包为入侵防护特征库升级包,仅支持在固件版本5.6.7.56/67,引擎版本5.6.7.85上升级。升级包为全量升级包。升级后固件版本和引擎版本不变,规则版本变为5.6.7.455。

该升级包新增/改进的规则有:
修改:50270 SMTP发邮件



注意事项:
1. 该升级包升级后引擎自动重启生效,不会造成会话中断,但ping包会丢3~5个,请选择合适的时间升级。

NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.85.This is a total upgrade package. After upgrade package is imported,engine will restart automatically .

List of added or modified signatures:
Modified: 50270 SMTP Send Mail

发布时间:2014-07-24 16:57:58
名称: eoi.unify.rulepatch.5.6.7.454.rule 版本:5.6.7.454
MD5:3740bab858ed9a01306cd86404be1a25 大小:10.10M
描述:

本升级包为入侵防护特征库升级包,仅支持在固件版本5.6.7.56/67,引擎版本5.6.7.85上升级。升级包为全量升级包。升级后固件版本和引擎版本不变,规则版本变为5.6.7.454。

该升级包新增/改进的规则有:
新增:23056 Microsoft Internet Explorer 11释放后重利用漏洞(CVE-2014-1765)
新增:23058 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2014-2797)
新增:23060 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2014-2804)
新增:23061 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2014-2801)



注意事项:
1. 该升级包升级后引擎自动重启生效,不会造成会话中断,但ping包会丢3~5个,请选择合适的时间升级。

NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.85.This is a total upgrade package. After upgrade package is imported,engine will restart automatically .

List of added or modified signatures:
Add: 23056 Microsoft Internet Explorer 11 UAF Vulnerability(CVE-2014-1765)
Add: 23058 Microsoft Internet Explorer Memory Corruption(CVE-2014-2797)
Add: 23060 Microsoft Internet Explorer Memory Corruption(CVE-2014-2804)
Add: 23061 Microsoft Internet Explorer Memory Corruption(CVE-2014-2801)

发布时间:2014-07-17 19:11:29
名称: eoi.unify.rulepatch.5.6.7.453.rule 版本:5.6.7.453
MD5:a17cc13f559e404933afa4f6a55cf1cf 大小:10.10M
描述:

本升级包为入侵防护特征库升级包,仅支持在固件版本5.6.7.56/67,引擎版本5.6.7.85上升级。升级包为全量升级包。升级后固件版本和引擎版本不变,规则版本变为5.6.7.453。

该升级包新增/改进的规则有:
修改:22796 Apache Struts远程代码执行漏洞(CVE-2013-2251)



注意事项:
1. 该升级包升级后引擎自动重启生效,不会造成会话中断,但ping包会丢3~5个,请选择合适的时间升级。

NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.85.This is a total upgrade package. After upgrade package is imported,engine will restart automatically .

List of added or modified signatures:
Modified: 22796 Apache Struts Remote Code Execution(CVE-2013-2251)

发布时间:2014-07-10 14:22:39
名称: eoi.unify.rulepatch.5.6.7.452.rule 版本:5.6.7.452
MD5:842852fe8b8ebf7b7194b2ebcc7d35ff 大小:10.10M
描述:

本升级包为入侵防护特征库升级包,仅支持在固件版本5.6.7.56/67,引擎版本5.6.7.85上升级。升级包为全量升级包。升级后固件版本和引擎版本不变,规则版本变为5.6.7.452。

该升级包新增/改进的规则有:
新增:23055 DISCUZ 7系列faq.php SQL注入漏洞



注意事项:
1. 该升级包升级后引擎自动重启生效,不会造成会话中断,但ping包会丢3~5个,请选择合适的时间升级。

NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.85.This is a total upgrade package. After upgrade package is imported,engine will restart automatically .

List of added or modified signatures:
Added: 23055 DISCUZ 7 faq.php SQL Injection Vulnerability

发布时间:2014-07-04 11:02:00
名称: eoi.unify.rulepatch.5.6.7.450.rule 版本:5.6.7.450
MD5:c1f8748dab8bd59a960bfaa77a3072bb 大小:10.10M
描述:

本升级包为入侵防护特征库升级包,仅支持在固件版本5.6.7.56/67,引擎版本5.6.7.84上升级。升级包为全量升级包。升级后固件版本和引擎版本不变,规则版本变为5.6.7.450。

该升级包新增/改进的规则有:
修改:41033 木马后门程序Black Hole通信


注意事项:
1. 该升级包升级后引擎自动重启生效,不会造成会话中断,但ping包会丢3~5个,请选择合适的时间升级。

NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.84.This is a total upgrade package. After upgrade package is imported,engine will restart automatically .

List of added or modified signatures:
Modified: 41033 Backdoor/Trojan Black Hole Communication

发布时间:2014-06-26 15:25:06
名称: eoi.unify.rulepatch.5.6.7.449.rule 版本:5.6.7.449
MD5:7e6f3ef83281a95bcf47a2d7f94f06c2 大小:10.09M
描述:

本升级包为入侵防护特征库升级包,仅支持在固件版本5.6.7.56/67,引擎版本5.6.7.84上升级。升级包为全量升级包。升级后固件版本和引擎版本不变,规则版本变为5.6.7.449。

该升级包新增/改进的规则有:
新增:23045 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2014-1762)(MS14-035)
新增:23043 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2014-1805)(MS14-035)
新增:23050 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2014-1795)(MS14-035)
新增:23048 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2014-1785)(MS14-035)
新增:23052 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2014-1800)(MS14-035)
新增:23044 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2014-0282)(MS14-035)
新增:23046 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2014-1766)(MS14-035)
新增:23047 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2014-1772)(MS14-035)
新增:23051 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2014-1797)(MS14-035)
新增:23049 Microsoft Internet Explorer远程内存破坏(CVE-2014-1791)
新增:23042 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2014-1804)(MS14-035)
新增:23053 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2014-1802)(MS14-035)
新增:23054 Microsoft Internet Explorer远程内存破坏漏洞(CVE-2014-1789)(MS14-035)

注意事项:
1. 该升级包升级后引擎自动重启生效,不会造成会话中断,但ping包会丢3~5个,请选择合适的时间升级。


NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.84.This is a total upgrade package. After upgrade package is imported,engine will restart automatically .

List of added or modified signatures:
Added:23045 Microsoft Internet Explorer Memory Corruption(CVE-2014-1762)(MS14-035)
Added:23043 Microsoft Internet Explorer Memory Corruption(CVE-2014-1805)(MS14-035)
Added:23050 Microsoft Internet Explorer Memory Corruption(CVE-2014-1795)(MS14-035)
Added:23048 Microsoft Internet Explorer Memory Corruption(CVE-2014-1785)(MS14-035)
Added:23052 Microsoft Internet Explorer Memory Corruption(CVE-2014-1800)(MS14-035)
Added:23044 Microsoft Internet Explorer Memory Corruption(CVE-2014-0282)(MS14-035)
Added:23046 Microsoft Internet Explorer Memory Corruption(CVE-2014-1766)(MS14-035)
Added:23047 Microsoft Internet Explorer Memory Corruption(CVE-2014-1772)(MS14-035)
Added:23051 Microsoft Internet Explorer Memory Corruption(CVE-2014-1797)(MS14-035)
Added:23049 Microsoft Internet Explorer Memory Corruption(CVE-2014-1791)
Added:23042 Microsoft Internet Explorer Memory Corruption(CVE-2014-1804)(MS14-035)
Added:23053 Microsoft Internet Explorer Memory Corruption(CVE-2014-1802)(MS14-035)
Added:23054 Microsoft Internet Explorer Memory Corruption(CVE-2014-1789)(MS14-035)

发布时间:2014-06-19 16:13:48
名称: eoi.unify.rulepatch.5.6.7.448.rule 版本:5.6.7.448
MD5:332bf55cf8bf26553e5409044245ba48 大小:10.28M
描述:

本升级包为入侵防护特征库升级包,仅支持在固件版本5.6.7.56/67,引擎版本5.6.7.84上升级。升级包为全量升级包。升级后固件版本和引擎版本不变,规则版本变为5.6.7.448。

该升级包新增/改进的规则有:
添加:23031 OpenSSL DTLS无效片段漏洞 (CVE-2014-0195)

注意事项:
1. 该升级包升级后引擎自动重启生效,不会造成会话中断,但ping包会丢3~5个,请选择合适的时间升级。

NSFOCUS NIDS/NIPS product signature upgrade package, depends on engine v5.6.7.84.This is a total upgrade package. After upgrade package is imported,engine will restart automatically .

List of added or modified signatures:
Added:23031 OpenSSL DTLS Invaild Fragment Vulnerability (CVE-2014-0195)

发布时间:2014-06-13 09:27:41
名称: eoi.unify.rulepatch.5.6.7.446.rule 版本:5.6.7.446
MD5:72132821fd3c02a21aad3bfb890ea2e3 大小:10.20M
描述:


绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.79,升级包导入后引擎会自动重启。

规则新增或更新列表:

修改:22264 Apache Struts2 XWork绕过安全限制执行任意命令攻击

NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.79.After upgrade package is imported,engine will automatically restart.

List of added or modified signatures:

modified: 22264 Apache Struts2 XWork Bypass Security Restrictions To Execute Arbitrary Commands Attack

发布时间:2014-06-05 16:49:48
名称: eoi.unify.rulepatch.5.6.7.445.rule 版本:5.6.7.445
MD5:e5a78a1e05684801aca6b30e3987be57 大小:10.02M
描述:


绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.79,升级包导入后引擎会自动重启。

规则新增或更新列表:

新增:23010 ELASTICSEARCH远程代码执行漏洞
修改:29002 Web服务远程跨站脚本执行攻击

NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.79.After upgrade package is imported,engine will automatically restart.

List of added or modified signatures:

Added:23010 ELASTICSEARCH Remote Code Execution Vulnerability
Modified:29002 Web Service Remote Cross-Site Scripting

发布时间:2014-05-29 16:17:06
名称: eoi.unify.rulepatch.5.6.7.444.rule 版本:5.6.7.444
MD5:bd2d9bfedb0533ebfb75df4329c4ecbe 大小:10.01M
描述:


绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.79,升级包导入后引擎会自动重启。

规则新增或更新列表:

新增: 23007 Microsoft SharePoint跨站脚本漏洞(CVE-2014-1754)(MS14-022)
新增: 23006 Microsoft Internet Explorer内存破坏漏洞(CVE-2014-0310)(MS14-029)
新增: 23008 Microsoft Internet Explorer内存破坏漏洞(CVE-2014-1815)(MS14-029)


NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.79.After upgrade package is imported,engine will automatically restart.

List of added or modified signatures:

Added: 23007 Microsoft SharePoint XSS(CVE-2014-1754)(MS14-022)
Added: 23006 Microsoft Internet Explorer Memory Corruption(CVE-2014-0310)(MS14-029)
Added: 23008 Microsoft Internet Explorer Memory Corruption(CVE-2014-1815)(MS14-029)

发布时间:2014-05-22 15:27:22
名称: eoi.unify.rulepatch.5.6.7.443.rule 版本:5.6.7.443
MD5:1a3681559d1d2285fd72b23ac86f70f5 大小:10.01M
描述:


绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.79,升级包导入后引擎会自动重启。

规则新增或更新列表:

新增: 23005 POP3S 服务暴力猜测用户口令
修改: 23004 Microsoft Internet Explorer远程代码执行漏洞(CVE-2014-1776)
修改: 20986 Microsoft IIS 6.0 WebDAV远程绕过认证攻击

NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.79.After upgrade package is imported,engine will automatically restart.

List of added or modified signatures:

Added: 23005 POP3S Service User Password Brute Forcce
Modified: 23004 Microsoft Internet Explorer Remote Code Execution 0day(CVE-2014-1776)
Modified: 20986 Microsoft IIS 6.0 WebDAV Remote Authentication Bypass Attack

发布时间:2014-05-15 17:40:39
名称: eoi.unify.rulepatch.5.6.7.442.rule 版本:5.6.7.442
MD5:ffd94802eb8c32cfbd924590e49c827d 大小:9.96M
描述:


绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.79,升级包导入后引擎会自动重启。

规则新增或更新列表:

修改: 40402 Web服务访问/etc/passwd文件
修改: 51340 JBoss企业应用平台非授权访问漏洞

NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.79.After upgrade package is imported,engine will automatically restart.

List of added or modified signatures:

Modified: 40402 Access to File /etc/passwd via Web Service
Modified: 51340 JBoss Enterprise Application Platform Unauthorized Access Vulnerability

发布时间:2014-05-08 15:22:28
名称: eoi.unify.rulepatch.5.6.7.441.rule 版本:5.6.7.441
MD5:054b96431945f2810561948c76fc3b7e 大小:10.14M
描述:


绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.79,升级包导入后引擎会自动重启。

规则新增或更新列表:

新增: 23004 Microsoft Internet Explorer远程代码执行0day漏洞(CVE-2014-1776)

NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.79.After upgrade package is imported,engine will automatically restart.

List of added or modified signatures:

added: 23004 Microsoft Internet Explorer Remote Code Execution 0day(CVE-2014-1776)

发布时间:2014-04-28 17:49:30
名称: eoi.unify.rulepatch.5.6.7.439.rule 版本:5.6.7.439
MD5:705e5429c8d245486d320ee6bbcee68a 大小:10.13M
描述:


绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.79,升级包导入后引擎会自动重启。


规则新增或更新列表:

新增: 23002 Apache Struts2 (CVE-2014-0094)(S2-020)漏洞修补绕过

NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.79.After upgrade package is imported,engine will automatically restart.

List of added or modified signatures:

added: 23002 Apache Struts2 (CVE-2014-0094)(S2-020) Vulnerability Repair Bypass

发布时间:2014-04-24 18:20:35
名称: eoi.unify.rulepatch.5.6.7.437.rule 版本:5.6.7.437
MD5:dd6de84f8492dad6fe58dfaa211377fe 大小:9.95M
描述:


绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.79,升级包导入后引擎会自动重启。


规则新增或更新列表:
新增: 22998 Microsoft Internet Explorer内存破坏漏洞(CVE-2014-1751) (MS14-018)
新增: 22999 Microsoft Internet Explorer内存破坏漏洞(CVE-2014-1752) (MS14-018)
新增: 23000 Microsoft Internet Explorer内存破坏漏洞(CVE-2014-1753) (MS14-018)
新增: 23001 Microsoft Internet Explorer内存破坏漏洞(CVE-2014-1755) (MS14-018)
新增: 30633 OpenSSL TLS心跳扩展协议包远程信息泄露漏洞 (CVE-2014-0160)
修改: 50102 即时通信工具QQ访问游戏平台通信


绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.79,升级包导入后引擎会自动重启。


规则新增或更新列表:
新增: 22998 Microsoft Internet Explorer内存破坏漏洞(CVE-2014-1751) (MS14-018)
新增: 22999 Microsoft Internet Explorer内存破坏漏洞(CVE-2014-1752) (MS14-018)
新增: 23000 Microsoft Internet Explorer内存破坏漏洞(CVE-2014-1753) (MS14-018)
新增: 23001 Microsoft Internet Explorer内存破坏漏洞(CVE-2014-1755) (MS14-018)
新增: 30633 OpenSSL TLS心跳扩展协议包远程信息泄露漏洞 (CVE-2014-0160)
修改: 50102 即时通信工具QQ访问游戏平台通信

发布时间:2014-04-17 15:23:12
名称: eoi.unify.rulepatch.5.6.7.436.rule 版本:5.6.7.436
MD5:9d5bb4144f52e83f0b8071b6437ffa07 大小:10.15M
描述:


绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.78,升级包导入后引擎会自动重启。


规则新增或更新列表:
新增: 30633 OpenSSL远程信息泄漏(CVE-2014-0160)
修改: 50043 POP3服务用户登录认证成功

NSFOCUS NIDS/NIPS product signature update package, depends on engin 5.6.7.78.After upgrade package is imported,engine will automatically restart.


List of added or modified signatures:
Added: 30633 OpenSSL Remote Information Disclosure(CVE-2014-0160)
Modified: 50043 POP3 Service User Login Authentication Success

发布时间:2014-04-09 09:34:44
名称: eoi.unify.rulepatch.5.6.7.434.rule 版本:5.6.7.434
MD5:f591dc0cb13c97fea9c32e405b205d1a 大小:9.92M
描述:


绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.78,升级包导入后引擎会自动重启。


规则新增或更新列表:
新增: 22996 SolidWorks Workgroup PDM 2014 pdmwService.exe任意文件写入
新增: 22997 多个Generel Electric产品'gefebt.exe' Shell上传漏洞
新增: 22994 kloxo sql 注入及远程代码执行
新增: 22995 Symantec Endpoint Protection Manager 远程代码执行
新增: 22993 Microsoft Word RTF文件解析错误代码执行漏洞(CVE-2014-1761)
新增: 22991 MantisBT管理 SQL注入任意文件读取
修改: 29001 Web服务远程SQL注入攻击可疑行为
修改: 50074 即时通信工具ICQ用户登录

NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.78.After upgrade package is imported,engine will automatically restart.


List of added or modified signatures:
Added: 22996 SolidWorks Workgroup PDM 2014 pdmwService.exe Arbitrary File Write
Added: 22997 Multiple Generel Electric products'gefebt.exe'Shell upload vulnerability
Added: 22994 Kloxo SQL Injection and Remote Code Execution
Added: 22995 Symantec Endpoint Protection Manager Remote Command Execution
Added: 22993 Microsoft Word RTF File Parase Error Code Execution(CVE-2014-1761)
Added: 22991 MantisBT Admin SQL Injection Arbitrary File Read
Modified: 29001 Web Service Remote SQL Injection Suspicious Behavior
Modified: 50074 Instant Messaging Tool ICQ User Login

发布时间:2014-04-03 18:17:29
名称: eoi.unify.rulepatch.5.6.7.433.rule 版本:5.6.7.433
MD5:3e696c9cd4084aa6c3eef0fafe9eaeb4 大小:10.13M
描述:

绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.78,升级包导入后引擎会自动重启。


规则新增或更新列表:
新增: 22985 HP Storage Data 备份客户端服务远程代码执行(CVE-2013-2347)
新增: 10366 APACHE COMMONS FILEUPLOAD组件DOS漏洞(CVE-2014-0050)
新增: 22993 Microsoft Word RTF文件解析错误代码执行漏洞(CVE-2014-1761)

NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.78.After upgrade package is imported,engine will automatically restart.

