Summary
Digital Vaccine #9138 (CONT) July 17, 2018
Details
Modified Filters (metadata changes only): * = Enabled in Default deployments 16240: HTTP: McAfee ePolicy Orchestrator XML External Entity Vulnerability - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) * 16241: HTTPS: McAfee ePolicy Orchestrator XML External Entity Vulnerability - IPS Version: 1.0.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) * 16244: HTTP: Oracle Java SE GSUB ReqFeatureIndex Buffer Overflow Vulnerability (ZDI-14-013) - IPS Version: 1.0.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) 16246: RTSP: VideoLAN VLC RTSP Buffer Overflow Vulnerability - IPS Version: 1.0.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) * 16247: HTTP: Apache Tomcat NIO Connector Denial-of-Service Vulnerability - IPS Version: 1.0.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) * 16249: TLS: OpenSSL do_ssl3_write Denial-of-Service Vulnerability - IPS Version: 1.0.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) 16250: MySQL: Oracle MySQL XPath Denial-of-Service Vulnerability - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) * 16251: HTTPS: Apache Tomcat NIO Connector Denial-of-Service Vulnerability - IPS Version: 1.0.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) 16254: TCP: Data Packets with No ACK Flag - IPS Version: 1.0.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) 16268: HTTP: Nagios Remote Plugin Executor Command Execution Vulnerability - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) * 16269: HTTPS: Nagios Remote Plugin Executor Command Execution Vulnerability - IPS Version: 1.0.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) 16288: HTTP: Apple CUPS Web Interface URL Handling Cross-Site Scripting Vulnerability - IPS Version: 1.0.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) 16289: TCP: HP Data Protector Opcode 27 Buffer Overflow Vulnerability - IPS Version: 1.0.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) * 16290: TCP: PostgreSQL SET ROLE Security Bypass Vulnerability - IPS Version: 1.0.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) * 16294: HTTPS: HP Diagnostics Server magentservice.exe Buffer Overflow Vulnerability (ZDI-12-016) - IPS Version: 1.0.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) * 16295: TCP: PostgreSQL Path Data Type Integer Overflow Vulnerability - IPS Version: 1.0.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) 16296: HTTPS: GnuTLS Server Hello Response Buffer Overflow Vulnerability - IPS Version: 3.2.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) * 16299: HTTP: Oracle Java awt_setPixels Information Disclosure Vulnerability - IPS Version: 1.0.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) 16302: UDP: Digium Asterisk SIP Session Expiration Header Denial-of-Service Vulnerability - IPS Version: 1.0.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) * 16306: RPC: OpenAFS Buffer Overflow Vulnerability - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) 16310: TLS: OpenSSL Denial-of-Service Vulnerability over SMTP - IPS Version: 3.2.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) 16311: HTTP: FreePBX config.php Command Execution Vulnerability - IPS Version: 1.0.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) 16332: UDP: Linux Kernel IPv6-UDP Fragmentation Offload Denial-of-Service Vulnerability - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) 16444: HTTP: PHP CDF Infinite Loop Denial-of-Service Vulnerability - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) * 16456: HTTPS: Cisco Security Agent File Upload Vulnerability (ZDI-11-088) - IPS Version: 1.0.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) * 16458: HTTP: Oracle Java Private MethodHandle Sandbox Bypass Vulnerability - IPS Version: 1.0.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) * 16461: HTTP: Ericom AccessNow Server Buffer Overflow Vulnerability (ZDI-14-160) - IPS Version: 1.0.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) 16463: DNS: ISC BIND Recursive Nameservers Prefetch Denial-of-Service Vulnerability - IPS Version: 1.0.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) 16464: DNS: ISC BIND EDNS Option Processing Denial-of-Service Vulnerability - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) 16467: HTTP: Microsoft Internet Explorer Applet Object Use-After-Free Vulnerability - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) * 16470: TCP: HylaFAX+ LDAP Authentication User Name Buffer Overflow Vulnerability - IPS Version: 1.0.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) 16476: UDP: OpenSSL DTLS Recursion Denial-of-Service Vulnerability - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) 16490: HTTP: Microsoft Internet Explorer ScrollIntoView Use-After-Free Vulnerability (ZDI-15-013) - IPS Version: 1.0.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) * 16505: DNS: PHP php_parserr DNS TXT Record Buffer Overflow Vulnerability - IPS Version: 1.0.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) 16510: HTTP: EFS Easy File Management Web Server UserID Buffer Overflow Vulnerability - IPS Version: 3.1.