New Filters:
44688: HTTP: QQ Application Download
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Security Policy
- Severity: Low
- Description: This filter detects QQ application download.
- Deployment: Not enabled by default in any deployment.
- Classification: Security Policy - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: August 27, 2024
44690: TLS: QQ Server Access
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Security Policy
- Severity: Low
- Description: This filter detects QQ server access.
- Deployment: Not enabled by default in any deployment.
- Classification: Security Policy - Other
- Protocol: SSL/TLS
- Platform: Multi-Platform Server Application or Service
- Release Date: August 27, 2024
44691: HTTP: VMate Application Download
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Security Policy
- Severity: Low
- Description: This filter detects VMate application download.
- Deployment: Not enabled by default in any deployment.
- Classification: Security Policy - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: August 27, 2024
44701: ZDI-CAN-24634: Zero Day Initiative Vulnerability (Progress Software WhatsUp Gold)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Progress Software WhatsUp Gold.
- Deployments:
- Deployment: Default (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: August 27, 2024
44702: ZDI-CAN-24638,24644,24647: Zero Day Initiative Vulnerability (Progress Software WhatsUp Gold)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Progress Software WhatsUp Gold.
- Deployments:
- Deployment: Default (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: August 27, 2024
44704: HTTP: Oracle WebLogic Server Directory Traversal Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a directory traversal vulnerability in Oracle WebLogic Server.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2022-21306 CVSS 9.8
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: August 27, 2024
44705: ZDI-CAN-24585: Zero Day Initiative Vulnerability (Trend Micro Deep Discovery Inspector)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against exploitation of a zero-day vulnerability affecting Trend Micro Deep Discovery Inspector.
- Deployments:
- Deployment: Default (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: August 27, 2024
44706: ZDI-CAN-24584: Zero Day Initiative Vulnerability (Trend Micro Deep Discovery Inspector)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against exploitation of a zero-day vulnerability affecting Trend Micro Deep Discovery Inspector.
- Deployments:
- Deployment: Default (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: August 27, 2024
Modified Filters (logic changes):
* = Enabled in Default deployments
* 36960: HTTP: rConfig ajaxArchiveFiles.php Command Injection Vulnerability
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Detection logic updated.
- Release Date: January 28, 2020
- Last Modified Date: August 27, 2024
39315: HTTP: Microsoft Excel XLS File Parsing Use-After-Free Vulnerability (ZDI-21-669)
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "39315: ZDI-CAN-13281: Zero Day Initiative Vulnerability (Microsoft Excel)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: March 30, 2021
- Last Modified Date: August 27, 2024
39406: HTTP: Microsoft SharePoint WorkflowCompilerInternal Code Execution Vulnerability (ZDI-21-755)
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "39406: ZDI-CAN-13349: Zero Day Initiative Vulnerability (Microsoft SharePoint)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: April 06, 2021
- Last Modified Date: August 27, 2024
Modified Filters (metadata changes only):
* = Enabled in Default deployments
13855: TCP: XML External Entity (XXE) Usage
- IPS Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Vulnerability references updated.
- Release Date: April 28, 2014
- Last Modified Date: August 27, 2024
* 35638: HTTP: Webmin Command Execution Vulnerability
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Release Date: July 09, 2019
- Last Modified Date: August 27, 2024
38826: HTTP: SAP Solution Manager uploadResource SOAP Request (ATT&CK T1105, T1570)
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Vulnerability references updated.
- Release Date: February 02, 2021
- Last Modified Date: August 27, 2024
38936: HTTP: Microsoft Paint 3D GLB File Parsing Out-Of-Bounds Read Vulnerability (ZDI-21-667)
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "38936: ZDI-CAN-12873: Zero Day Initiative Vulnerability (Microsoft Windows Paint 3D)".
- Description updated.
- Vulnerability references updated.
- Deployments updated and are now:
- Deployment: Security-Optimized (Block / Notify)
- Release Date: February 23, 2021
- Last Modified Date: August 27, 2024
44078: HTTP: Samsung MagicInfo Server Directory Traversal Vulnerability (ZDI-24-1128)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44078: ZDI-CAN-23326: Zero Day Initiative Vulnerability (Samsung MagicInfo Server)".
- Severity changed from "High" to "Critical".
- Description updated.
- Vulnerability references updated.
- Release Date: April 09, 2024
- Last Modified Date: August 27, 2024
Removed Filters: None
|
Views:
Keywords: Digital Vaccine #9936