List of added or modified signatures:
Added: 22985 HP Data Protector Backup Client Service Remote Code Execution(CVE-2013-2347)
Added: 10366 APACHE COMMONS FILEUPLOAD Module DOS Vulnerability(CVE-2014-0050)
Added: 22993 Microsoft Word RTF File Parase Error Code Execution(CVE-2014-1761)

发布时间:2014-03-26 17:22:53
名称: eoi.unify.rulepatch.5.6.7.431.rule 版本:5.6.7.431
MD5:ed401da59b7897ec51c010929eb7af69 大小:10.17M
描述:

绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.78,升级包导入后引擎会自动重启。


规则新增或更新列表:
修改: 30571 JWPlayer远程跨站脚本执行漏洞

NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.78.After upgrade package is imported,engine will automatically restart.

List of added or modified signatures:
Modified: 30571 JWPlayer Remote Cross-Site Scripting Vulnerability

发布时间:2014-03-20 17:19:36
名称: eoi.unify.rulepatch.5.6.7.430.rule 版本:5.6.7.430
MD5:b269fa309729c0de9a7f3fa550e49c6d 大小:10.17M
描述:

绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.78,升级包导入后引擎会自动重启。


规则新增或更新列表:
新增: 22968 DEDECMS /INCLUDE/UPLOADSAFE.PHP SQL注入漏洞
新增: 22969 DEDECMS BUY_ACTION.PHP文件SQL注入漏洞(S2-017)
新增: 22970 Microsoft Internet Explorer内存破坏漏洞(CVE-2014-0305)(MS14-012)
新增: 22971 Microsoft Internet Explorer内存破坏漏洞(CVE-2014-0313)(MS14-012)

NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.78.After upgrade package is imported,engine will automatically restart.

List of added or modified signatures:
Added: 22968 DEDECMS /INCLUDE/UPLOADSAFE.PHP SQL Injection Vulnerability
Added: 22969 DEDECMS BUY_ACTION.PHP File SQL Injection Vulnerability(S2-017)
Added: 22970 Microsoft Internet Explorer Memory Corruption(CVE-2014-0305)(MS14-012)
Added: 22971 Microsoft Internet Explorer Memory Corruption(CVE-2014-0313)(MS14-012)

发布时间:2014-03-13 19:13:08
名称: eoi.unify.rulepatch.5.6.7.429.rule 版本:5.6.7.429
MD5:2239029f2d2932f6e7f8bebf388719be 大小:10.14M
描述:

绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.78,升级包导入后引擎会自动重启。


规则新增或更新列表:
新增: 22966 Oracle Forms/Reports预验证口令泄露漏洞
新增: 22967 Linksys多款路由器tmUnblock.cgi ttcp_ip参数远程命令执行漏洞

NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.78.After upgrade package is imported,engine will automatically restart.

List of added or modified signatures:
Added: 22966 Oracle Forms/Reports Credentials Disclosure Vulnerability
Added: 22967 Linksys router tmUnblock.cgi ttcp_ip variety of parameters Remote Command Execution Vulnerability

发布时间:2014-03-07 17:19:21
名称: eoi.unify.rulepatch.5.6.7.428.rule 版本:5.6.7.428
MD5:9be166f675c42bf97889d74436a704b3 大小:10.15M
描述:

绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.78,升级包导入后引擎会自动重启。


规则新增或更新列表:
修改: 22871 Microsoft Internet Explorer内存破坏漏洞(CVE-2013-3873)(MS13-080)
修改: 22877 Microsoft Internet Explorer内存破坏漏洞(CVE-2013-3886)(MS13-080)

NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.78.After upgrade package is imported,engine will automatically restart.


List of added or modified signatures:
Modified: 22871 Microsoft Internet Explorer Memory Corruption (CVE-2013-3873)(MS13-080)
Modified: 22877 Microsoft Internet Explorer Memory Corruption (CVE-2013-3886)(MS13-080)

发布时间:2014-02-27 17:29:18
名称: eoi.unify.rulepatch.5.6.7.427.rule 版本:5.6.7.427
MD5:8eb72664addd0e3f16083d1cd2ae995d 大小:10.15M
描述:

绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.78,升级包导入后引擎会自动重启。


规则新增或更新列表:
新增:22946 Microsoft Internet Explorer内存破坏漏洞(CVE-2014-0277)(MS14-010)
新增:22947 Microsoft Internet Explorer内存破坏漏洞(CVE-2014-0290)(MS14-010)
新增:22948 Microsoft Internet Explorer内存破坏漏洞(CVE-2014-0274)(MS14-010)
新增:22949 Microsoft Internet Explorer内存破坏漏洞(CVE-2014-0275)(MS14-010)
新增:22951 Microsoft VBScript 远程代码执行漏洞(CVE-2014-0271)(MS14-010)
新增:22952 Microsoft Internet Explorer内存破坏漏洞(CVE-2014-0276)(MS14-010)
新增:22954 Microsoft Internet Explorer内存破坏漏洞(CVE-2014-0273)(MS14-010)
新增:22955 Microsoft Internet Explorer内存破坏漏洞(CVE-2014-0283)(MS14-010)
新增:22956 Microsoft Internet Explorer内存破坏漏洞(CVE-2014-0284)(MS14-010)
新增:22957 Microsoft Internet Explorer内存破坏漏洞(CVE-2014-0285)(MS14-010)
新增:22958 Microsoft Internet Explorer内存破坏漏洞(CVE-2014-0287)(MS14-010)
新增:22959 Microsoft Internet Explorer内存破坏漏洞(CVE-2014-0288)(MS14-010)
新增:22960 Microsoft Internet Explorer内存破坏漏洞(CVE-2014-0289)(MS14-010)
新增:22961 Microsoft Internet Explorer内存破坏漏洞(CVE-2014-0286)(MS14-010)
新增:22962 Microsoft Internet Explorer内存破坏漏洞(CVE-2014-0278)(MS14-010)
新增:22963 Microsoft Internet Explorer内存破坏漏洞(CVE-2014-0279)(MS14-010)
新增:22964 Microsoft Internet Explorer内存破坏漏洞(CVE-2014-0281)(MS14-010)
新增:22965 Microsoft Internet Explorer内存破坏漏洞(CVE-2014-0322)
新增:30630 Microsoft XML Core Services信息泄露漏洞(CVE-2014-0266)(MS14-005)

NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.78.After upgrade package is imported,engine will automatically restart.


List of added or modified signatures:
added:22946 Microsoft Internet Explorer Memory Corruption(CVE-2014-0277)(MS14-010)
added:22947 Microsoft Internet Explorer Memory Corruption(CVE-2014-0290)(MS14-010)
added:22948 Microsoft Internet Explorer Memory Corruption(CVE-2014-0274)(MS14-010)
added:22949 Microsoft Internet Explorer Memory Corruption(CVE-2014-0275)(MS14-010)
added:22951 Microsoft VBScript Remote Code Execution(CVE-2014-0271)(MS14-010)
added:22952 Microsoft Internet Explorer Memory Corruption(CVE-2014-0276)(MS14-010)
added:22954 Microsoft Internet Explorer Memory Corruption(CVE-2014-0273)(MS14-010)
added:22955 Microsoft Internet Explorer Memory Corruption(CVE-2014-0283)(MS14-010)
added:22956 Microsoft Internet Explorer Memory Corruption(CVE-2014-0284)(MS14-010)
added:22957 Microsoft Internet Explorer Memory Corruption(CVE-2014-0285)(MS14-010)
added:22958 Microsoft Internet Explorer Memory Corruption(CVE-2014-0287)(MS14-010)
added:22959 Microsoft Internet Explorer Memory Corruption(CVE-2014-0288)(MS14-010)
added:22960 Microsoft Internet Explorer Memory Corruption(CVE-2014-0289)(MS14-010)
added:22961 Microsoft Internet Explorer Memory Corruption(CVE-2014-0286)(MS14-010)
added:22962 Microsoft Internet Explorer Memory Corruption(CVE-2014-0278)(MS14-010)
added:22963 Microsoft Internet Explorer Memory Corruption(CVE-2014-0279)(MS14-010)
added:22964 Microsoft Internet Explorer Memory Corruption(CVE-2014-0281)(MS14-010)
added:22965 Microsoft Internet Explorer Memory Corruption(CVE-2014-0322)
added:30630 Microsoft XML Core Services Information Disclosure(CVE-2014-0266)(MS14-005)

发布时间:2014-02-17 18:32:09
名称: eoi.unify.rulepatch.5.6.7.426.rule 版本:5.6.7.426
MD5:4317247be258354aa8f1d6c0f958ca87 大小:9.96M
描述:

绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.78,升级包导入后引擎会自动重启。


规则新增或更新列表:
修改: 22328 Intersil (Boa) HTTPd基本认证密码重置漏洞

NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.78.After upgrade package is imported,engine will automatically restart.


List of added or modified signatures:
Modified: 22328 Intersil (Boa) HTTPd Basic Authentication Password Reset Vulnerability

发布时间:2014-02-13 16:52:06
名称: eoi.unify.rulepatch.5.6.7.425.rule 版本:5.6.7.425
MD5:9468ac0fd192720bb50015b908f3357a 大小:9.97M
描述:


绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.78,升级包导入后引擎会自动重启。


规则新增或更新列表:
新增: 22942 IBM Forms Viewer Unicode缓冲区溢出

NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.78.After upgrade package is imported,engine will automatically restart.


List of added or modified signatures:
Added: 22942 IBM Forms Viewer Unicode Buffer Overflow

发布时间:2014-02-06 21:13:15
名称: eoi.unify.rulepatch.5.6.7.424.rule 版本:5.6.7.424
MD5:f8e1e9e9735db5255d8a10fff2871476 大小:9.97M
描述:


绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.78,升级包导入后引擎会自动重启。


规则新增或更新列表:
新增: 22943 vTiger CRM SOAP AddEmailAttachment二进制文件上传

NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.78.After upgrade package is imported,engine will automatically restart.


List of added or modified signatures:
Added: 22943 vTiger CRM SOAP AddEmailAttachment Arbitrary File Upload

发布时间:2014-01-30 12:06:33
名称: eoi.unify.rulepatch.5.6.7.423.rule 版本:5.6.7.423
MD5:2da2247f51360bfea438bc23b10069cd 大小:9.97M
描述:

绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.78,升级包导入后引擎会自动重启。


规则新增或更新列表:
新增: 22945 IcoFX栈缓冲区溢出

NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.78.After upgrade package is imported,engine will automatically restart.


List of added or modified signatures:
Added: 22945 IcoFX Stack Buffer Overflow

发布时间:2014-01-23 17:56:15
名称: eoi.unify.rulepatch.5.6.7.422.rule 版本:5.6.7.422
MD5:a98fbe011ae797be27d057fdabaaf04a 大小:10.13M
描述:


绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.78,升级包导入后引擎会自动重启。


规则新增或更新列表:
修改: 22525 Microsoft MPEG Layer-3 Audio Stack Based溢出漏洞

NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.78.After upgrade package is imported,engine will automatically restart.


List of added or modified signatures:
Modified: 22525 Microsoft MPEG Layer-3 Audio Stack Based Overflow Vulnerability

发布时间:2014-01-16 17:15:18
名称: eoi.unify.rulepatch.5.6.7.421.rule 版本:5.6.7.421
MD5:b4e1133ae0022a32cc3f5405ecb07ee7 大小:10.13M
描述:

绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.78,升级包导入后引擎会自动重启。


规则新增或更新列表:
修改: 50083 Windows系统远程管理工具终端服务用户登录

NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.78.After upgrade package is imported,engine will automatically restart.


List of added or modified signatures:
Modified: 50083 Windows Remote Management Tool Terminal Service User Login

发布时间:2014-01-09 17:20:02
名称: eoi.unify.rulepatch.5.6.7.420.rule 版本:5.6.7.420
MD5:1a0e2e6e9aebd21234949e7ae596e119 大小:10.12M
描述:


绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.78,升级包导入后引擎会自动重启。


规则新增或更新列表:

修改: 20802 IMAP服务器SUBSCRIBE命令超长参数远程缓冲区溢出攻击

NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.78.After upgrade package is imported,engine will automatically restart.


List of added or modified signatures:

Modified: 20802 IMAP Server SUBSCRIBE Command Over-Long Parameter Remote Buffer Overflow

发布时间:2014-01-02 17:59:58
名称: eoi.unify.rulepatch.5.6.7.419.rule 版本:5.6.7.419
MD5:734f4fb50d51c3378ad6b7da0eb32110 大小:7.78M
描述:

绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.78,升级包导入后引擎会自动重启。


规则新增或更新列表:
新增: 22937 木马后门程序Alman Dropper通信
新增: 22931 Oracle Application Server BPEL Module跨站脚本攻击
新增: 22932 Microsoft Windows远程安装服务远程任意指令执行漏洞
新增: 22936 JBoss企业应用平台非授权访问漏洞
新增: 22616 Symantec Messaging Gateway任意文件下载漏洞
修改: 50099 网络游戏平台中国游戏中心登录

NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.78.After upgrade package is imported,engine will automatically restart.


List of added or modified signatures:
Added: 22937 Trojan backdoor Alman Dropper communication
Added: 22931 HTTP:Oracle Application Server BPEL Module Cross Site Scripting
Added: 22932 Microsoft Windows远程安装服务远程任意指令执行漏洞
Added: 22936 JBoss Enterprise Application Platform Unauthorized Access Vulnerability
Added: 22616 Symantec Messaging Gateway Arbitrary Files Download Loopholes
Modified: 50099 Online Game Platform "chinagames.net" Login

发布时间:2013-12-26 17:11:36
名称: eoi.unify.rulepatch.5.6.7.418.rule 版本:5.6.7.418
MD5:424f8125b4b99fed488deca798528f6d 大小:10.01M
描述:


绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.78,升级包导入后引擎会自动重启。


规则新增或更新列表:
新增: 22928 Microsoft Scripting Runtime Object Library释放后重利用漏洞(CVE-2013-5056)(MS13-099)
新增: 22927 Internet Explorer内存破坏漏洞(CVE-2013-5049)(MS13-097)
新增: 22926 Internet Explorer内存破坏漏洞(CVE-2013-5051)(MS13-097)
新增: 22925 Internet Explorer内存破坏漏洞(CVE-2013-5048)(MS13-097)

NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.78.After upgrade package is imported,engine will automatically restart.


List of added or modified signatures:
Added: 22928 Microsoft Scripting Runtime Object Library Use After Free (CVE-2013-5056)(MS13-099)
Added: 22927 Internet Explorer Memory Corruption (CVE-2013-5049)(MS13-097)
Added: 22926 Internet Explorer Memory Corruption(CVE-2013-5051)(MS13-097)
Added: 22925 Internet Explorer Memory Corruption (CVE-2013-5048)(MS13-097)

发布时间:2013-12-19 15:53:14
名称: eoi.unify.rulepatch.5.6.7.417.rule 版本:5.6.7.417
MD5:ed853fdb611e2bcdd09f6fa1ab55a9f3 大小:9.73M
描述:

绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.78,升级包导入后引擎会自动重启。


规则新增或更新列表:
新增: 22918 Beetel Connection Manager NetConfig.ini缓冲区溢出
新增: 22916 DesktopCentral AgentLogUpload二进制文件上传
新增: 22917 ProcessMaker开源代码认证PHP代码执行
新增: 22919 Moodle远程命令执行
新增: 22920 EMC Replication Manager远程命令执行漏洞
新增: 22685 EMC AlphaStor DCP缓冲区溢出漏洞

NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.78.After upgrade package is imported,engine will automatically restart.


List of added or modified signatures:
Added: 22918 Beetel Connection Manager NetConfig.ini Buffer Overflow
Added: 22916 DesktopCentral AgentLogUpload Arbitrary File Upload
Added: 22917 ProcessMaker Open Source Authenticated PHP Code Execution
Added: 22919 Moodle Remote Command Execution
Added: 22920 EMC Replication Manager Command Execution
Added: 22685 EMC AlphaStor DCP Buffer overflow

发布时间:2013-12-12 18:01:51
名称: eoi.unify.rulepatch.5.6.7.416.rule 版本:5.6.7.416
MD5:43192730fafb1af1b750d7bd5be41eab 大小:9.69M
描述:


绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.74,升级包导入后引擎会自动重启。


规则新增或更新列表:
修改: 22353 Citect SCADA ODBC服务器远程栈溢出漏洞

NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.74.After upgrade package is imported,engine will automatically restart.


List of added or modified signatures:
Modified: 22353 Citect SCADA ODBC Server Remote Stack Overflow Vulnerability Vulnerability

发布时间:2013-12-05 17:18:37
名称: eoi.unify.rulepatch.5.6.7.415.rule 版本:5.6.7.415
MD5:b1c679d98b5713ab9ff869633d3eff11 大小:9.69M
描述:

绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.74,升级包导入后引擎会自动重启。


规则新增或更新列表:

添加: 22915 Microsoft Windows Kernel权限提升漏洞利用攻击(CVE-2013-5065)

NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.74.After upgrade package is imported,engine will automatically restart.


List of added or modified signatures:

Added: 22915 Microsoft Windows Kernel Elevated Privileges Exploit (CVE-2013-5065)

发布时间:2013-11-29 09:36:06
名称: eoi.unify.rulepatch.5.6.7.414.rule 版本:5.6.7.414
MD5:f3965b24d07cbdae1e638acf2f96e507 大小:10.14M
描述:

绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.74,升级包导入后引擎会自动重启。


规则新增或更新列表:

修改: 22918 Microsoft IE信息泄露漏洞(CVE-2013-3908)(MS13-088)

NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.74.After upgrade package is imported,engine will automatically restart.