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) 16516: HTTP: HP Release ControlAdministrator User Password Reset - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) 16541: HTTP: D-Link HNAP Request Buffer Overflow Vulnerability - IPS Version: 1.0.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) 16565: HTTP: Symantec Web Gateway dbutils.php SQL Injection Vulnerability - IPS Version: 1.0.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) 16567: HTTP: MW6 Technologies MaxiCode ActiveX Control Buffer Overflow Vulnerability - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) * 16584: HTTP: Oracle Java AtomicReferenceFieldUpdater Memory Corruption Vulnerability - IPS Version: 1.0.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) * 16626: HTTP: Apache HTTP Server mod_proxy_ajp Denial-of-Service Vulnerability - IPS Version: 1.0.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) 16627: TCP: HP Data Protector Backup Multiple Opcodes Communication - IPS Version: 1.0.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) 16629: HTTP: Mozilla Firefox SharedWorker MessagePort Use-After-Free Vulnerability - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) 16631: HTTP: Apache HTTP Server mod_status Buffer Overflow Vulnerability (ZDI-14-236) - IPS Version: 1.0.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) 16635: TCP: OpenSSL Anonymous ECDH Denial-of-Service Vulnerability - IPS Version: 1.0.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) * 16636: SCTP: Linux Kernel SCTP COOKIE_ECHO Denial-of-Service Vulnerability - IPS Version: 3.2.8 and after. - NGFW Version: Not available. - TPS Version: 4.0.0 and after in IPS Persona mode. - vTPS Version: 4.0.1 and after in IPS Persona mode. - Requires: Only IPS models or TPS in IPS Persona - Deployments updated and are now: - Deployment: Default (Block / Notify) * 16638: SCTP: Linux Kernel SCTP COOKIE_ECHO Denial-of-Service Vulnerability - IPS Version: 3.2.8 and after. - NGFW Version: Not available. - TPS Version: 4.0.0 and after in IPS Persona mode. - vTPS Version: 4.0.1 and after in IPS Persona mode. - Requires: Only IPS models or TPS in IPS Persona - Deployments updated and are now: - Deployment: Default (Block / Notify) * 16645: HTTP: Malicious Java Applet Download - IPS Version: 1.0.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) * 16647: HTTP: Apache HTTP Server mod_deflate Denial-of-Service Vulnerability - IPS Version: 1.0.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) * 16654: HTTP: Libav LZO Integer Overflow Vulnerability - IPS Version: 1.0.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) * 16668: SMB: Samba NMDB Buffer Overflow Vulnerability - IPS Version: 1.0.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) 16687: HTTP: Atlassian JIRA Issue Collector Directory Traversal Vulnerability - IPS Version: 1.0.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) 16692: HTTP: Apache HTTP Server mod_cache Denial-of-Service Vulnerability - IPS Version: 1.0.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) 16698: HTTP: Cryptographic Locker Ransomware Communication Attempt - IPS Version: 1.0.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) 16722: HTTP: Adobe Acrobat/Reader JavaScript Privileged Function Invocation - IPS Version: 1.0.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) 16729: UDP: OpenSSL DTLS Handshake Denial-of-Service Vulnerability - IPS Version: 1.0.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) 16741: UDP: OpenSSL DTLS Handshake Denial-of-Service Vulnerability - IPS Version: 1.0.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) * 16767: HTTP: Senkas Kolibri Webserver URI Buffer Overflow Vulnerability - IPS Version: 1.0.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) 16792: HTTP: Squid Proxy Range Header Denial-of-Service Vulnerability - IPS Version: 1.0.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) 16806: UDP: Non-Standard Function Declaration - IPS Version: 1.0.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) 16807: TCP: GNU Bash Remote Code Execution Vulnerability - IPS Version: 1.0.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) 16831: UDP: OpenSSL DTLS Denial-of-Service Vulnerability - IPS Version: 1.0.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) * 16846: HTTP: Microsoft Word styles Use-After-Free Vulnerability (ZDI-14-350) - IPS Version: 1.0.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) * 16858: HTTP: Microsoft .NET Framework Integer Underflow Vulnerability - IPS Version: 1.0.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) * 16871: HTTP: Google Android Browser Same Origin Policy Bypass Vulnerability - IPS Version: 1.0.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) 16888: TLS: OpenSSL TLS SRP Buffer Overflow Vulnerability - IPS Version: 3.2.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) 16892: HTTP: Drupal Core SQL Injection Vulnerability - IPS Version: 1.0.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) 16897: HTTP: Microsoft Internet Explorer Document Fragment Use-After-Free Vulnerability (ZDI-15-023) - IPS Version: 1.0.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) * 16936: RFB: LibVNCServer rfbSendNewScaleSize Use-After-Free Vulnerability - IPS Version: 1.0.