List of added or modified signatures:

Modified: 22918 Microsoft IE Information Disclosure (CVE-2013-3908)(MS13-088)

发布时间:2013-11-28 15:14:42
名称: eoi.unify.rulepatch.5.6.7.413.rule 版本:5.6.7.413
MD5:020a6f1e2ac504376fba094810f7cba8 大小:9.96M
描述:


绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.74,升级包导入后引擎会自动重启。


规则新增或更新列表:

新增:22909 Microsoft IE ActiveX控件远程代码执行漏洞(CVE-2013-3918)
修改:41019 Hop-by-Hop Options Header 检测

NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.74.After upgrade package is imported,engine will automatically restart.


List of added or modified signatures:

Added: 22909 Microsoft IE ActiveX Control Remote Code Execution(CVE-2013-3918)
Modified: 41019 Hop-by-Hop Options Header Check

发布时间:2013-11-21 18:25:13
名称: eoi.unify.rulepatch.5.6.7.412.rule 版本:5.6.7.412
MD5:e2ef416c1389457c84f9e90d2dc66387 大小:9.96M
描述:

绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.74,升级包导入后引擎会自动重启。


规则新增或更新列表:
新增: 22911 Microsoft IE内存破坏漏洞(CVE-2013-3911)(MS13-088)
新增: 22915 Microsoft IE内存破坏漏洞(CVE-2013-3914)(MS13-088)
新增: 22917 Microsoft IE内存破坏漏洞(CVE-2013-3917)(MS13-088)
新增: 22914 Microsoft IE内存破坏漏洞(CVE-2013-3910)(MS13-088)
新增: 22916 Microsoft IE内存破坏漏洞(CVE-2013-3915)(MS13-088)
新增: 22912 Microsoft IE内存破坏漏洞(CVE-2013-3912)(MS13-088)
新增: 22918 Microsoft IE信息泄露漏洞(CVE-2013-3908)(MS13-088)
新增: 22909 Microsoft IE ActiveX控件远程代码执行漏洞(CVE-2013-3918)
新增: 10363 ACK-Flood拒绝服务攻击
新增: 22910 Microsoft IE内存破坏漏洞(CVE-2013-3916)(MS13-088)
新增: 22902 OpenMediaVault Cron远程命令执行
新增: 22904 vTigerCRM v5.4.0/v5.3.0认证远程代码执行
新增: 22900 Open Flash Chart v2任意文件上传
新增: 22907 WebTester 5.x命令执行
新增: 22908 Microsoft Graphics组件远程代码执行漏洞(CVE-2013-3906)


NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.74.After upgrade package is imported,engine will automatically restart.


List of added or modified signatures:
Added: 22911 Microsoft IE Memory Corruption(CVE-2013-3911)(MS13-088)
Added: 22915 Microsoft IE Memory Corruption(CVE-2013-3914)(MS13-088)
Added: 22917 Microsoft IE Memory Corruption(CVE-2013-3917)(MS13-088)
Added: 22914 Microsoft IE Memory Corruption(CVE-2013-3910)(MS13-088)
Added: 22916 Microsoft IE Memory Corruption(CVE-2013-3915)(MS13-088)
Added: 22912 Microsoft IE Memory Corruption(CVE-2013-3912)(MS13-088)
Added: 22918 Microsoft IE Information Disclosure (CVE-2013-3908)(MS13-088)
Added: 22909 Microsoft IE ActiveX Control Remote Code Execution(CVE-2013-3918)
Added: 10363 ACK-Flood Denial of Service Attacks
Added: 22910 Microsoft IE Memory Corruption(CVE-2013-3916)(MS13-088)
Added: 22902 OpenMediaVault Cron Remote Command Execution
Added: 22904 vTigerCRM v5.4.0\v5.3.0 Authenticated Remote Code Execution
Added: 22900 Open Flash Chart v2 Arbitrary File Upload
Added: 22907 WebTester 5.x Command Execution
Added: 22908 Microsoft Graphics Component Could Allow Remote Code Execution(CVE-2013-3906)

发布时间:2013-11-13 18:02:47
名称: eoi.unify.rulepatch.5.6.7.410.rule 版本:5.6.7.410
MD5:b66f8b7ed490e7061fde795073aa3c97 大小:9.77M
描述:

绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.74,升级包导入后引擎会自动重启。


规则新增或更新列表:
新增: 22908 Microsoft Graphics组件远程代码执行漏洞(CVE-2013-3906)
新增: 41071 木马后门程序DarkComet通信
新增: 22894 OpenEMR 4.1.1 Patch 14 SQL注入权限提升和远程代码执行
新增: 22249 PHP-CGI远程源码泄露和任意代码执行漏洞


NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.74.After upgrade package is imported,engine will automatically restart.


List of added or modified signatures:
Added: 22908 Microsoft Graphics Component Could Allow Remote Code Execution(CVE-2013-3906)
Added: 41071 Trojan backdoor DarkComet communication
Added: 22894 OpenEMR 4.1.1 Patch 14 SQLi Privilege Escalation Remote Code Execution
Added: 22249 PHP-CGI Remote Source Disclosure And Arbitrary Code Execution Vulnerability

发布时间:2013-11-07 15:46:34
名称: eoi.unify.rulepatch.5.6.7.409.rule 版本:5.6.7.409
MD5:2e5a0c5425dee271749544d2d32a8574 大小:9.76M
描述:

绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.74,升级包导入后引擎会自动重启。


规则新增或更新列表:
新增: 22894 OpenEMR 4.1.1 Patch 14 SQL注入权限提升和远程代码执行
新增: 22896 Astium远程命令执行
新增: 22895 D-Link设备UPnP SOAP Telnetd命令执行
新增: 30627 vBulletin管理员账户创建
新增: 22893 Raidsonic NAS设备未经认证远程命令执行
新增: 22897 ClipBucket远程命令执行
新增: 22892 Zabbix 2.0.8 SQL注入和远程代码执行
修改: 22249 PHP-CGI远程源码泄露和任意代码执行漏洞


NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.74.After upgrade package is imported,engine will automatically restart.


List of added or modified signatures:
Added: 22894 OpenEMR 4.1.1 Patch 14 SQLi Privilege Escalation Remote Code Execution
Added: 22896 Astium Remote Code Execution
Added: 22895 D-Link Devices UPnP SOAP Telnetd Command Execution
Added: 30627 vBulletin Administrator Account Creation
Added: 22893 Raidsonic NAS Devices Unauthenticated Remote Command Execution
Added: 22897 ClipBucket Remote Code Execution
Added: 22892 Zabbix 2.0.8 SQL Injection and Remote Code Execution
Modified: 22249 PHP-CGI Remote Source Disclosure And Arbitrary Code Execution Vulnerability

发布时间:2013-11-07 15:46:39
名称: eoi.unify.rulepatch.5.6.7.408.rule 版本:5.6.7.408
MD5:f1817340fe0d40932ffe277069e82a89 大小:9.80M
描述:

绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.74,升级包导入后引擎会自动重启。


规则新增或更新列表:
新增:22886 Western Digital Arkeia远程代码执行
新增:22891 ZeroShell远程代码执行
新增:22890 D-Link路由器User-Agent后门漏洞
修改: 22621 Oracle Java 7 JmxMBeanServer类远程代码执行漏洞
修改: 20972 Windows Server服务RPC请求缓冲区溢出攻击(MS08-067)
修改: 20845 HTTP协议URL字段超长缓冲区溢出攻击

NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.74.After upgrade package is imported,engine will automatically restart.


List of added or modified signatures:
Add: 22886 Western Digital Arkeia Remote Code Execution
Add: 22891 ZeroShell Remote Code Execution
Add: 22890 D-Link Router User-Agent Backdoor Vulnerability
Modified: 22621 Oracle Java 7 JmxMBeanServer Remote Code Execution
Modified: 20972 Microsoft Windows Server Service RPC Handling Remote Code Execution Attack(MS08-067)
Modified: 20845 HTTP Protocol Over-Long URL Field Buffer Overflow

发布时间:2013-10-31 14:12:01
名称: eoi.unify.rulepatch.5.6.7.407.rule 版本:5.6.7.407
MD5:e8d6436f70f23311a913023f3e5a4f4a 大小:9.99M
描述:

绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.74,升级包导入后引擎会自动重启。


规则新增或更新列表:
新增: 22880 Nodejs js-yaml load()代码执行
新增: 22882 Linksys WRT110远程命令执行
新增: 22883 GestioIP远程命令执行
修改: 50099 网络游戏平台中国游戏中心登录





NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.74.After upgrade package is imported,engine will automatically restart.


List of added or modified signatures:
Added: 22880 Nodejs js-yaml load() Code Execution
Added: 22882 Linksys WRT110 Remote Command Execution
Added: 22883 GestioIP Remote Command Execution
Modified: 50099 Online Game Platform "chinagames.net" Login

发布时间:2013-10-24 19:16:03
名称: eoi.unify.rulepatch.5.6.7.406.rule 版本:5.6.7.406
MD5:694f3d7d7aa96d5460834a3508425632 大小:9.99M
描述:


绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.74,升级包导入后引擎会自动重启。


规则新增或更新列表:
新增: 22872 Microsoft Internet Explorer内存破坏漏洞(CVE-2013-3885)(MS13-080)
新增: 22873 Microsoft SharePoint单击劫持漏洞(CVE-2013-3895)(MS13-084)
新增: 22875 Microsoft Internet Explorer内存破坏漏洞(CVE-2013-3897)(MS13-080)
新增: 22878 Microsoft Internet Explorer内存破坏漏洞(CVE-2013-3874)(MS13-080)
新增: 22876 Microsoft Internet Explorer内存破坏漏洞(CVE-2013-3871)(MS13-080)
新增: 22877 Microsoft Internet Explorer内存破坏漏洞(CVE-2013-3886)(MS13-080)
新增: 22870 Microsoft Internet Explorer内存破坏漏洞(CVE-2013-3875)(MS13-080)
新增: 22871 Microsoft Internet Explorer内存破坏漏洞(CVE-2013-3873)(MS13-080)
修改: 29002 Web服务远程跨站脚本执行攻击

NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.74.After upgrade package is imported,engine will automatically restart.


List of added or modified signatures:
Added: 22872 Microsoft Internet Explorer Memory Corruption (CVE-2013-3885)(MS13-080)
Added: 22873 Microsoft SharePoint Click Hijack Vulneribilty (CVE-2013-3895)(MS13-084)
Added: 22875 Microsoft Internet Explorer Memory Corruption (CVE-2013-3897)(MS13-080)
Added: 22878 Microsoft Internet Explorer Memory Corruption (CVE-2013-3874)(MS13-080)
Added: 22876 Microsoft Internet Explorer Memory Corruption (CVE-2013-3871)(MS13-080)
Added: 22877 Microsoft Internet Explorer Memory Corruption (CVE-2013-3886)(MS13-080)
Added: 22870 Microsoft Internet Explorer Memory Corruption (CVE-2013-3875)(MS13-080)
Added: 22871 Microsoft Internet Explorer Memory Corruption (CVE-2013-3873)(MS13-080)
Modified: 29002 Web Service Remote Cross-Site Scripting

发布时间:2013-10-17 18:22:15
名称: eoi.unify.rulepatch.5.6.7.404.rule 版本:5.6.7.404
MD5:8c45b33132175c1953a0ae0f10b4be7d 大小:9.98M
描述:

绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.74,升级包导入后引擎会自动重启。


规则新增或更新列表:
修改: 29002 Web服务远程跨站脚本执行攻击
修改: 50099 网络游戏平台中国游戏中心登录





NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.74.After upgrade package is imported,engine will automatically restart.


List of added or modified signatures:
Modified: 29002 Web Service Remote Cross-Site Scripting
Modified: 50099 Online Game Platform "chinagames.net" Login

发布时间:2013-10-10 18:49:18
名称: eoi.unify.rulepatch.5.6.7.403.rule 版本:5.6.7.403
MD5:5a28ef0a6edc19bb6e748d32a6bbb16f 大小:9.99M
描述:

绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.74,升级包导入后引擎会自动重启。


规则新增或更新列表:
修改: 21175 Microsoft Windows "CreateSizedDIBSECTION()"缩略视图栈缓冲区溢出漏洞
修改: 29002 Web服务远程跨站脚本执行攻击

SFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.74.After upgrade package is imported,engine will automatically restart.


List of added or modified signatures:
Modified: 21175 Microsoft Windows 'CreateSizedDIBSECTION()' Thumbnail View Stack Buffer Overflow Vulnerability
Modified: 29002 Web Service Remote Cross-Site Scripting

发布时间:2013-10-03 17:32:18
名称: eoi.unify.rulepatch.5.6.7.402.rule 版本:5.6.7.402
MD5:67cd1e2d5d7006b2c6dbc7ffe3017503 大小:9.97M
描述:

绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.74,升级包导入后引擎会自动重启。


规则新增或更新列表:
新增: 22869 Microsoft Internet Explorer MSHTML 远程代码执行漏洞 (CVE-2013-3893)
新增: 22864 Microsoft SharePoint跨站脚本执行漏洞(CVE-2013-3180)(MS13-067)
新增: 22868 Mozilla Firefox/Thunderbird/SeaMonkey XMLSerializer释放后重用远程代码执行漏洞(CVE-2013-0753)
新增: 22867 HP LoadRunner远程代码执行漏洞 (CVE-2013-4798)
新增: 22861 Microsoft Internet Explorer内存破坏漏洞(CVE-2013-3209)(MS13-069)
新增: 22866 Microsoft IE CFlatMarkupPointer释放后重用漏洞(MS13-059 )
新增: 22862 Microsoft Internet Explorer内存破坏漏洞(CVE-2013-3206)(MS13-069)
新增: 22865 Microsoft IE CAnchorElement释放后重用漏洞(MS13-055)
新增: 22856 Microsoft Internet Explorer内存破坏漏洞(CVE-2013-3205)(MS13-069)
新增: 22860 Microsoft Internet Explorer内存破坏漏洞(CVE-2013-3845)(MS13-069)
新增: 22863 Microsoft Internet Explorer内存破坏漏洞(CVE-2013-3203)(MS13-069)
新增: 30625 Microsoft FrontPage信息泄露漏洞(CVE-2013-3137)(MS13-078)
新增: 30626 GE Proficy CIMPLICITY目录遍历和远程命令执行漏洞
新增: 22854 D-Link设备未经身份验证的缓冲区溢出漏洞
新增: 22855 D-Link设备认证远程命令执行
新增: 22858 HP StorageWorks P4000虚拟SAN应用登陆缓冲区溢出攻击
新增: 22859 SPIP connect参数PHP脚本命令注入

NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.74.After upgrade package is imported,engine will automatically restart.


List of added or modified signatures:
Added: 22869 Microsoft Internet Explorer MSHTML Remote Code Execution Vulnerability (CVE-2013-3893)
Added: 22864 Microsoft SharePoint Cross Site Script (CVE-2013-3180)(MS13-067)
Added: 22868 Firefox XMLSerializer Use After Free
Added: 22867 HP LoadRunner lrFileIOService ActiveX WriteFileString Remote Code Execution
Added: 22861 Microsoft Internet Explorer Memory Corruption (CVE-2013-3209)(MS13-069)
Added: 22866 Microsoft Internet Explorer CFlatMarkupPointer Use-After-Free(MS13-059)
Added: 22862 Microsoft Internet Explorer Memory Corruption (CVE-2013-3206)(MS13-069)
Added: 22865 Microsoft Internet Explorer CAnchorElement Use-After-Free(MS13-055)
Added: 22856 Microsoft Internet Explorer Memory Corruption (CVE-2013-3205)(MS13-069)
Added: 22860 Microsoft Internet Explorer Memory Corruption (CVE-2013-3845)(MS13-069)
Added: 22863 Microsoft Internet Explorer Memory Corruption (CVE-2013-3203)(MS13-069)
Added: 30625 Microsoft FrontPage Information Disclosure(CVE-2013-3137)(MS13-078)
Added: 30626 GE Proficy Cimplicity WebView substitute.bcl Directory Traversal
Added: 22854 D-Link Devices Unauthenticated Remote Command Execution
Added: 22855 D-Link Devices Authenticated Remote Command Execution
Added: 22858 HP StorageWorks P4000 Virtual SAN Appliance Login Buffer Overflow
Added: 22859 SPIP connect Parameter PHP Injection

发布时间:2013-09-27 12:00:25
名称: eoi.unify.rulepatch.5.6.7.401.rule 版本:5.6.7.401
MD5:06ea356dc46973bc80f52a26791e133f 大小:9.97M
描述:

绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.74,升级包导入后引擎会自动重启。


规则新增或更新列表:
新增: 22858 HP StorageWorks P4000虚拟SAN应用登陆缓冲区溢出攻击
新增: 22855 D-Link设备认证远程命令执行
新增: 22854 D-Link设备未经身份验证的缓冲区溢出漏洞
新增: 22859 SPIP connect参数PHP脚本命令注入
新增: 22849 Oracle Endeca服务器远程命令执行
新增: 22848 Microsoft Internet Explorer 内存泄漏漏洞 (CVE-2013-3207)(MS13-069)
新增: 22846 Microsoft Internet Explorer 内存泄漏漏洞 (CVE-2013-3202)(MS13-069)
新增: 22850 Graphite Web不安全的Pickle处理
新增: 10362 Microsoft SharePoint 拒接服务漏洞 (CVE-2013-0081)(MS13-067)
新增: 22845 Microsoft Internet Explorer 内存泄漏漏洞 (CVE-2013-3204 )(MS13-069)
新增: 22847 Microsoft Internet Explorer 内存泄漏漏洞 (CVE-2013-3208)(MS13-069)
新增: 22869 Microsoft Internet Explorer MSHTML 远程代码执行漏洞 (CVE-2013-3893)
修改: 40688 ARP协议MAC地址欺骗攻击

NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.74.After upgrade package is imported,engine will automatically restart.