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) 16938: HTTP: PHP Fileinfo Denial-of-Service Vulnerability - IPS Version: 1.0.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) * 16942: HTTPS: Mozilla Network Security Services RSA Security Bypass Vulnerability - IPS Version: 1.0.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) 16943: FTP: GNU Wget Symbolic Link Arbitrary Write Vulnerability - IPS Version: 1.0.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) * 16947: TLS: OpenSSL TLS SRP Buffer Overflow Vulnerability - IPS Version: 1.0.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) * 16950: HTTP: Microsoft Word Memory Corruption Vulnerability - IPS Version: 1.0.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) * 16951: SMB: Microsoft Windows Object Packager Memory Corruption Vulnerability - IPS Version: 1.0.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) * 16953: HTTP: Microsoft Word Memory Corruption Vulnerability - IPS Version: 1.0.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) 16999: HTTP: Microsoft Internet Explorer removeNode Use-After-Free Vulnerability - IPS Version: 1.0.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) 17006: HTTP: Microsoft Internet Explorer ActiveX Control Type Confusion Vulnerability (ZDI-15-028) - IPS Version: 1.0.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) * 17010: HTTP: Sophos Web Appliance Write Command Injection Vulnerability (ZDI-14-069) - IPS Version: 1.0.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) * 17035: HTTPS: Sophos Web Appliance Write Command Injection Vulnerability (ZDI-14-069) - IPS Version: 1.0.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) * 17041: HTTP: LibreOffice Impress Remote Control Use-After-Free Vulnerability - IPS Version: 1.0.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) 17049: ICMPv6: FreeBSD rtsold Buffer Overflow Vulnerability - IPS Version: 3.2.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) 17056: TLS: OpenSSL Invalid Session Ticket Denial-of-Service Vulnerability (ONLY enable under DoS attack) - IPS Version: 3.1.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) 17064: HTTP: Microsys Promotic PmBase64Decode Buffer Overflow (ZDI-15-091) - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) 17068: HTTPS: Symantec Endpoint Protection Manager Cross-Site Scripting Vulnerability - IPS Version: 1.0.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) 17069: TLS: Microsoft SChannel CertificateVerify Buffer Overflow Vulnerability - IPS Version: 3.2.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) * 17071: HTTPS: Symantec Endpoint Protection Manager Cross-Site Scripting Vulnerability - IPS Version: 1.0.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) 17148: POP3: Cyrus IMAP Server popsubfolders USER Buffer Overflow Vulnerability - IPS Version: 1.0.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) * 17158: HTTP: PHP Unserialize Integer Overflow Vulnerability - IPS Version: 1.0.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) * 17166: TCP: OpenSSL DTLS SRTP Extension Parsing Denial-of-Service Vulnerability - IPS Version: 1.0.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) 17176: HTTP: Microsoft Internet Explorer setActive Use-After-Free Vulnerability (ZDI-15-081) - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) 17177: ICMPv6: Invalid Message Type - IPS Version: 3.0.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) 17187: TCP: MIT Kerberos Suspicious TGS-REQ Request - IPS Version: 1.0.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) * 17199: HTTP: Microsoft ASP.NET DisplayText Cross-Site Scripting Vulnerability - IPS Version: 1.0.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) 17208: TCP: OpenSSL SRTP Extension Parsing - IPS Version: 3.1.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) 19234: HTTP: Novell eDirectory IMONITOR Cross-Site-Scripting Vulnerability - IPS Version: 1.0.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) * 19255: HTTP: SAP SQL Anywhere Buffer Overflow Vulnerability (ZDI-14-412,415) - IPS Version: 1.0.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) 19259: HTTP: Microsoft Internet Explorer TextData Use-After-Free Vulnerability (ZDI-15-128) - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) * 19262: HTTP: ActualScripts ActualAnalyzer Cookie Command Injection Vulnerability - IPS Version: 1.0.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) 19266: TLS: Microsoft SChannel Client Hello Memory Corruption Vulnerability - IPS Version: 3.1.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) * 19286: NTP: NTP Configure Command Buffer Overflow Vulnerability - IPS Version: 1.0.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) 19290: HTTP: PTC Arbortext IsoView ActiveX Control Buffer Overflow Vulnerability (ZDI-14-398/399) - IPS Version: 1.0.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) * 19291: HTTP: Vtiger CRM SOAP Code Execution Vulnerability - IPS Version: 1.0.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) * 19301: HTTP: GitHub Client Command Execution Vulnerability - IPS Version: 1.0.