List of added or modified signatures:
Added: 22858 HP StorageWorks P4000 Virtual SAN Appliance Login Buffer Overflow
Added: 22855 D-Link Devices Authenticated Remote Command Execution
Added: 22854 D-Link Devices Unauthenticated Remote Command Execution
Added: 22859 SPIP connect Parameter PHP Injection
Added: 22849 Oracle Endeca Server Remote Command Execution
Added: 22848 Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2013-3207)(MS13-069)
Added: 22846 Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2013-3202)(MS13-069)
Added: 22850 Graphite Web Unsafe Pickle Handling
Added: 10362 Microsoft SharePoint Denial of Service Vulnerability (CVE-2013-0081)(MS13-067)
Added: 22845 Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2013-3204 )(MS13-069)
Added: 22847 Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2013-3208)(MS13-069)
Added: 22869 Microsoft Internet Explorer MSHTML Remote Code Execution Vulnerability (CVE-2013-3893)
Modified: 40688 ARP Protocl MAC Address Spoofing

发布时间:2013-09-18 17:50:32
名称: eoi.unify.rulepatch.5.6.7.400.rule 版本:5.6.7.400
MD5:46aacd78e3e572796b642ef6e6661530 大小:9.95M
描述:

绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.74,升级包导入后引擎会自动重启。


规则新增或更新列表:
修改: 21517 IBM WebSphere Application Server跨站脚本漏洞
修改: 21616 Squid NTLM Authentication Password溢出漏洞
修改: 22802 Apache Tomcat mod_jk二进制代码执行攻击
修改: 50099 网络游戏平台中国游戏中心登录

NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.74.After upgrade package is imported,engine will automatically restart.


List of added or modified signatures:
Modified: 21517 IBM WebSphere Application Server Cross-Site Scripting Vulnerability
Modified: 21616 Squid NTLM Authentication Password Overflow Vulnerability
Modified: 22802 Apache Tomcat mod_jk Arbitrary Code Execution
Modified: 50099 Online Game Platform "chinagames.net" Login

发布时间:2013-09-12 17:59:44
名称: eoi.unify.rulepatch.5.6.7.329.rule 版本:5.6.7.329
MD5:9bf590d0503970ec5b1c0a034184d72e 大小:9.96M
描述:

绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.74,升级包导入后引擎会自动重启。


规则新增或更新列表:
修改: 21456 BEA WebLogic JSESSIONID Cookie值溢出漏洞
修改: 21517 IBM WebSphere Application Server跨站脚本漏洞

NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.74.After upgrade package is imported,engine will automatically restart.

List of added or modified signatures:
Modified: 21456 BEA WebLogic JSESSIONID Cookie Value Overflow Vulnerability
Modified: 21517 IBM WebSphere Application Server Cross-Site Scripting Vulnerability

发布时间:2013-09-05 15:55:56
名称: eoi.unify.rulepatch.5.6.7.328.rule 版本:5.6.7.328
MD5:dc43f188c3d2fd157b8888bcdbe4355d 大小:9.33M
描述:

绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.74,升级包导入后引擎会自动重启。


规则新增或更新列表:
新增: 22834 Exodesk PHP桌面平台faq.php id参数SQL注入(FullAspSite)
修改: 40479 木马后门程序Bigorna木马通信

NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.74.After upgrade package is imported,engine will automatically restart.


List of added or modified signatures:
Added: 22834 Exodesk PHP Desk faq.php id Parameter SQL Injection (FullAspSite)
Modified: 40479 Backdoor/Trojan Bigorna Communication

发布时间:2013-08-29 19:00:00
名称: eoi.unify.rulepatch.5.6.7.327.rule 版本:5.6.7.327
MD5:49fc2a1b8406872e4b15aad4ccfedcf8 大小:9.96M
描述:

绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.74,升级包导入后引擎会自动重启。


规则新增或更新列表:
新增: 22839 Microsoft Internet Explorer 内存泄漏漏洞 (CVE-2013-3191)(MS13-059)
新增: 22837 Microsoft Internet Explorer 内存泄漏漏洞 (CVE-2013-3188) (MS13-059)
新增: 22838 Microsoft Internet Explorer 内存泄漏漏洞 (CVE-2013-3189)(MS13-059)
新增: 22842 Microsoft Internet Explorer 内存泄漏漏洞 (CVE-2013-3199)(MS13-059)
新增: 22840 Microsoft Internet Explorer 内存泄漏漏洞 (CVE-2013-3193) (MS13-059)
新增: 22841 Microsoft Internet Explorer 内存泄漏漏洞 (CVE-2013-3194)(MS13-059)
新增: 22835 Microsoft Internet Explorer 内存泄漏漏洞 (CVE-2013-3184)(MS13-059 )
修改: 50099 网络游戏平台中国游戏中心登录

NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.74.After upgrade package is imported,engine will automatically restart.


List of added or modified signatures:
Added: 22839 Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2013-3191)(MS13-059)
Added: 22837 Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2013-3188)(MS13-059)
Added: 22838 Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2013-3189)(MS13-059)
Added: 22842 Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2013-3199)(MS13-059)
Added: 22840 Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2013-3193)(MS13-059)
Added: 22841 Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2013-3194)(MS13-059)
Added: 22835 Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2013-3184)(MS13-059 )
Modified: 50099 Online Game Platform "chinagames.net" Login

发布时间:2013-08-22 19:09:07
名称: eoi.unify.rulepatch.5.6.7.326.rule 版本:5.6.7.326
MD5:b540f7dd3740c6afa71df4a29182184a 大小:9.97M
描述:

绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.74,升级包导入后引擎会自动重启。


规则新增或更新列表:
新增: 22831 Firefox 17 JavaScript 远程代码执行漏洞
修改: 50099 网络游戏平台中国游戏中心登录

NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.74.After upgrade package is imported,engine will automatically restart.


List of added or modified signatures:
Added: 22831 Firefox 17 JavaScript Remote Code Execution
Modified: 50099 Online Game Platform "chinagames.net" Login

发布时间:2013-08-15 17:49:46
名称: eoi.unify.rulepatch.5.6.7.325.rule 版本:5.6.7.325
MD5:2915f1fb842e7ddd72eb7f732e9e2e5e 大小:9.83M
描述:

绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.74,升级包导入后引擎会自动重启。


规则新增或更新列表:
新增: 22797 Apple Quicktime 7无效Atom长度缓冲区溢出攻击
新增: 22799 D-Link Devices UPnP SOAP命令注入
新增: 22798 HP Managed Printing Administration jobAcct远程命令执行
修改: 50099 网络游戏平台中国游戏中心登录

NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.74.After upgrade package is imported,engine will automatically restart.


List of added or modified signatures:
Added: 22797 Apple Quicktime 7 Invalid Atom Length Buffer Overflow
Added: 22799 D-Link Devices UPnP SOAP Command Execution
Added: 22798 HP Managed Printing Administration jobAcct Remote Command Execution
Modified: 50099 Online Game Platform "chinagames.net" Login

发布时间:2013-08-08 15:55:37
名称: eoi.unify.rulepatch.5.6.7.324.rule 版本:5.6.7.324
MD5:a276e152c9fee676ff60229cd0bd5552 大小:9.83M
描述:

绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.74,升级包导入后引擎会自动重启。


规则新增或更新列表:
新增: 10352 WordPress crypt_private()远程拒绝服务漏洞
新增: 22788 Microsoft Internet Explorer 内存破坏漏洞 (CVE-2013-3146)(MS13-055)
新增: 22791 Microsoft Internet Explorer 内存破环漏洞 (CVE-2013-3150)(MS13-055)
修改: 50099 网络游戏平台中国游戏中心登录

NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.74.After upgrade package is imported,engine will automatically restart.


List of added or modified signatures:
Added: 10352 WordPress crypt_private() Remote DoS Vulnerability
Added: 22788 Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2013-3146)(MS13-055)
Added: 22791 Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2013-3150)(MS13-055)
Modified: 50099 Online Game Platform "chinagames.net" Login

发布时间:2013-08-01 16:07:43
名称: eoi.unify.rulepatch.5.6.7.323.rule 版本:5.6.7.323
MD5:00160956f66fd846a57cb50cab9c6e35 大小:9.82M
描述:

绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.74,升级包导入后引擎会自动重启。


规则新增或更新列表:
新增: 30614 多款Canon打印机远程信息泄露漏洞(CVE-2013-4614)
新增: 22795 ZPanel 10.0.0.2 htpasswd模块用户名命令注入漏洞
新增: 22794 LibrettoCMS文件管理器二进制文件上传漏洞
新增: 22793 Havalite CMS二进制文件上传漏洞
修改: 50054 TELNET服务用户执行su命令

NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.74.After upgrade package is imported,engine will automatically restart.


List of added or modified signatures:
Added: 30614 Canon Printer Wireless Configuration Disclosure
Added: 22795 ZPanel 10.0.0.2 htpasswd Module Username Command Execution
Added: 22794 LibrettoCMS File Manager Arbitary File Upload Vulnerability
Added: 22793 Havalite CMS Arbitary File Upload Vulnerability
Modified: 50054 su Command Execution in TELNET Service

发布时间:2013-07-25 17:52:00
名称: eoi.unify.rulepatch.5.6.7.322.rule 版本:5.6.7.322
MD5:8eaab4b6c8ff138568620aec4b3d93f0 大小:9.82M
描述:


绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.74,升级包导入后引擎会自动重启。


规则新增或更新列表:
修改: 22796 Apache Struts远程代码执行漏洞 (CVE-2013-2251)

NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.74.After upgrade package is imported,engine will automatically restart.


List of added or modified signatures:
Modified: 22796 Apache Struts Remote Code Execution(CVE-2013-2251)

发布时间:2013-07-19 19:14:51
名称: eoi.unify.rulepatch.5.6.7.319.rule 版本:5.6.7.319
MD5:f5cc44f79c4e219c097eb3a4f4adb9bc 大小:9.79M
描述:

绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.74,升级包导入后引擎会自动重启。


规则新增或更新列表:
新增:22769 Microsoft Internet Explorer 内存破坏漏洞(CVE-2013-3119)(MS13-047)
新增:22771 Microsoft Internet Explorer 内存破坏漏洞(CVE-2013-3123)(MS13-047)
新增:22772 Microsoft Internet Explorer 内存破坏漏洞(CVE-2013-3139)(MS13-047)
新增:22770 Microsoft Internet Explorer 内存破坏漏洞(CVE-2013-3121)(MS13-047)

NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.74.After upgrade package is imported,engine will automatically restart.


List of added or modified signatures:
Added: 22769 Microsoft Internet Explorer Memory Corruption Vulnerability(CVE-2013-3119)(MS13-047)
Added: 22771 Microsoft Internet Explorer Memory Corruption Vulnerability(CVE-2013-3123)(MS13-047)
Added: 22772 Microsoft Internet Explorer Memory Corruption Vulnerability(CVE-2013-3139)(MS13-047)
Added: 22770 Microsoft Internet Explorer Memory Corruption Vulnerability(CVE-2013-3121)(MS13-047)

发布时间:2013-07-11 17:55:11
名称: eoi.unify.rulepatch.5.6.7.318.rule 版本:5.6.7.318
MD5:f09cd33d34fb7c88926e25e5f8122fe0 大小:8.47M
描述:

绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.67,升级包导入后引擎会自动重启。


规则新增或更新列表:
新增: 22733 IBM SPSS SamplePower c1sizer ActiveX控件缓冲区溢出漏洞(CVE-2012-5946)
新增: 22764 Microsoft Internet Explorer 内存破坏漏洞(CVE-2013-3116)(MS13-047)
新增: 22759 Microsoft Internet Explorer 内存破坏漏洞(CVE-2013-3117)(MS13-047)
新增: 22768 Microsoft Internet Explorer 内存破坏漏洞(CVE-2013-3118)(MS13-047)
新增: 22763 Microsoft Internet Explorer 内存破坏漏洞(CVE-2013-3111)(MS13-047)
新增: 22757 Lianja SQL Server 'db_netserver' 远程栈缓冲区溢出漏洞(CVE-2013-3563)
新增: 22762 SevOne网络性能管理应用程序暴力猜测
新增: 10345 MiniUPnP SSDP处理程序ProcessSSDPRequest函数拒绝服务漏洞
修改: 50054 TELNET服务用户执行su命令


NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.67.After upgrade package is imported,engine will automatically restart.


List of added or modified signatures:
Added: 22733 IBM SPSS SamplePower C1Tab ActiveX Heap Overflow
Added: 22764 Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2013-3116)(MS13-047)
Added: 22759 Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2013-3117)(MS13-047)
Added: 22768 Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2013-3118)(MS13-047)
Added: 22763 Microsoft Internet Explorer Memory Corruption Vulnerability(CVE-2013-3111)(MS13-047)
Added: 22757 Lianja SQL 1.0.0RC5.1 db_netserver Stack Buffer Overflow
Added: 22762 SevOne Network Performance Management Application Brute Force Login Utility
Added: 10345 MiniUPnPd 1.4 Denial of Service (DoS) Exploit
Modified: 50054 su Command Execution in TELNET Service

发布时间:2013-07-04 15:59:28
名称: eoi.unify.rulepatch.5.6.7.317.rule 版本:5.6.7.317
MD5:a3ca02b359d77f140cbd8a4d38b71136 大小:9.52M
描述:


绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.67,升级包导入后引擎会自动重启。


规则新增或更新列表:
新增:22758 Microsoft Internet Explorer 内存破坏漏洞(CVE-2013-3110)(MS13-047)
修改:10051 Microsoft SQL Server 2000 Resolution服务远程堆破坏拒绝服务攻击
修改:29001 Web服务远程SQL注入攻击可疑行为


NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.67.After upgrade package is imported,engine will automatically restart.


List of added or modified signatures:
Added: 22758 Microsoft Internet Explorer Memory Corruption Vulnerability(CVE-2013-3110)(MS13-047)
Modified: 10051 Microsoft SQL Server 2000 Resolution Service Remote Heap Corruption Denial of Service
Modified: 29001 Web Service Remote SQL Injection Suspicious Behavior

发布时间:2013-06-27 17:48:36
名称: eoi.unify.rulepatch.5.6.7.316.rule 版本:5.6.7.316
MD5:c4b86db6c986fd06846d290b9402bf3c 大小:9.54M
描述:


绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.67,升级包导入后引擎会自动重启。


规则新增或更新列表:
新增: 22754 EMC AlphaStor LCP缓冲区溢出漏洞
新增: 22755 ECshop补丁植入后门窃取敏感信息
新增: 22738 D-Link DIR615h OS命令注入漏洞
新增: 22741 ColdFusion 'password.properties'散列提取
新增: 22747 Linksys WRT160nv2 apply.cgi远程命令注入漏洞
新增: 22735 Plesk Apache 远程代码执行漏洞
新增: 22737 DedeCMS变量注入二次SQL注入漏洞
修改: 50054 TELNET服务用户执行su命令





NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.67.After upgrade package is imported,engine will automatically restart.


List of added or modified signatures:
Added: 22754 EMC AlphaStor LCP Buffer Overflow Vulnerability
Added: 22755 ECshop Patch Implant Back Door Steal Sensitive Information
Added: 22738 D-Link DIR615h OS Command Injection
Added: 22741 ColdFusion 'password.properties' Hash Extraction
Added: 22747 Linksys WRT160nv2 apply.cgi Remote Command Injection
Added: 22735 Plesk Apache Remote Code Execution Vulnerability
Added: 22737 Dedecms Variable Secondary Use SQL Injection Vulnerability
Modified: 50054 su Command Execution in TELNET Service

发布时间:2013-06-21 02:27:57
名称: eoi.unify.rulepatch.5.6.7.315.rule 版本:5.6.7.315
MD5:240cb35867e7ee2b21ff4f487167034d 大小:10.09M
描述:

绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.67,升级包导入后引擎会自动重启。


规则新增或更新列表:
新增: 22726 Microsoft Internet Explorer 释放后重用远程代码执行漏洞(CVE-2013-1312)(MS13-037)
新增: 22727 Microsoft Internet Explorer 释放后重用远程代码执行漏洞(CVE-2013-1311)(MS13-037)
修改: 50100 网络游戏平台浩方对战登录





NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.67.After upgrade package is imported,engine will automatically restart.


List of added or modified signatures:
Added: 22726 Microsoft Internet Explorer Use-After-Free Remote Code Execution Vulnerability(CVE-2013-1312)(MS13-037)
Added: 22727 Microsoft Internet Explorer Use-After-Free Remote Code Execution Vulnerability (CVE-2013-1311)(MS13-037)
Modified: 50100 Online Game Platform "cga.com.cn" Login

发布时间:2013-06-13 17:23:21
名称: eoi.unify.rulepatch.5.6.7.314.rule 版本:5.6.7.314
MD5:f576c9328d35dee309f27e8ac12ffef1 大小:10.09M
描述:

绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.67,升级包导入后引擎会自动重启。


规则新增或更新列表:
新增: 22731 Ruby on Rails 远程代码执行漏洞利用(CVE-2013-0156)
新增: 22728 Java 7 SE 内存破坏远程代码执行漏洞(CVE-2013-1491)
新增: 22725 Microsoft Internet Explorer 释放后重用远程代码执行漏洞(CVE-2013-1309)(MS13-037)
新增: 22724 Microsoft Internet Explorer 释放后重用远程代码执行漏洞(CVE-2013-1307)(MS13-037)
新增: 10443 Microsoft Windows 'HTTP.sys'远程拒绝服务漏洞 (CVE-2013-1305)(MS13-039)
修改: 50100 网络游戏平台浩方对战登录





NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.67.After upgrade package is imported,engine will automatically restart.


List of added or modified signatures:
Added: 22731 Ruby on Rails Remote Code Execution Vulnerability(CVE-2013-0156)
Added: 22728 Java 7 SE Memory Corruption Remote Code Execution Vulnerability(CVE-2013-1491)
Added: 22725 Microsoft Internet Explorer Use-After-Free Remote Code Execution Vulnerability(CVE-2013-1309)(MS13-037)
Added: 22724 Microsoft Internet Explorer Use-After-Free Remote Code Execution Vulnerability (CVE-2013-1307)(MS13-037)
Added: 10443 Microsoft Windows HTTP.sys Remote Denial of Service Vulnerability(CVE-2013-1305)(MS13-039)
Modified: 50100 Online Game Platform "cga.com.cn" Login

发布时间:2013-06-06 15:19:26
名称: eoi.unify.rulepatch.5.6.7.313.rule 版本:5.6.7.313
MD5:557683962b8349e4cf94b8f1b7f5228e 大小:10.05M
描述:


绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.67,升级包导入后引擎会自动重启。


规则新增或更新列表:
新增: 22723 UCenter Home 2.0 musicbox 插件SQL注入漏洞
新增: 22722 Apache Struts2远程代码执行漏洞(S2-013)
新增: 22718 DVRHOST PDVRATL.DLL ActiveX控件堆缓冲区溢出漏洞
新增: 22719 Namo Web Editor 'NamoInstaller.dll' ActiveX控件任意命令执行漏洞
新增: 22720 Microsoft SQL Server分布式管理系统缓冲区溢出漏洞
新增: 22721 iMesh 'IMWebControl' ActiveX远程堆溢出漏洞
新增: 22716 Microsoft Internet Explorer JSON 数组信息泄露漏洞(CVE-2013-1297)(MS13-037)
新增: 22717 雅虎Music Jukebox AddImage Function ActiveX控件远程栈溢出攻击
修改: 50100 网络游戏平台浩方对战登录


NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.67.After upgrade package is imported,engine will automatically restart.


List of added or modified signatures:
Added: 22723 UCenter Home 2.0 musicbox Plugin SQL Injection Vulnerability
Added: 22722 Apache Struts2 Remote Command Execution(S2-013)
Added: 22718 DVRHOST PDVRATL.DLL ActiveX Remote Buffer Overflow Vulnerability
Added: 22719 Namo Web Editor 'NamoInstaller.dll' ActiveX Control Arbitrary Command Execution Vulnerability
Added: 22720 Microsoft SQL Server Distributed Management Objects Buffer Overflow Vulnerability
Added: 22721 iMesh 'IMWebControl' ActiveX Remote Heap Overflow Vulnerability
Added: 22716 Microsoft Internet Explorer JSON Array Information Disclosure Vulnerability (CVE-2013-1297)
Added: 22717 Yahoo! Music Jukebox AddImage Function ActiveX Remote Buffer Overflow Vulnerability
Modified: 50100 Online Game Platform "cga.com.cn" Login

发布时间:2013-05-30 17:21:09
名称: eoi.unify.rulepatch.5.6.7.312.rule 版本:5.6.7.312
MD5:b794b82afa0090547e01434d83531082 大小:10.06M
描述:

绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.67,升级包导入后引擎会自动重启。


规则新增或更新列表:
新增: 22714 Adobe ColdFusion /CFIDE/adminapi/customtags/l10n.cfm 目录遍历漏洞 (CVE-2013-3336)
新增: 22715 APT/Crime Pack网络攻击流量特征
新增: 22708 Microsoft IE 8浏览器恶意代码攻击
修改: 21395 Microsoft XML核心服务XMLHTTP控件内存破坏漏洞
修改: 21420 Microsoft IE非法事件操作内存破坏漏洞(MS10-002)
修改: 50158 Telnet服务IAC选项炸弹攻击




NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.67.After upgrade package is imported,engine will automatically restart.


List of added or modified signatures:
Added: 22714 Adobe ColdFusion /CFIDE/adminapi/customtags/l10n.cfm Directory Traversal Vulnerability(CVE-2013-3336)
Added: 22715 APT/Crime Pack Network Attack Traffic Characteristics
Added: 22708 Microsoft IE 8 Browser Malicious Code Attack
Modified: 21395 Microsoft XML Core Server XMLHTTP Control Memory Corruption Vulnerability
Modified: 21420 Microsoft IE Illegal Event Operation Memory Corruption Vulnerability(MS10-002)
Modified: 50158 Telnet Service IAC Option Bomb

发布时间:2013-05-23 17:19:03
名称: eoi.unify.rulepatch.5.6.7.311.rule 版本:5.6.7.311
MD5:c62c2e2e8fc921d77076caf1634e5252 大小:10.01M
描述:


绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.67,升级包导入后引擎会自动重启。

规则新增或更新列表:
新增: 22708 Microsoft IE 8浏览器恶意代码攻击
新增:30610 ColdFusion 9 / 10 远程目录遍历漏洞
新增:22712 nginx ngx_http_parse.c chunk处理栈溢出漏洞
新增:41046 漏洞扫描器X-Scan CGI漏洞扫描操作
新增:41047 Web应用漏洞扫描器Nikto扫描操作
新增:21711 Huawei AR系列路由器SNMPv3 缓冲器溢出漏洞
新增:21712 nginx ngx_http_parse.c chunk处理栈溢出漏洞
新增:22707 Microsoft IE 8释放后重用远程代码执行漏洞(CVE-2013-1347)

NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.67.After upgrade package is imported,engine will automatically restart.
List of added or modified signatures:
Added: 22708 Microsoft IE 8 Browser Malicious Code Attack
Added: 30610 ColdFusion 9 / 10 Remote Directory Traversal Vulnerability
Added: 22712 nginx 'ngx_http_parse.c' Stack Buffer Overflow Vulnerability
Added: 41046 Vulnerability Scanner X-Scan CGI Scan Operation
Added: 41047 Web Application Vulnerability Scanner Nikto Scan Operation
Added: 22711 Huawei AR Series Router SNMPv3 Buffer Overflows Vulnerability
Added: 22712 nginx 'ngx_http_parse.c' Stack Buffer Overflow Vulnerability
Added: 22707 Microsoft IE 8 Use After Free Remote Code Execution Vulnerability(CVE-2013-1347)

发布时间:2013-05-16 14:17:09
名称: eoi.unify.rulepatch.5.6.7.310.rule 版本:5.6.7.310
MD5:d0215b56833b070960f838cd8c8b26e2 大小:9.99M
描述:

绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.67,升级包导入后引擎会自动重启。


规则新增或更新列表:
新增: 22707 Microsoft IE 8远程代码执行漏洞(CVE-2013-1347)
修改: 50098 Windows系统远程管理工具Remote Administrator用户认证

NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.67.After upgrade package is imported,engine will automatically restart.


List of added or modified signatures:
Added: 22707 Microsoft Internet Explorer Remote Code Execution Vulnerability(CVE-2013-1347)
Modified: 50098 Windows Remote Management Tool Remote Administrator Authentication

发布时间:2013-05-04 19:37:31
名称: eoi.unify.rulepatch.5.6.7.309.rule 版本:5.6.7.309
MD5:473534ad1753550c66cc7b42c01b2f54 大小:9.26M
描述:

绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.67,升级包导入后引擎会自动重启。


规则新增或更新列表:
新增: 22700 Linksys E1500 URL 重定向漏洞
修改: 50147 DB2数据库管理服务回应



NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.67.After upgrade package is imported,engine will automatically restart.


List of added or modified signatures:
Added: 22700 Linksys E1500 URL Redirection Vulnerability
Modified: 50147 DB2 Database Management Service Response

发布时间:2013-05-02 15:14:33
名称: eoi.unify.rulepatch.5.6.7.308.rule 版本:5.6.7.308
MD5:f82a85097bc5f9ccaebbe25a43068442 大小:9.26M
描述:

绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.67,升级包导入后引擎会自动重启。


规则新增或更新列表:
新增: 30604 WHMCS grouppay 插件SQL注入漏洞
新增: 30605 PHP-AddressBook v6.2.4 SQL 注入漏洞
新增: 22698 PHP-AddressBook v6.2.4 跨站脚本漏洞
新增: 30603 phpVMS Virtual Airline Administration 'itemid' 参数 SQL注入漏洞
新增: 22696 Netgear DGN1000B setup.cgi 远程命令注入漏洞
新增: 22697 Linksys E1500/E2500 apply.cgi 远程命令注入漏洞
新增: 22695 BigAnt Server 2.97 DDNF 用户名字段溢出漏洞
新增: 30602 AXIGEN Mail Server "fileName"任意文件泄露和删除漏洞
修改: 50109 网络游戏石器时代客户端连接服务器





NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.67.After upgrade package is imported,engine will automatically restart.


List of added or modified signatures:
Added: 30604 WHMCS grouppay plugin SQL Injection <= 1.5
Added: 30605 PHP-AddressBook v6.2.4 SQL INJECTION
Added: 22698 PHP-AddressBook v6.2.4 XSS Vulnerability
Added: 30603 phpVMS Virtual Airline Administration 'itemid' Parameter SQL Injection Vulnerability
Added: 22696 Netgear DGN1000B setup.cgi Remote Command Execution
Added: 22697 Linksys E1500/E2500 apply.cgi Remote Command Injection
Added: 22695 BigAnt Server 2.97 DDNF Username Buffer Overflow
Added: 30602 Axigen Arbitrary File Read and Delete
Modified: 50109 Online Game "Stone Age"Client Connect Server

发布时间:2013-04-25 17:23:20
名称: eoi.unify.rulepatch.5.6.7.307.rule 版本:5.6.7.307
MD5:f4c7c3b8d7bb28af69f69db2dc9ae192 大小:9.30M
描述:

绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.67,升级包导入后引擎会自动重启。


规则新增或更新列表:
新增: 10341 DDOS工具攻击告警
新增: 10342 PostgreSQL远程拒绝服务和代码执行漏洞
新增: 22687 MongoDB nativeHelper.apply 远程代码注入漏洞
新增: 22688 ESPCMS Cookie ecisp_order_list 参数SQL注入漏洞
新增: 22689 Plesk Panel远程命令执行漏洞(CVE-2012-1557)
新增: 22690 Adobe ColdFusion 远程命令执行(APSB13-03)
新增: 22691 Adobe ColdFusion 认证绕过漏洞(APSB13-03)
新增: 22693 Microsoft Remote Desktop ActiveX控件远程代码执行漏洞(CVE-2013-1296)(MS13-029)
新增: 30601 Adobe ColdFusion 目录遍历漏洞(APSB13-03)
新增: 30602 AXIGEN Mail Server "fileName"任意文件泄露和删除漏洞
修改: 50101 网络游戏泡泡堂客户端连接服务器





NSFOCUS NIDS/NIPS product signature update package, depends on engine v5.6.7.67.After upgrade package is imported,engine will automatically restart.


List of added or modified signatures:
Added: 10341 DDOS tool attacking detection
Added: 10342 PostgreSQL Denial of Service And Remote Code Execution Vulnerability
Added: 22687 MongoDB nativeHelper.apply Remote Code Execution
Added: 22688 ESPCMS Cookie ecisp_order_list Parameter SQL Injection Vulnerability
Added: 22689 Plesk Panel Remote Command Execution Vulnerability(CVE-2012-1557)
Added: 22690 Adobe ColdFusion APSB13-03 Arbitrary Command Execution
Added: 22691 Adobe ColdFusion APSB13-03 Authentication Bypass
Added: 22693 Microsoft Remote Desktop ActiveX Control Remote Code Execution(CVE-2013-1296)(MS13-029)
Added: 30601 Adobe ColdFusion APSB13-03 Directory Traversal Vulnerability
Added: 30602 Axigen Arbitrary File Read and Delete
Modified: 50101 Online Game "paopaotang" Client Connect Server

发布时间:2013-04-18 16:52:22
名称: eoi.unify.rulepatch.5.6.7.306.rule 版本:5.6.7.306
MD5:8018908577d16456223a40f1d1265335 大小:9.96M
描述:

绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.67,升级包导入后引擎会自动重启。


规则新增或更新列表:
新增: 20278 POP3服务AUTH命令超长参数溢出攻击
修改: 21328 Oracle Java远程代码执行攻击
修改: 22686 Mutiny命令注入漏洞(CVE-2012-3001)
修改: 50170 远程控制管理工具PcAnywhere登录连接





NSFocus NIDS/NIPS product signature update package, depends on engine v5.6.7.67.After upgrade package is imported,engine will automatically restart.


List of added or modified signatures:
Added: 20278 POP3 Service AUTH Command Over-Long Parameter Buffer Overflow
Modified: 21328 Oracle Java Remote Code Execution Attack
Modified: 22686 Mutiny Remote Command Execution(CVE-2012-3001)
Modified: 50170 Remote Management Tool PcAnywhere Login Connection

发布时间:2013-04-11 20:00:47
名称: eoi.unify.rulepatch.5.6.7.305.rule 版本:5.6.7.305
MD5:9036168fdde42c62d2903573c47eb813 大小:9.96M
描述:

绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.67,升级包导入后引擎会自动重启。


规则新增或更新列表:
新增: 22680 Apache Struts ParametersInterceptor远程命令执行
新增: 22684 EMC AlphaStor NetWorker命令处理器命令注入漏洞
修改: 50054 TELNET服务用户执行su命令





NSFocus NIDS/NIPS product signature update package, depends on engine v5.6.7.67.After upgrade package is imported,engine will automatically restart.


List of added or modified signatures:
Added: 22680 Apache Struts ParametersInterceptor Remote Code Execution
Added: 22684 EMC AlphaStor Device Manager Command Execution
Modified: 50054 su Command Execution in TELNET Service

发布时间:2013-04-03 15:52:05
名称: eoi.unify.rulepatch.5.6.7.304.rule 版本:5.6.7.304
MD5:a9468d7bf247a5582c012b9dd1371312 大小:9.95M
描述:

绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.67,升级包导入后引擎会自动重启。


规则新增或更新列表:
新增: 22676 Ruby on Rails attr_protected 远程安全绕过漏洞(CVE-2013-0276)
新增: 22677 PolarPearCms PHP 文件上传漏洞
新增: 22678 OpenPLI Webif 任意命令执行漏洞
修改: 50035 IMAP服务用户认证成功





NSFocus NIDS/NIPS product signature update package, depends on engine v5.6.7.67.After upgrade package is imported,engine will automatically restart.


List of added or modified signatures:
Added: 22676 Ruby on Rails attr_protected Security Bypass Vulnerability(CVE-2013-0276)
Added: 22677 PolarPearCms PHP File Upload Vulnerability
Added: 22678 OpenPLI Webif Arbitrary Command Execution
Modified: 50035 IMAP Service User Authentication Success

发布时间:2013-03-28 14:51:40
名称: eoi.unify.rulepatch.5.6.7.303.rule 版本:5.6.7.303
MD5:92004cd74821444f0a89e9f3f2e53438 大小:8.95M
描述:

绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.62,升级包导入后引擎会自动重启。


规则新增或更新列表:
新增: 22662 Microsoft Visio Viewer VSD文件格式远程代码执行漏洞(CVE-2013-0079)(MS13-023)
新增: 22663 Microsoft SharePoint 回调函数权限提升漏洞(CVE-2013-0080)(MS13-024)
新增: 22664 Microsoft SharePoint 跨站脚本漏洞(CVE-2013-0083)(MS13-024)
新增: 22665 Microsoft Internet Explorer OnResize 释放后重用远程代码执行漏洞(CVE-2013-0087)(MS13-021)
新增: 22666 Microsoft Internet Explorer saveHistory 释放后重用远程代码执行漏洞(CVE-2013-0088)(MS13-021)
新增: 22667 Microsoft Internet Explorer CMarkupBehavio释放后重用远程代码执行漏洞(CVE-2013-0089)(MS13-021)
新增: 22668 Microsoft Internet Explorer CCaret 释放后重用远程代码执行漏洞(CVE-2013-0090)(MS13-021)
新增: 22669 Microsoft Internet Explorer CElement 释放后重用远程代码执行漏洞(CVE-2013-0091)(MS13-021)
新增: 22670 Microsoft Internet Explorer GetMarkupPtr 释放后重用远程代码执行漏洞(CVE-2013-0092)(MS13-021)
新增: 22671 Microsoft Internet Explorer onBeforeCopy 释放后重用远程代码执行漏洞(CVE-2013-0093)(MS13-021)
新增: 22672 Microsoft Internet Explorer removeChild 释放后重用远程代码执行漏洞(CVE-2013-0094)(MS13-021)
新增: 22674 多个HP LaserJet Pro Printer远程debug telnet shell漏洞(CVE-2012-5215)
新增: 22675 TP-Link 无线路由器后门利用
新增: 30598 Microsoft SharePoint 目录遍历漏洞(CVE-2013-0084)(MS13-024)
新增: 30599 Microsoft OneNote 信息泄露漏洞(CVE-2013-0086) (MS13-025)
修改: 50035 IMAP服务用户认证





NSFocus NIDS/NIPS product signature update package, depends on engine v5.6.7.62.After upgrade package is imported,engine will automatically restart.