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) * 19324: HTTP: Microsoft Internet Explorer TextData Use-After-Free Vulnerability (ZDI-15-128) - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) 19329: HTTP: PHP Unserialize Use-After-Free Vulnerability - IPS Version: 3.1.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) 19331: HTTP: Trihedral VTScada Web Interface Denial-of-Service Vulnerability (ZDI-14-425) - IPS Version: 1.0.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) 19336: HTTP: Microsoft Internet Explorer frameset Use-After-Free Vulnerability (ZDI-15-130) - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) 19340: SMB: Microsoft Windows Explorer .LNK DLL Planting Code Execution Vulnerability (ZDI-15-086) - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) * 19361: UDP: OpenSSL DTLS dtls1_buffer_record Denial-of-Service Vulnerability - IPS Version: 1.0.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) 19375: SMTP: Exim SMTP Server Buffer Overflow Vulnerability - IPS Version: 3.2.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) * 19379: HTTP: Red Hat Package Manager CPIO Header Buffer Overflow Vulnerability - IPS Version: 1.0.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) * 19403: HTTP: Microsoft Internet Explorer RegEx Element Use-After-Free Vulnerability - IPS Version: 1.0.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) 19408: HTTP: Microsoft Internet Explorer Universal Cross-Site Scripting Vulnerability - IPS Version: 1.0.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) 19424: HTTP: McAfee ePolicy Orchestrator XML Entity Injection Vulnerability - IPS Version: 1.0.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) * 19435: HTTP: Oracle Java PhantomReference Use-After-Free Vulnerability - IPS Version: 1.0.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) 19436: HTTP: TRENDnet SecurView Internet Camera ActiveX Instantiation - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) 19438: HTTP: PHP exif_read_data NULL Pointer Deference Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) 19456: HTTP: Samsung SmartViewer STWAxConfig DVRSetupSave Method Usage (ZDI-15-462) - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) * 19498: TCP: OpenSSL ClientHello Denial-of-Service Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) * 19537: HTTP: Apache Tomcat Chunked Transfer Denial-of-Service Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) 19588: HTTP: WordPress .zip File Plugin Upload - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) 19638: HTTP: Adobe Illustrator EPS File DSC Comment Buffer Overflow Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) 19644: SMB: Samba NetrServerPasswordSet Command Usage - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) * 19666: HTTPS: Symantec Web Gateway OS Command Injection Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) 19667: HTTP: PHP Unserialize Use-After-Free Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) * 19673: TCP: EMC AutoStart ftAgent Remote Code Execution Vulnerability (ZDI-15-173) - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) * 19675: TCP: EMC AutoStart ftAgent Remote Code Execution Vulnerability (ZDI-15-174) - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) 19684: TCP: MIT Kerberos klogind recvauth Denial-of-Service Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) 19685: TCP: MIT Kerberos kpropd recvauth Denial-of-Service Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) 19686: TCP: MIT Kerberos kshd recvauth Denial-of-Service Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) * 19687: DNS: glibc gethostbyname_r Buffer Overflow Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) 19690: HTTP: Microsoft IIS Integer Overflow Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) 19691: HTTP: Microsoft IIS Web Server Information Disclosure Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) * 19704: HTTP: Microsoft Office Memory Corruption Vulnerability (ZDI-15-132) - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) 19707: HTTP: Microsoft Office Memory Corruption Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) * 19721: HTTP: SolarWinds SQL Injection Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) 19722: HTTP: WebGate WESP SDK WESPDiscovery Buffer Overflow Vulnerability (ZDI-15-057) - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) 19723: HTTP: LANDesk Management Suite AMTVersion Cross-Site Scripting Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) 19729: HTTP: PHP libzip Integer Overflow Denial-of-Service Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) 19731: TCP: OpenSSL ssl3_get_client_key_exchange Denial-of-Service Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) 19743: TCP: Fortinet Single Sign On Hello Message Denial-of-Service Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) 19778: HTTP: Electric Sheep Fencing pfSense webgui Cross-Site Scripting Multiple Vulnerabilities - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) 19779: HTTP: Electric Sheep Fencing pfSense webgui Arbitrary File Delete - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) * 19781: HTTP: Info-ZIP UnZip Buffer Overflow Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) 19783: HTTP: PHP phar_parse_tarfile Integer Overflow Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) 