List of added or modified signatures:
Added: 22662 Microsoft Visio Viewer VSD File Format Remote Code Execution(CVE-2013-0079)(MS13-023)
Added: 22663 Microsoft SharePoint Callback Function Elevation of Privilege (CVE-2013-0080)(MS13-024)
Added: 22664 Microsoft SharePoint XSS(CVE-2013-0083)(MS13-024)
Added: 22665 Microsoft Internet Explorer OnResize Use After Free Remote Code Execution(CVE-2013-0087)(MS13-021)
Added: 22666 Microsoft Internet Explorer saveHistory Use After Free Remote Code Execution(CVE-2013-0088)(MS13-021)
Added: 22667 Microsoft Internet Explorer CMarkupBehavio Use After Free Remote Code Execution(CVE-2013-0089)(MS13-021)
Added: 22668 Microsoft Internet Explorer CCaret Use After Free Remote Code Execution(CVE-2013-0090)(MS13-021)
Added: 22669 Microsoft Internet Explorer CElement Use After Free(CVE-2013-0091)(MS13-021)
Added: 22670 Microsoft Internet Explorer GetMarkupPtr Use After Free Remote Code Execution(CVE-2013-0092)(MS13-021)
Added: 22671 Microsoft Internet Explorer onBeforeCopy Use After Free Remote Code Execution (CVE-2013-0093)(MS13-021)
Added: 22672 Microsoft Internet Explorer removeChild Use After Free Remote Code Execution(CVE-2013-0094)(MS13-021)
Added: 22674 HP LaserJet Pro Printer Remote debug telnet shell Backdoor(CVE-2012-5215)
Added: 22675 TP-Link Router Backdoor Exploit
Added: 30598 Microsoft SharePoint Directory Traversal(CVE-2013-0084)(MS13-024)
Added: 30599 Microsoft OneNote Information Disclosure(CVE-2013-0086) (MS13-025)
Modified: 50035 IMAP Service User Authentication

发布时间:2013-03-21 15:52:41
名称: eoi.unify.rulepatch.5.6.7.301.rule 版本:5.6.7.301
MD5:789e0879a0effcd600c6501db652ce31 大小:9.87M
描述:

绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.62,升级包导入后引擎会自动重启。

规则新增或更新列表:
新增: 22652 Movable Type Web 升级模块远程代码执行漏洞
新增: 22653 php-Charts 'url.php'任意PHP代码执行漏洞
修改: 22639 Microsoft Internet Explorer SLayoutRun释放后重用远程代码执行漏洞(MS13-009)


NSFocus NIDS/NIPS product signature update package, depends on engine v5.6.7.62.After upgrade package is imported,engine will automatically restart.

List of added or modified signatures:
Added: 22652 Movable Type 4.2x, 4.3x Web Upgrade Remote Code Execution
Added: 22653 PHP-Charts v1.0 PHP Code Execution Vulnerability
Modified: 22639 Microsoft Internet Explorer SLayoutRun Use After Free Remote Code Excuted(MS13-009)

发布时间:2013-03-07 16:13:01
名称: eoi.unify.rulepatch.5.6.7.300.rule 版本:5.6.7.300
MD5:2ed1a6e111b528400a69fb50ef5afcce 大小:9.85M
描述:

绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.62,升级包导入后引擎会自动重启。
规则新增或更新列表:

新增: 22647 EMC NetWorker 'nsrindexd' RPC服务缓冲区溢出漏洞
新增: 22633 Microsoft Internet Explorer SetCapture释放后重用远程代码执行漏洞(MS13-009)
新增: 22634 Microsoft Internet Explorer COmWindowProxy释放后重用远程代码执行漏洞(MS13-009)
新增: 22635 Microsoft Internet Explorer CMarkup释放后重用远程代码执行漏洞(MS13-009)
新增: 22636 Microsoft Internet Explorer vtable释放后重用远程代码执行漏洞(MS13-009)
新增: 22637 Microsoft Internet Explorer LsGetTrailInfo释放后重用远程代码执行漏洞(MS13-009)
新增: 22638 Microsoft Internet Explorer pasteHTML释放后重用远程代码执行漏洞(MS13-009)
新增: 22639 Microsoft Internet Explorer SLayoutRun释放后重用远程代码执行漏洞(MS13-009)
新增: 22640 Microsoft Internet Explorer CPasteComma释放后重用远程代码执行漏洞(MS13-009)
新增: 22641 Microsoft Internet Explorer CObjectElem释放后重用远程代码执行漏洞(MS13-009)
新增: 22642 Microsoft Internet Explorer CHTML 释放后重用远程代码执行漏洞(MS13-009)
新增: 22643 Microsoft Internet Explorer Vector Markup Language 内存破坏漏洞(CVE-2013-0030)(MS13-010)
新增: 22644 Microsoft DirectShow 远程代码执行漏洞(CVE-2013-0077) (MS13-011)
新增: 22645 Microsoft Windows Object Linking and Embedding (OLE) Automation远程代码执行漏洞(MS13-020)



NSFocus NIDS/NIPS product signature update package, depends on engine v5.6.7.62.After upgrade package is imported,engine will automatically restart.
List of added or modified signatures:

Added: 22647 EMC NetWorker 'nsrindexd' RPC Service Buffer Overflow Vulnerability
Added: 22633 Microsoft Internet Explorer SetCapture Use After Free Remote Code Execution(MS13-009)
Added: 22634 Microsoft Internet Explorer COmWindowProxy Use After Free Remote Code Execution(MS13-009)
Added: 22635 Microsoft Internet Explorer CMarkup Use After Free Remote Code Execution(MS13-009)
Added: 22636 Microsoft Internet Explorer vtable Use After Free Remote Code Execution(MS13-009)
Added: 22637 Microsoft Internet Explorer LsGetTrailInfo Use After Free Remote Code Execution(MS13-009)
Added: 22638 Microsoft Internet Explorer pasteHTML Use After Free Remote Code Execution(MS13-009)
Added: 22639 Microsoft Internet Explorer SLayoutRun Use After Free Remote Code Excuted(MS13-009)
Added: 22640 Microsoft Internet Explorer CPasteComma Use After Free Remote Code Execution(MS13-009)
Added: 22641 Microsoft Internet Explorer CObjectElem Use After Free Remote Code Execution(MS13-009)
Added: 22642 Microsoft Internet Explorer CHTML Use After Free Remote Code Execution(MS13-009)
Added: 22643 Microsoft Internet Explorer Vector Markup Language Memory Corruption(CVE-2013-0030)(MS13-010)
Added: 22644 Microsoft DirectShow Remote Code Execution(CVE-2013-0077) (MS13-011)
Added: 22645 Microsoft Windows Object Linking and Embedding (OLE) Automation Remote Code Execution(MS13-020)

发布时间:2013-02-28 16:36:20
名称: eoi.unify.rulepatch.5.6.7.299.rule 版本:5.6.7.299
MD5:c72ebf2dfd933e8e77e86cf3b0a05897 大小:9.96M
描述:


绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.62,升级包导入后引擎会自动重启。

规则新增或更新列表:
新增: 22615 PHPCMS V9版本帐号管理页面POST参数SQL注入漏洞




NSFocus NIDS/NIPS product signature update package, depends on engine v5.6.7.62.After upgrade package is imported,engine will automatically restart.

List of added or modified signatures:
Added: 22615 PHPCMS V9 Account Manage POST Parameter SQL Injection Vulnerability

发布时间:2013-02-21 14:51:41
名称: eoi.unify.rulepatch.5.6.7.298.rule 版本:5.6.7.298
MD5:5675ddc21db3113c30983d5987caec28 大小:9.96M
描述:


绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.62,升级包导入后引擎会自动重启。

规则新增或更新列表:
新增: 10338 Microsoft Windows SSL远程拒绝服务漏洞(MS04-011)




NSFocus NIDS/NIPS product signature update package, depends on engine v5.6.7.62.After upgrade package is imported,engine will automatically restart.

List of added or modified signatures:
Added: 10338 Microsoft Windows SSL Remote DoS Vulnerability

发布时间:2013-02-14 09:56:25
名称: eoi.unify.rulepatch.5.6.7.297.rule 版本:5.6.7.297
MD5:43061f80c84e2ddae78d9e030237e3ce 大小:9.96M
描述:


绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.62,升级包导入后引擎会自动重启。

规则新增或更新列表:
新增: 22630 Icinga history.cgi "show_history()" 缓冲区溢出漏洞




NSFocus NIDS/NIPS product signature update package, depends on engine v5.6.7.62.After upgrade package is imported,engine will automatically restart.

List of added or modified signatures:
Added: 22630 Icinga history.cgi "show_history()" Buffer Overflow Vulnerability

发布时间:2013-02-07 08:45:44
名称: eoi.unify.rulepatch.5.6.7.296.rule 版本:5.6.7.296
MD5:81b6e39dc77df186f890e3b9bbf6a2fe 大小:9.96M
描述:


绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.62,升级包导入后引擎会自动重启。

规则新增或更新列表:
新增: 30590 Web应用漏洞扫描工具WebInspect扫描操作




NSFocus NIDS/NIPS product signature update package, depends on engine v5.6.7.62.After upgrade package is imported,engine will automatically restart.

List of added or modified signatures:
Added: 30590 Web Application Vulnerability Scanner WebInspect Scan Operation

发布时间:2013-02-01 18:32:42
名称: eoi.unify.rulepatch.5.6.7.295.rule 版本:5.6.7.295
MD5:f88a08f7935429c956303124997d3a47 大小:9.90M
描述:


绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.62,升级包导入后引擎会自动重启。

规则新增或更新列表:
新增: 22625 MoinMoin action/twikidraw.py和action/anywikidraw.py任意代码执行漏洞
新增: 30586 BigAnt IM Server SHU请求SQL注入漏洞


NSFocus NIDS/NIPS product signature update package, depends on engine v5.6.7.62.After upgrade package is imported,engine will automatically restart.

List of added or modified signatures:
Added: 22625 MoinMoin action/twikidraw.py action/anywikidraw.py Remote Code Execution Vulnerability
Added: 30586 BigAnt IM Server SHU request SQL injection vulnerability

发布时间:2013-01-25 18:29:55
名称: eoi.unify.rulepatch.5.6.7.294.rule 版本:5.6.7.294
MD5:add96ce1168919b4f1664fe22fe8c2bd 大小:9.79M
描述:

绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.62,升级包导入后引擎会自动重启。

规则新增或更新列表:
新增: 22616 Symantec Messaging Gateway任意文件下载漏洞
新增: 22617 Foswiki MAKETEXT远程命令执行漏洞
新增: 22619 WordPress Asset-Manager PHP 文件上传漏洞
新增: 22620 WordPress WP-Property PHP 文件上传漏洞



NSFocus NIDS/NIPS product signature update package, depends on engine v5.6.7.62.After upgrade package is imported,engine will automatically restart.

List of added or modified signatures:
Added: 22616 Symantec Messaging Gateway 9.5 Log File Download Vulnerability
Added: 22617 Foswiki MAKETEXT Remote Command Execution
Added: 22619 WordPress Asset-Manager PHP File Upload Vulnerability
Added: 22620 WordPress WP-Property PHP File Upload Vulnerability

发布时间:2013-01-17 18:03:45
名称: eoi.unify.rulepatch.5.6.7.293.rule 版本:5.6.7.293
MD5:379db7aca76eb638cb4c31eaea513c7e 大小:9.78M
描述:

绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.62,升级包导入后引擎会自动重启。
规则新增或更新列表:

新增: 22621 Oracle Java 7 JmxMBeanServer类远程代码执行漏洞



NSFocus NIDS/NIPS product signature update package, depends on engine v5.6.7.62.After upgrade package is imported,engine will automatically restart.
List of added or modified signatures:

New: 22621 Oracle Java 7 JmxMBeanServer Remote Code Execution

发布时间:2013-01-12 15:05:12
名称: eoi.unify.rulepatch.5.6.7.292.rule 版本:5.6.7.292
MD5:ca96efc6ed68960521681225886b737c 大小:9.76M
描述:

绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.62,升级包导入后引擎会自动重启。
规则新增或更新列表:

新增: 22618 CVE-2013-0010 System Center Operations Manager Web Console XSS漏洞(MS13-003)
新增: 10337 CVE-2013-0005 Open Data Protocol Replace拒绝服务漏洞(MS13-007)
新增: 20612 TrackerCam PHP参数远程缓冲区溢出攻击
新增: 20613 SGI IRIX lpsched远程命令执行攻击
修改: 50140 PPTV网络电视流媒体播放(TCP)
修改: 50193 PPTV网络电视流媒体播放(UDP)
修改: 50158 Telnet服务IAC选项炸弹攻击

NSFocus NIDS/NIPS product signature update package, depends on engine v5.6.7.62.After upgrade package is imported,engine will automatically restart.
List of added or modified signatures:

New: 22618 CVE-2013-0010 System Center Operations Manager Web Console XSS Vulnerability(MS13-003)
New: 10337 CVE-2013-0005 Open Data Protocol Replace Denial of Service Vulnerability(MS13-007)
New: 20612 TrackerCam PHP Parameter Remote Buffer Overflow
New: 20613 SGI IRIX lpsched Remote Command Execution
Modify: 50140 PPTV Network TV Streaming Media Playing (TCP)
Modify: 50193 PPTV Network TV Streaming Media Playing (UDP)
Modify: 50158 Telnet Service IAC Option Bomb

发布时间:2013-01-10 16:54:50
名称: eoi.unify.rulepatch.5.6.7.291.rule 版本:5.6.7.291
MD5:9cff605f2dff0dca57720f47e8741265 大小:10.19M
描述:

绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.62,升级包导入后引擎会自动重启。
规则新增或更新列表:

新增: 22609 Microsoft IE mshtml!CDwnBindInfo对象释放后重用代码执行漏洞
新增: 22607 PHPCMS V9版poster_click函数SQL注入漏洞


NSFocus NIDS/NIPS product signature update package, depends on engine v5.6.7.62.After upgrade package is imported engine will automatically restart.
List of added or modified signatures:

New: 22609 Microsoft Internet Explorer CDwnBindInfo Object Use-After-Free Vulnerability
New: 22607 PHPCMS V9 poster_click function SQL injection vulnerability

发布时间:2012-12-31 14:10:55
名称: eoi.unify.rulepatch.5.6.7.290.rule 版本:5.6.7.290
MD5:bd175d838f93501d570608c2d7b36214 大小:10.17M
描述:

绿盟科技NIDS/NIPS产品规则升级包,本升级包依赖引擎升级包5.6.7.62,升级包导入后引擎会自动重启。
规则新增或更新列表:

新增: 22602 Nagios XI 网络监控器Graph Explorer组件命令注入漏洞
新增: 22603 Splunk 5.0 用户自定义程序远程执行漏洞
新增: 22606 WordPress 多个CMSMasters主题'upload.php'任意文件上传漏洞

NSFocus NIDS/NIPS product signature update package, depends on engine v5.6.7.62.After upgrade package is imported,engine will automatically restart.
List of added or modified signatures:

New: 22602 Nagios XI Network Monitor Graph Explorer Component Command Injection
New: 22603 Splunk 5.0 Custom App Remote Code Execution
New: 22606 Clockstone and other CMSMasters Theme File Upload Vulnerabilities

发布时间:2012-12-27 17:31:42
名称: eoi.unify.rulepatch.5.6.7.289.rule 版本:5.6.7.289
MD5:96ce19cf17248f6a52555be275f22dca 大小:6.40M
描述:

绿盟NIDS/NIPS规则升级文件,适用于v5.6.7.39及以上版本。规则更新列表如下:

新增: 22599 OracleMySQL/MariaDB acl_get()和check_grant_db_routine()函数缓冲区溢出漏洞
新增: 22600 HP Data Protector DtbClsLogin缓冲区溢出漏洞




NsFocus NIDS/NIPS rules upgrade file,apply to v5.6.7.39 and above.Signature Set Update:

New: 22599 OracleMySQL/MariaDB acl_get() and check_grant_db_routine() function buffer overflow vulnerability
New: 22600 HP Data Protector DtbClsLogin Buffer Overflow

发布时间:2012-12-20 15:44:22
名称: eoi.unify.rulepatch.5.6.7.288.rule 版本:5.6.7.288
MD5:64fdbfbd3641d73981d5802e8f3a00f4 大小:6.46M
描述:

绿盟NIDS/NIPS规则升级文件,适用于v5.6.7.39及以上版本。规则更新列表如下:

新增: 22593 CVE-2012-1537 Microsoft DirectPlay堆溢出漏洞(MS12-082)
新增: 22594 CVE-2012-2539 Microsoft Word RTF 'listoverridecount'远程代码执行漏洞(MS12-079)
新增: 22595 CVE-2012-2556 Microsoft OpenType字体解析漏洞(MS12-078)
新增: 22596 CVE-2012-4774 Microsoft Windows文件名解析漏洞(MS12-081)
新增: 22597 CVE-2012-4786 Microsoft TrueType字体解析漏洞(MS12-078)
新增: 22598 CVE-2012-4787 Microsoft Internet Explorer Improper Ref Counting释放后重用漏洞(MS12-077)




NsFocus NIDS/NIPS rules upgrade file,apply to v5.6.7.39 and above.Signature Set Update:

New: 22593 CVE-2012-1537 Microsoft DirectPlay Heap Overflow Vulnerability(MS12-082)
New: 22594 CVE-2012-2539 Microsoft Word RTF 'listoverridecount' Remote Code Execution Vulnerability(MS12-079)
New: 22595 CVE-2012-2556 Microsoft OpenType Font Parsing Vulnerability(MS12-078)
New: 22596 CVE-2012-4774 Microsoft Windows Filename Parsing Vulnerability(MS12-081)
New: 22597 CVE-2012-4786 Microsoft TrueType Font Parsing Vulnerability(MS12-078)
New: 22598 CVE-2012-4787 Microsoft Internet Explorer Improper Ref Counting Use After Free Vulnerability(MS12-077)

发布时间:2012-12-11 16:17:08
名称: eoi.unify.rulepatch.5.6.7.287.rule 版本:5.6.7.287
MD5:10386772e5ad709ede163ebfb636719a 大小:6.46M
描述:

绿盟NIDS/NIPS规则升级文件,适用于v5.6.7.39及以上版本。规则更新列表如下:

新增: 22588 Samsung打印机固件管理账号后门




NsFocus NIDS/NIPS rules upgrade file,apply to v5.6.7.39 and above.Signature Set Update:

New: 22588 Samsung printer firmware management account backdoor

发布时间:2012-12-06 17:08:59
名称: eoi.unify.rulepatch.5.6.7.286.rule 版本:5.6.7.286
MD5:e1a4c90229b19477955ce6c9885aa094 大小:6.51M
描述:

绿盟NIDS/NIPS规则升级文件,适用于v5.6.7.39及以上版本。规则更新列表如下:

新增: 22532 WordPress plugin Foxypress uploadify.php任意代码执行漏洞
新增: 22529 Bitweaver多个跨站脚本执行和本地文件包含漏洞




NsFocus NIDS/NIPS rules upgrade file,apply to v5.6.7.39 and above.Signature Set Update:

New: 22532 WordPress plugin Foxypress uploadify.php Arbitrary Code Execution Vulnerability
New: 22529 Bitweaver multiple Cross Site Scripting and Local File Inclusion Vulnerability

发布时间:2012-11-29 15:17:30
名称: eoi.unify.rulepatch.5.6.7.285.rule 版本:5.6.7.285
MD5:df7625d99ec85e1c09a497fa41accb50 大小:6.47M
描述:

绿盟NIDS/NIPS规则升级文件,适用于v5.6.7.39及以上版本。规则更新列表如下:

新增: 22504 Oracle Network Authentication组件远程代码执行漏洞
新增: 22506 Invision Power Board le 3.3.4 unserialize() PHP代码执行漏洞




NsFocus NIDS/NIPS rules upgrade file,apply to v5.6.7.39 and above.Signature Set Update:

New: 22504 Oracle Network Authentication Component Remote Code Execution Vulnerability
New: 22506 Invision Power Board le 3.3.4 unserialize () PHP Code Execution Vulnerability

发布时间:2012-11-22 16:50:21
名称: eoi.unify.rulepatch.5.6.7.284.rule 版本:5.6.7.284
MD5:71db4d5acdba11f2331ce3a51c8fefdd 大小:6.46M
描述:

绿盟NIDS/NIPS规则升级文件,适用于v5.6.7.39及以上版本。规则更新列表如下:

新增: 22507 CVE-2012-1538 Microsoft Internet Explorer CFormElement释放后重用漏洞(MS12-071)
新增: 22508 CVE-2012-1539 Microsoft Internet Explorer CTreePos释放后重用漏洞(MS12-071)
新增: 22509 CVE-2012-1885 Microsoft Excel SerAuxErrBar堆溢出漏洞(MS12-076)
新增: 22510 CVE-2012-1886 Microsoft Excel内存破坏漏洞(MS12-076)
新增: 22511 CVE-2012-1887 Microsoft Excel SST Invalid Length释放后重用漏洞(MS12-076)
新增: 22512 CVE-2012-2543 Microsoft Excel栈溢出漏洞(MS12-076)
新增: 22513 CVE-2012-2897 Microsoft Windows字体解析漏洞(MS12-075)
新增: 22514 CVE-2012-4775 Microsoft Internet Explorer CTreeNode释放后重用漏洞(MS12-071)




NsFocus NIDS/NIPS rules upgrade file,apply to v5.6.7.39 and above.Signature Set Update:

New: 22507 CVE-2012-1538 Microsoft Internet Explorer CFormElement Use After Free Vulnerability(MS12-071)
New: 22508 CVE-2012-1539 Microsoft Internet Explorer CTreePos Use After Free Vulnerability(MS12-071)
New: 22509 CVE-2012-1885 Microsoft Excel SerAuxErrBar Heap Overflow Vulnerability(MS12-076)
New: 22510 CVE-2012-1886 Microsoft Excel Memory Corruption Vulnerability(MS12-076)
New: 22511 CVE-2012-1887 Microsoft Excel SST Invalid Length Use After Free Vulnerability(MS12-076)
New: 22512 CVE-2012-2543 Microsoft Excel Stack Overflow Vulnerability(MS12-076)
New: 22513 CVE-2012-2897 Microsoft Windows Font Parsing Vulnerability(MS12-075)
New: 22514 CVE-2012-4775 Microsoft Internet Explorer CTreeNode Use After Free Vulnerability(MS12-071)

发布时间:2012-11-14 15:46:48
名称: eoi.unify.rulepatch.5.6.7.282.rule 版本:5.6.7.282
MD5:7352b19ef0d22b61c1c8d6bcd751fdf2 大小:6.19M
描述:

绿盟NIDS/NIPS规则升级文件,适用于v5.6.7.39及以上版本。规则更新列表如下:

新增: 30582 H3C及Huawei SNMP访问控制信息泄露漏洞




NsFocus NIDS/NIPS rules upgrade file,apply to v5.6.7.39 and above.Signature Set Update:

New: 30582 HP/H3C and Huawei SNMP Weak Access to Critical Data

发布时间:2012-11-08 17:30:13
名称: eoi.unify.rulepatch.5.6.7.281.rule 版本:5.6.7.281
MD5:a035644a30a2cda6dfb7a3ec51d4819b 大小:6.11M
描述:

绿盟NIDS/NIPS规则升级文件,适用于v5.6.7.39及以上版本。规则更新列表如下:

新增: 22487 Oracle Database身份验证协议离线口令破解漏洞
修改: 30580 Shopex Cookie选项SQL注入漏洞




NsFocus NIDS/NIPS rules upgrade file,apply to v5.6.7.39 and above. .Signature Set Update:

New: 22487 Oracle Database Authentication ProtocolSecurity Bypass Vulnerability
Modify: 30580 Shopex Cookie Option SQL Injection Vulnerability

发布时间:2012-11-01 17:05:11
名称: eoi.unify.rulepatch.5.6.7.280.rule 版本:5.6.7.280
MD5:f66ee0c7be85696c9b46697a5bdccf14 大小:6.11M
描述:

绿盟NIDS/NIPS规则升级文件,适用于v5.6.7.39及以上版本。规则更新列表如下:

修改: 30580 Shopex Cookie选项SQL注入漏洞




NsFocus NIDS/NIPS rules upgrade file,apply to v5.6.7.39 and above.Signature Set Update:

Modify: 30580 Shopex Cookie Option SQL Injection Vulnerability

发布时间:2012-10-26 19:35:30
名称: eoi.unify.rulepatch.5.6.7.279.rule 版本:5.6.7.279
MD5:b185923fef443d8e3af20bc2fe124223 大小:6.06M
描述:

绿盟NIDS/NIPS规则升级文件,适用于v5.6.7.39及以上版本。导入规则升级包之前需要导入5.6.7.39的引擎升级包,规则更新列表如下:

增加英文版本帮助文档



NsFocus NIDS/NIPS rules upgrade file,apply to v5.6.7.39 and above.5.6.7.39 engine upgrade package needs to be imported before importing rules upgrade package,Signature Set Update:

increase the help document of English version

发布时间:2012-10-26 10:16:14
名称: eoi.unify.rulepatch.5.6.7.278.rule 版本:5.6.7.278
MD5:7388036129cf108d7e5216d785a46057 大小:5.88M
描述:

绿盟NIDS/NIPS规则升级文件,适用于v5.6.7.39及以上版本。导入规则升级包之前需要导入5.6.7.39的引擎升级包,规则更新列表如下:

新增: 22482 InduSoft Web Studio 任意上传远程代码执行漏洞
新增: 22483 Avaya WinPMD UniteHostRouter 缓冲区溢出漏洞
新增: 22485 QNX QCONN 远程命令执行漏洞




NsFocus NIDS/NIPS rules upgrade file,apply to v5.6.7.39 and above.5.6.7.39 engine upgrade package needs to be imported before importing rules upgrade package,Signature Set Update:

New: 22482 InduSoft Web Studio Arbitrary Upload Remote Code Execution
New: 22483 Avaya WinPMD UniteHostRouter Buffer Overflow
New: 22485 QNX QCONN Remote Command Execution Vulnerability

发布时间:2012-10-25 15:07:29
名称: eoi.unify.rulepatch.5.6.7.277.rule 版本:5.6.7.277
MD5:a09f9f8356fc54ee7bb715bd291c3199 大小:5.72M
描述:

绿盟NIDS/NIPS规则升级文件,适用于v5.6.7.39及以上版本。导入规则升级包之前需要导入5.6.7.39的引擎升级包,规则更新列表如下:

新增: 30579 Indusoft WebStudio NTWebServer 远程文件存取
新增: 22480 Auxilium RateMyPet 任意文件上传漏洞
新增: 22477 CVE-2012-2552 Microsoft SQL Server Report Manager CVE-2012-2552 跨站脚本攻击漏洞(MS12-070)
新增: 22481 Firefox 7/8 (8.0.1) nsSVGValue Out-of-Bounds 存取漏洞




NsFocus NIDS/NIPS rules upgrade file,apply to v5.6.7.39 and above.5.6.7.39 engine upgrade package needs to be imported before importing rules upgrade package,Signature Set Update:

New: 30579 Indusoft WebStudio NTWebServer Remote File Access
New: 22480 Auxilium RateMyPet Arbitrary File Upload Vulnerability
New: 22477 CVE-2012-2552 Microsoft SQL Server Report Manager CVE-2012-2552 Cross Site Scripting Vulnerability(MS12-070)
New: 22481 Firefox 7/8 (8.0.1) nsSVGValue Out-of-Bounds Access Vulnerability

发布时间:2012-10-18 16:10:40
名称: eoi.unify.rulepatch.5.6.7.276.rule 版本:5.6.7.276
MD5:6623cee1805acac054fad8c81d687efc 大小:5.72M
描述:

绿盟NIDS/NIPS规则升级文件,适用于v5.6.7.39及以上版本。导入规则升级包之前需要导入5.6.7.39的引擎升级包,规则更新列表如下:

新增: 22470 phpMyAdmin server_sync.php 远程后门漏洞
新增: 22471 qdPM v7 任意PHP文件上传漏洞
新增: 22472 Oracle Business Transaction Management FlashTunnelService 远程代码执行漏洞
新增: 22473 Adobe RoboHelp Server 8 任意文件上传执行
新增: 22474 Avid Media Composer 5.5 - Avid Phonetic Indexer 缓冲区溢出漏洞
新增: 22475 Energizer DUO Trojan 代码执行
新增: 22476 FileWrangler 5.30 缓冲区溢出漏洞




NsFocus NIDS/NIPS rules upgrade file,apply to v5.6.7.39 and above.5.6.7.39 engine upgrade package needs to be imported before importing rules upgrade package,Signature Set Update:

New: 22470 phpMyAdmin server_sync.php remote backdoor vulnerability
New: 22471 qdPM v7 Arbitrary PHP File Upload Vulnerability
New: 22472 Oracle Business Transaction Management FlashTunnelService Remote Code Execution
New: 22473 Adobe RoboHelp Server 8 Arbitrary File Upload and Execute
New: 22474 Avid Media Composer 5.5 - Avid Phonetic Indexer Buffer Overflow
New: 22475 Energizer DUO Trojan Code Execution
New: 22476 FileWrangler 5.30 Stack Buffer Overflow

发布时间:2012-10-11 12:22:15
名称: eoi.unify.rulepatch.5.6.7.275.rule 版本:5.6.7.275
MD5:2ed5cb3690c8fd0fbebc8bb52a82c14a 大小:5.72M
描述:

绿盟NIDS/NIPS规则升级文件,适用于v5.6.7.39及以上版本。导入规则升级包之前需要导入5.6.7.39的引擎升级包,规则更新列表如下:

新增: 22466 Microsoft IE OnMove释放后重用远程代码执行漏洞
新增: 22467 Microsoft IE事件监听器释放后重用远程代码执行漏洞
新增: 22468 Microsoft IE布局释放后重用远程代码执行漏洞
新增: 22469 Microsoft IE cloneNode释放后重用远程代码执行漏洞




NsFocus NIDS/NIPS rules upgrade file,apply to v5.6.7.39 and above.5.6.7.39 engine upgrade package needs to be imported before importing rules upgrade package,Signature Set Update:

New: 22466 Microsoft Internet Explorer 8 and 9 OnMove Use After Free Remote Code Execution Vulnerability
New: 22467 Microsoft Internet Explorer 8 and 9 Event Listener Use After Free Remote Code Execution Vulnerability
New: 22468 Microsoft Internet Explorer 8 and 9 Layout Use After Free Remote Code Execution Vulnerability
New: 22469 Microsoft Internet Explorer 8 and 9 cloneNode Use After Free Remote Code Execution Vulnerability

发布时间:2012-10-04 08:41:20
名称: eoi.unify.rulepatch.5.6.7.274.rule 版本:5.6.7.274
MD5:dece6ba82475c89fd3af7e056aad6dc8 大小:5.72M
描述:

绿盟NIDS/NIPS规则升级文件,适用于v5.6.7.39及以上版本。导入规则升级包之前需要导入5.6.7.39的引擎升级包,规则更新列表如下:

新增: 22470 phpMyAdmin server_sync.php 远程后门漏洞




NsFocus NIDS/NIPS rules upgrade file,apply to v5.6.7.39 and above.5.6.7.39 engine upgrade package needs to be imported before importing rules upgrade package,Signature Set Update:

New: 22470 phpMyAdmin server_sync.php remote backdoor vulnerability

发布时间:2012-09-26 18:55:08
名称: eoi.unify.rulepatch.5.6.7.271.rule 版本:5.6.7.271
MD5:38094100e8e5503ce7eb3bef3e76d5c4 大小:5.71M
描述:

绿盟NIDS/NIPS规则升级文件,适用于v5.6.7.39及以上版本。导入规则升级包之前需要导入5.6.7.39的引擎升级包,规则更新列表如下:

新增: 22463 Microsoft IE 6/7/8/9 execCommand函数远程代码执行漏洞




NsFocus NIDS/NIPS rules upgrade file,apply to v5.6.7.39 and above.5.6.7.39 engine upgrade package needs to be imported before importing rules upgrade package,Signature Set Update:

New: 22463 Microsoft IE 6/7/8/9 execCommand function Remote Execution

发布时间:2012-09-18 17:57:06
名称: eoi.unify.rulepatch.5.6.7.269.rule 版本:5.6.7.269
MD5:390dc24add970a52633b4ba362bc0683 大小:5.36M
描述:

绿盟NIDS/NIPS规则升级文件,适用于v5.6.7.39及以上版本。导入规则升级包之前需要导入5.6.7.39的引擎升级包,规则更新列表如下:

新增: 22452 CVE-2012-2536 Microsoft System Center Configuration Manager反射型跨站脚本漏洞(MS12-062)
新增: 22453 CVE-2012-1892 Microsoft Visual Studio Team Foundation Server跨站脚本漏洞(MS12-061)




NsFocus NIDS/NIPS rules upgrade file,apply to v5.6.7.39 and above.5.6.7.39 engine upgrade package needs to be imported before importing rules upgrade package,Signature Set Update:

New: 22452 CVE-2012-2536 Microsoft System Center Configuration Manager Reflected XSS Vulnerability(MS12-062)
New: 22453 CVE-2012-1892 Microsoft Visual Studio Team Foundation Server XSS Vulnerability(MS12-061)

发布时间:2012-09-12 14:58:49
名称: eoi.unify.rulepatch.5.6.7.267.rule 版本:5.6.7.267
MD5:ab80a71051a2cd6586b12c2a05cbd16b 大小:5.36M
描述:

绿盟NIDS/NIPS规则升级文件,适用于v5.6.7.39及以上版本。导入规则升级包之前需要导入5.6.7.39的引擎升级包,规则更新列表如下:

新增: 50460 远程控制工具TeamViewer连接
新增: 22401 MODBUS TCP-强制监听模式
新增: 22402 MODBUS TCP-功能代码扫描
新增: 22403 MODBUS TCP-点列表扫描
新增: 22404 MODBUS TCP-应答异常代码延迟
新增: 22405 HTTP蠕虫熊猫烧香下载恶意代码




NsFocus NIDS/NIPS rules upgrade file,apply to v5.6.7.39 and above.Import rules upgrade package need to import 5.6.7.39 engine upgrade package,Signature Set Update:

New: 50460 Remote Control Tool TeamViewer Connection
New: 22401 Modbus TCP Force Listen Only Mode
New: 22402 Modbus TCP Function Code Scan
New: 22403 Modbus TCP Points List Scan
New: 22404 Modbus TCP Acknowledge Exception Code Delay
New: 22405 HTTP Worm Panda Burn Incense download malicious code

发布时间:2012-09-06 17:44:53
名称: eoi.unify.rulepatch.5.6.7.266.rule 版本:5.6.7.266
MD5:ea1bdca5ea4940078b59c73d62ca488a 大小:5.36M
描述:

绿盟NIDS/NIPS规则升级文件,适用于v5.6.7.39及以上版本。导入规则升级包之前需要导入5.6.7.39的引擎升级包,规则更新列表如下:

新增: 22431 Java 7 Applet远程代码执行漏洞
新增: 22432 Apache Struts2 Skill名称远程代码执行漏洞
新增: 50459 DNS隧道攻击工具NSTX连接



NsFocus NIDS/NIPS rules upgrade file,apply to v5.6.7.39 and above.5.6.7.39 engine upgrade package needs to be imported before importing rules upgrade package,Signature Set Update:

New: 22431 Java 7 Applet Remote Code Execution Vulnerability
New: 22432 Apache Struts2 Skill Name Remote Code Execution Vulnerability
New: 50459 DNS tunnel attack tool NSTX connect

发布时间:2012-08-28 18:30:40
名称: eoi.unify.rulepatch.5.6.7.265.rule 版本:5.6.7.265
MD5:81fa54fcd576f205be93b33301c251e6 大小:5.34M
描述:

新增: 22416 Symantec Web Gateway 5.0.2.18 pbcontrol.php代码注入漏洞
新增: 22417 Zenoss 3 showDaemonXMLConfig代码执行漏洞
新增: 22418 CuteFlow v2.11.2任意文件上传漏洞
新增: 22419 WebPageTest任意PHP文件上传漏洞
新增: 22420 EGallery PHP文件上传漏洞
新增: 22421 Cisco Linksys PlayerPT ActiveX控件缓冲区溢出漏洞
新增: 22422 Cisco Linksys PlayerPT ActiveX Control SetSource sURL参数缓冲区溢出漏洞
新增: 22423 Dell SonicWALL (Plixer) Scrutinizer 9 SQL注入漏洞
新增: 22424 Simple Web Server Connection Header缓冲区溢出漏洞
新增: 22425 Microsoft Office SharePoint Server 2007远程代码执行漏洞
新增: 22426 Novell ZENworks Configuration Management Preboot Service 0x21缓冲区溢出漏洞
新增: 22427 Novell ZENworks Configuration Management Preboot Service 0x4c缓冲区溢出漏洞
新增: 22428 Novell ZENworks Configuration Management Preboot Service 0x06缓冲区溢出漏洞
新增: 22429 Novell ZENworks Configuration Management Preboot Service 0x6c缓冲区溢出漏洞
新增: 22353 Citect SCADA ODBC服务器远程栈溢出漏洞
新增: 22354 RealWin SCADA服务器远程栈溢出漏洞
新增: 22355 Winlog Pro畸形报文栈缓冲区溢出漏洞
新增: 22356 WonderWare SuiteLink slssvc.exe远程拒绝服务漏洞
新增: 22357 ClearSCADA堆溢出漏洞
新增: 22358 Invensys Wonderware InBatch lm_tcp服务缓冲区溢出漏洞
新增: 22359 Ecava IntegraXor目录遍历漏洞
新增: 22360 RealWin特制报文处理多个栈溢出漏洞
新增: 22361 Intellicom HMS HICP协议Hostname字段缓冲区溢出漏洞
新增: 22362 WellinTech KingView HistorySvr.exe堆缓冲区溢出漏洞
新增: 22363 NetBiter webSCADA目录遍历漏洞
新增: 22364 VxWorks信息泄露漏洞
新增: 22365 Automated Solutions Modbus/TCP Master OPC Server堆缓冲区溢出漏洞
新增: 22366 IGSS SCADA系统目录遍历和下载漏洞
新增: 22367 IGSS SCADA系统目录遍历上传和覆盖漏洞
新增: 22368 IGSS SCADA ListAll Function缓冲区溢出漏洞
新增: 22369 IGSS SCADA Write File Function缓冲区溢出漏洞
新增: 22370 IGSS SCADA ReadFile Function缓冲区溢出漏洞
新增: 22371 IGSS SCADA Delete Function缓冲区溢出漏洞
新增: 22372 IGSS SCADA RenameFile Function缓冲区溢出漏洞
新增: 22374 IGSS SCADA FileInfo Function缓冲区溢出漏洞
新增: 22375 IGSS SCADA RMS Report Add Command缓冲区溢出漏洞
新增: 22376 IGSS SCADA RMS Report Template ReadFile Command缓冲区溢出漏洞
新增: 22377 IGSS SCADA RMS Report Template WriteFile Command缓冲区溢出漏洞
新增: 22378 IGSS SCADA RMS Report Template Rename Command缓冲区溢出漏洞
新增: 22379 IGSS SCADA RMS Report Template Delete Command缓冲区溢出漏洞
新增: 22380 IGSS SCADA STDREP Request缓冲区溢出漏洞
新增: 22382 RealFlex RealWin SCADA SCPC_TXTEVENT strcpy()缓冲区溢出漏洞
新增: 22381 IGSS SCADA dc.exe Server目录遍历任意文件执行漏洞
新增: 22384 RealFlex RealWin SCADA On_FC_CTAGLIST_FCS_CADDTAG缓冲区溢出漏洞
新增: 22385 RealFlex RealWin SCADA On_FC_CTAGLIST_FCS_CDELTAG缓冲区溢出漏洞
新增: 22386 RealFlex RealWin SCADA On_FC_CTAGLIST_FCS_ADDTAGMS缓冲区溢出漏洞
新增: 22387 RealFlex RealWin SCADA On_FC_RFUSER_FCS_LOGIN缓冲区溢出漏洞
新增: 22388 RealFlex RealWin SCADA On_FC_BINFILE_FCS_*FILE缓冲区溢出漏洞
新增: 22389 RealFlex RealWin SCADA On_FC_MISC_FCS_MSGBROADCAST缓冲区溢出漏洞
新增: 22390 RealFlex RealWin SCADA On_FC_MISC_FCS_MSGSEND缓冲区溢出漏洞
新增: 22392 RealFlex RealWin SCADA On_FC_CGETTAG_FCS_GETCHANNELTELEMETRY缓冲区溢出漏洞
新增: 22391 RealFlex RealWin SCADA On_FC_CGETTAG_FCS_GETTELEMETRY缓冲区溢出漏洞
新增: 22393 RealFlex RealWin SCADA On_FC_CGETTAG_FCS_SETTELEMETRY缓冲区溢出漏洞
新增: 22394 RealFlex RealWin SCADA On_FC_CGETTAG_FCS_SETCHANNELTELEMETRY缓冲区溢出漏洞
新增: 22395 RealFlex RealWin SCADA On_FC_SCRIPT_FCS_STARTPROG缓冲区溢出漏洞
新增: 22396 Iconics Genesis SCADA释放未初始化的内存触发选项漏洞
新增: 22397 Iconics Genesis SCADA整数溢出漏洞
新增: 22398 Siemens Tecnomatix FactoryLink CSService CSMSG filter缓冲区溢出漏洞
新增: 22399 Siemens Tecnomatix FactoryLink CSService GetFile path缓冲区溢出漏洞
新增: 22400 Siemens Tecnomatix FactoryLink CSService GetFileInfo path缓冲区溢出漏洞
新增: 22383 RealFlex RealWin SCADA On_FC_CONNECT_FCS_LOGIN缓冲区溢出漏洞

New: 22416 Symantec Web Gateway 5.0.2.18 pbcontrol.php Command Injection Vulnerability
New: 22417 Zenoss 3 showDaemonXMLConfig Command Execution Vulnerability
New: 22418 CuteFlow v2.11.2 Arbitrary File Upload Vulnerability
New: 22419 WebPageTest Arbitrary PHP File Upload Vulnerability
New: 22420 EGallery PHP File Upload Vulnerability
New: 22421 Cisco Linksys PlayerPT ActiveX Control Buffer Overflow Vulnerability
New: 22422 Cisco Linksys PlayerPT ActiveX Control SetSource sURL argument Buffer Overflow Vulnerability
New: 22423 Dell SonicWALL (Plixer) Scrutinizer 9 SQL Injection Vulnerability
New: 22424 Simple Web Server Connection Header Buffer Overflow Vulnerability
New: 22425 Microsoft Office SharePoint Server 2007 Remote Code Execution Vulnerability
New: 22426 Novell ZENworks Configuration Management Preboot Service 0x21 Buffer Overflow Vulnerability
New: 22427 Novell ZENworks Configuration Management Preboot Service 0x4c Buffer Overflow Vulnerability
New: 22428 Novell ZENworks Configuration Management Preboot Service 0x06 Buffer Overflow Vulnerability
New: 22429 Novell ZENworks Configuration Management Preboot Service 0x6c Buffer Overflow Vulnerability
New: 22353 Citect SCADA ODBC Server Remote Stack Overflow Vulnerability Vulnerability
New: 22354 RealWin SCADA Server Remote Stack Overflow Vulnerability Vulnerability
New: 22355 Winlog Pro Malformed Packets Stack Buffer Overflow Vulnerability Vulnerability
New: 22356 WonderWare SuiteLink slssvc.exe Remote Denial of Service Vulnerability Vulnerability
New: 22357 ClearSCADA Heap Overflow Vulnerability Vulnerability
New: 22358 Invensys Wonderware InBatch lm_tcp Service Buffer Overflow Vulnerability Vulnerability
New: 22359 Ecava IntegraXor Directory Traversal Vulnerability Vulnerability
New: 22360 RealWin Specially Crafted Packet Processing Stack Overflow Vulnerability Vulnerability
New: 22361 Intellicom HMS HICP Agreement Hostname Field Buffer Overflow Vulnerability Vulnerability
New: 22362 WellinTech KingView HistorySvr.exe Heap Buffer Overflow Vulnerability Vulnerability
New: 22363 NetBiter webSCADA Directory Traversal Vulnerability Vulnerability
New: 22364 VxWorks Information Disclosure Vulnerability Vulnerability
New: 22365 Automated Solutions Modbus/TCP Master OPC Server Heap Buffer Overflow Vulnerability Vulnerability
New: 22366 IGSS SCADA System Directory Traversal and Download Vulnerability Vulnerability
New: 22367 IGSS SCADA System Directory Traversal Upload and Overwrite Vulnerability Vulnerability
New: 22368 IGSS SCADA ListAll Function Buffer Overflow Vulnerability Vulnerability
New: 22369 IGSS SCADA Write File Function Buffer Overflow Vulnerability Vulnerability
New: 22370 IGSS SCADA ReadFile Function Buffer Overflow Vulnerability Vulnerability
New: 22371 IGSS SCADA Delete Function Buffer Overflow Vulnerability Vulnerability
New: 22372 IGSS SCADA RenameFile Function Buffer Overflow Vulnerability Vulnerability
New: 22374 IGSS SCADA FileInfo Function Buffer Overflow Vulnerability Vulnerability
New: 22375 IGSS SCADA RMS Report Add Command Buffer Overflow Vulnerability Vulnerability
New: 22376 IGSS SCADA RMS Report Template ReadFile Command Buffer Overflow Vulnerability Vulnerability
New: 22377 IGSS SCADA RMS Report Template WriteFile Command Buffer Overflow Vulnerability Vulnerability
New: 22378 IGSS SCADA RMS Report Template Rename Command Buffer Overflow Vulnerability Vulnerability
New: 22379 IGSS SCADA RMS Report Template Delete Command Buffer Overflow Vulnerability Vulnerability
New: 22380 IGSS SCADA STDREP Request Buffer Overflow Vulnerability Vulnerability
New: 22382 RealFlex RealWin SCADA SCPC_TXTEVENT strcpy() Buffer Overflow Vulnerability Vulnerability
New: 22381 IGSS SCADA dc.exe Server Directory Traversal Arbitrary File Execution Vulnerability Vulnerability
New: 22384 RealFlex RealWin SCADA On_FC_CTAGLIST_FCS_CADDTAG Buffer Overflow Vulnerability Vulnerability
New: 22385 RealFlex RealWin SCADA On_FC_CTAGLIST_FCS_CDELTAG Buffer Overflow Vulnerability Vulnerability
New: 22386 RealFlex RealWin SCADA On_FC_CTAGLIST_FCS_ADDTAGMS Buffer Overflow Vulnerability Vulnerability
New: 22387 RealFlex RealWin SCADA On_FC_RFUSER_FCS_LOGIN Buffer Overflow Vulnerability Vulnerability
New: 22388 RealFlex RealWin SCADA On_FC_BINFILE_FCS_*FILE Buffer Overflow Vulnerability Vulnerability
New: 22389 RealFlex RealWin SCADA On_FC_MISC_FCS_MSGBROADCAST Buffer Overflow Vulnerability Vulnerability
New: 22390 RealFlex RealWin SCADA On_FC_MISC_FCS_MSGSEND Buffer Overflow Vulnerability Vulnerability
New: 22392 RealFlex RealWin SCADA On_FC_CGETTAG_FCS_GETCHANNELTELEMETRY Buffer Overflow Vulnerability Vulnerability
New: 22391 RealFlex RealWin SCADA On_FC_CGETTAG_FCS_GETTELEMETRY Buffer Overflow Vulnerability Vulnerability
New: 22393 RealFlex RealWin SCADA On_FC_CGETTAG_FCS_SETTELEMETRY Buffer Overflow Vulnerability Vulnerability
New: 22394 RealFlex RealWin SCADA On_FC_CGETTAG_FCS_SETCHANNELTELEMETRY Buffer Overflow Vulnerability Vulnerability
New: 22395 RealFlex RealWin SCADA On_FC_SCRIPT_FCS_STARTPROG Buffer Overflow Vulnerability Vulnerability
New: 22396 Iconics Genesis SCADA Freeing of Unitialized Memory Trigger Option Vulnerability Vulnerability
New: 22397 Iconics Genesis SCADA Integer Overflow Vulnerability Vulnerability
New: 22398 Siemens Tecnomatix FactoryLink CSService CSMSG filter Buffer Overflow Vulnerability Vulnerability
New: 22399 Siemens Tecnomatix FactoryLink CSService GetFile path Buffer Overflow Vulnerability Vulnerability
New: 22400 Siemens Tecnomatix FactoryLink CSService GetFileInfo path Buffer Overflow Vulnerability Vulnerability
New: 22383 RealFlex RealWin SCADA On_FC_CONNECT_FCS_LOGIN Buffer Overflow Vulnerability Vulnerability

发布时间:2012-08-23 18:38:58
名称: eoi.unify.rulepatch.5.6.7.264.rule 版本:5.6.7.264
MD5:93539012e6daebd5f8a0b8eb696b2243 大小:5.33M
描述:

新增: 22343 CVE-2012-1526 Microsoft Internet Explorer Layout内存破坏漏洞(MS12-052)
新增: 22344 CVE-2012-1850 Windows Networking Components远程管理协议拒绝服务漏洞(MS12-054)
新增: 22345 CVE-2012-1851 Windows Networking Components Print Spooler服务格式化串漏洞(MS12-054)
新增: 22346 CVE-2012-1852 Windows Networking Components远程管理协议堆溢出漏洞(MS12-054)
新增: 22347 CVE-2012-1853 Windows Networking Components远程管理协议栈溢出漏洞(MS12-054)
新增: 22348 CVE-2012-2521 Microsoft Internet Explorer Asynchronous NULL Object Access远程代码执行漏洞(MS12-052)
新增: 22349 CVE-2012-2522 Microsoft Internet Explorer Virtual Function Table Corruption远程代码执行漏洞(MS12-052)
新增: 22350 CVE-2012-2523 Microsoft Internet Explorer JavaScript 整数溢出远程代码执行漏洞(MS12-052)
新增: 22351 CVE-2012-2526 Microsoft远程桌面协议漏洞(MS12-053)
新增: 22352 CVE-2012-1889 MSXML未初始化内存破坏漏洞(MS12-043)
新增: 30577 pcAnywhere登录扫描
新增: 22329 S40 0.4.2 CMS目录遍历漏洞
新增: 22330 Log1 CMS writeInfo() PHP代码注入漏洞
新增: 22331 PHP Volunteer Management System v1.0.2任意文件上传漏洞
新增: 22332 Apache Struts远程命令执行漏洞
新增: 22333 GIMP script-fu Server缓冲区溢出漏洞
新增: 22334 Symantec Web Gateway 5.0.2.8 relfile文件包含漏洞
新增: 22335 WeBid converter.php远程PHP代码注入漏洞
新增: 22336 appRain CMF Arbitrary PHP文件上传漏洞
新增: 22337 Lattice Semiconductor ispVM System XCF文件处理泄露漏洞
新增: 22338 MPlayer SAMI Subtitle文件缓冲区溢出漏洞
新增: 22339 OpenOffice OLE Importer DocumentSummaryInformation Stream处理溢出漏洞
新增: 22340 QuickShare File Server 1.2.1目录遍历漏洞
新增: 22341 RabidHamster R4 Log Entry sprintf()缓冲区溢出漏洞




New: 22343 CVE-2012-1526 Microsoft Internet Explorer Layout Memory Corruption Vulnerability(MS12-052)
New: 22344 CVE-2012-1850 Windows Networking Components Remote Administration Protocol Denial of Service Vulnerability(MS12-054)
New: 22345 CVE-2012-1851 Windows Networking Components Print Spooler Service Format String Vulnerability(MS12-054)
New: 22346 CVE-2012-1852 Windows Networking Components Remote Administration Protocol Heap Overflow Vulnerability(MS12-054)
New: 22347 CVE-2012-1853 Windows Networking Components Remote Administration Protocol Stack Overflow Vulnerability(MS12-054)
New: 22348 CVE-2012-2521 Microsoft Internet Explorer Asynchronous NULL Object Access Remote Code Execution Vulnerability(MS12-052)
New: 22349 CVE-2012-2522 Microsoft Internet Explorer Virtual Function Table Corruption Remote Code Execution Vulnerability(MS12-052)
New: 22350 CVE-2012-2523 Microsoft Internet Explorer JavaScript Integer Overflow Remote Code Execution Vulnerability(MS12-052)
New: 22351 CVE-2012-2526 Microsoft Remote Desktop Protocol Vulnerability(MS12-053)
New: 22352 CVE-2012-1889 MSXML Uninitialized Memory Corruption Vulnerability(MS12-043)
New: 30577 pcAnywhere Login Scanner
New: 22329 S40 0.4.2 CMS Directory Traversal Vulnerability
New: 22330 Log1 CMS writeInfo() PHP Code Injection Vulnerability
New: 22331 PHP Volunteer Management System v1.0.2 Arbitrary File Upload Vulnerability
New: 22332 Apache Struts Remote Command Execution Vulnerability
New: 22333 GIMP script-fu Server Buffer Overflow Vulnerability
New: 22334 Symantec Web Gateway 5.0.2.8 relfile File Inclusion Vulnerability
New: 22335 WeBid converter.php Remote PHP Code Injection Vulnerability
New: 22336 appRain CMF Arbitrary PHP File Upload Vulnerability
New: 22337 Lattice Semiconductor ispVM System XCF File Handling Overflow Vulnerability
New: 22338 MPlayer SAMI Subtitle File Buffer Overflow Vulnerability
New: 22339 OpenOffice OLE Importer DocumentSummaryInformation Stream Handling Overflow Vulnerability
New: 22340 QuickShare File Server 1.2.1 Directory Traversal Vulnerability
New: 22341 RabidHamster R4 Log Entry sprintf() Buffer Overflow Vulnerability

发布时间:2012-08-17 19:54:48
按访问者
政府
运营商
金融
能源
合作伙伴
新闻媒体
求职者
关于我们
公司概况
工作机会
大事记
部分客户
公司荣誉
诚聘英才
常用链接
产品综述
检测防御类产品
安全评估类产品
安全监管类产品
技术解决方案
业务解决方案
各项资质
相关网站
售后服务
软件升级
绿盟客户自助门户系统