19806: HTTP: Magento Forwarded Parameter Usage - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) 19839: HTTP: ProFTPD SITE CPFR/CPTO Command Usage - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) * 19840: HTTP: Electric Sheep Fencing pfSense webgui deletefile Directory Traversal Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) * 19842: HTTP: ManageEngine ServiceDesk Plus User Privileges Escalation Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) 19858: HTTP: Symantec Web Gateway Cross-Site Scripting Vulnerability (ZDI-15-443) - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) * 19862: LDAP: OpenLDAP slapd Deref Overlay Null Pointer Dereference Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) * 19865: HTTP: WordPress Comments Stored Cross-Site Scripting Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) 19867: HTTP: WordPress Long Comment Submission - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) 19886: TCP: Diffie-Hellman DHE_EXPORT Weak Cipher Suite Negotiation - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) 19887: TCP: Diffie-Hellman DHE Weak Cipher Suite Negotiation - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) 19890: HTTP: Microsoft Internet Explorer CTxtPtr Memory Access Error Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) * 19891: HTTP: ClamAV UPX File Handling Integer Overflow Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) 19892: DNS: PowerDNS Multiple Products Denial-of-Service Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) 19893: DNS: PowerDNS Multiple Products Denial-of-Service Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) 19896: HTTPS: OpenSSL Invalid PSS Parameters Denial-of-Service Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) 19897: HTTP: ManageEngine EventLog Analyzer Cross-Site Request Forgery Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) 19898: HTTP: ManageEngine EventLog Analyzer User Management Request - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) 19899: HTTP: ManageEngine EventLog Analyzer User Management Request - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) * 19902: SSL: HP LoadRunner launcher.dll Buffer Overflow Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) 19915: TLS: OpenSSL ClientHello ASN1_TYPE_cmp Denial-of-Service Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) * 19920: HTTP: Microsoft Office osf.Sandbox Memory Corruption Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) * 19941: HTTPS: OpenSSL Invalid PSS Parameters Denial-of-Service Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) 19951: HTTP: HP SiteScope Log Analyzer Information Disclosure Vulnerability (ZDI-15-239) - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) * 19970: TCP: Apache Qpid Session.gap Denial-of-Service Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) * 19971: TCP: Apache Qpid Sequence Set Denial-of-Service Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) 19980: FTP: PHP ftp_genlist method Buffer Overflow Vulnerability - IPS Version: 3.6.1 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) 19982: HTTP: WordPress MailChimp Subscribe Form Plugin Code Injection Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) * 19993: HTTP: SAP 3D Visual Enterprise Viewer 3DM File Buffer Overflow Vulnerability (ZDI-15-526) - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) 20001: HTTP: Apple CUPS Web Interface URL Handling Cross-Site Scripting Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) * 20004: HTTP: Apple Safari Cross-Origin Security Bypass Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) 20016: FTP: PHP ftp_genlist method Buffer Overflow Vulnerability - IPS Version: 3.6.1 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) 20021: HTTP: WebUI mainfile.php Logon PHP Code Execution Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) 20022: HTTP: cURL and libcurl Cookie Path Parsing Remote Code Execution Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) 20027: HTTP: Apple CUPS Privilege Escalation Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) 20038: HTTP: Apache HTTP Server mod_log_config Denial-of-Service Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) 20039: HTTP: LANDesk Management Suite File Inclusion Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) 20058: NTP: Network Time Protocol Daemon ctl_putdata Buffer Overflow Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) 20156: HTTP: Google Chrome XSSAuditor Policy Bypass Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) 20157: HTTP: Electric Sheep Fencing pfSense webgui Cross-Site Scripting Multiple Vulnerabilities - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) 20191: DNS: ISC BIND Suspicious TKEY Denial-of-Service Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) * 20348: SMTP: IBM Domino GIF Processing Heap Buffer Overflow Vulnerability (ZDI-15-135) - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) 20361: HTTP: PHP Multipart Form-Data Denial-of-Service Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) * 20418: HTTP: phpFileManager cmd Parameter Command Execution Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) * 20419: SMTP: IBM Domino BMP Color Palette Buffer Overflow Vulnerability (ZDI-15-194) - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) * 20420: SMTP: IBM Lotus Domino BMP Parsing Integer Overflow Vulnerability (ZDI-15-193) - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) * 20429: HTTP: Oracle Java SE OCSP nextUpdate Replay Attack Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) * 20432: HTTP: Adobe Flash MP3 ID3 Tag Buffer Overflow Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) 20515: HTTP: Microsoft Internet Explorer Label Element Use-After-Free Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) 20536: TCP: Dell NetVault Backup Denial-of-Service Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) * 20620: SSL: OpenSSL X509_cmp_time Denial of Service - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) * 20705: SSH: Sysax Multi Server SSH Component Denial-Of-Service Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) * 20716: DNS: ISC BIND DNSSEC Validation Denial-of-Service Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) * 20791: HTTP: Novell ZENworks Mobile Management Cross-Site Scripting Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) 20792: HTTP: Microsoft Windows VBScript Join Function Use-After-Free Vulnerability (ZDI-15-591) - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) 20800: HTTP: Adobe Flash Oversized MP3 ID3 Frame Header - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) 20803: HTTP: OpenEMR Authentication Bypass Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) 20815: HTTP: Microsoft Windows VBScript Filter Function Use-After-Free Vulnerability(ZDI-15-592,ZDI-18-123) - IPS Version: 1.0.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) 20816: HTTP: Microsoft Windows VBScript InStr/InStrRev Function Use-After-Free Vulnerability (ZDI-15-594) - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) 20817: HTTP: Microsoft Windows VBScript Replace Function Use-After-Free Vulnerability (ZDI-15-595) - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) 20818: HTTP: Microsoft Windows VBScript Split Function Use-After-Free Vulnerability (ZDI-15-596) - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) * 20820: UDP: HID VertX and Edge Discoveryd Command Injection Vulnerability (ZDI-16-223) - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Miscellaneous modification. 20897: SMB: Microsoft Windows Media Center MCL Executable File Download - IPS Version: 3.2.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) 20920: SMB: Microsoft Windows Media Center MCL Executable File Upload - IPS Version: 3.2.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) 20927: HTTP: ManageEngine ServiceDesk Directory Traversal Vulnerability (ZDI-15-396) - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) 20933: HTTP: Endian Firewall Code Execution Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) * 20986: HTTPS: Endian Firewall Code Execution Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) 21154: HTTP: Typo3 CMS sanitizeLocalUrl Cross-Site Scripting Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) * 21196: HTTP: Oracle Application Testing Suite DownloadServlet Directory Traversal Vulnerability(ZDI-16-036) - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) * 21338: HTTP: Oracle Application Testing Suite Authentication Bypass Vulnerability (ZDI-16-042) - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) 21436: DNS: ISC BIND openpgpkey_61.c Denial-of-Service Vulnerability - IPS Version: 3.2.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) 21509: HTTP: Microsoft Internet Explorer Links Bar Usage - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) 21512: TCP: VMware vCenter Server JMX RMI Code Execution Vulnerability (ZDI-15-455) - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) * 21614: HTTP: Microsoft Office File Modification Password Use-After-Free Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) 21765: UDP: MIT Kerberos build_principal_va Denial-of-Service Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) * 21766: TLS: Squid SSL-Bump Denial-of-Service Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) * 21767: TLS: Squid SSL-Bump Denial-of-Service Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) 21994: TCP: MIT Kerberos build_principal_va Denial-of-Service Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) 22091: HTTPS: Squid Proxy SSL-Bump Certificate Validation Bypass Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) * 22110: HTTP: Adobe Acrobat DC/Foxit Reader XFA FormCalc Integer Overflow Vulnerability (ZDI-16-028,286) - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) 22169: DB2: Ingres Database Server Buffer Overflow Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) 22179: MySQL: Oracle MySQL Client Version Comment/String Buffer Overflow Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) 22188: DNS: Microsoft Windows ICS NAT Helper Denial-of-Service Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) 22190: TCP: Overlong Boundary in Multipart MIME Type Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) 22192: UDP: Snort Back Orifice Pre-Processor Buffer Overflow Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) 22196: HTTP: Apple iTunes m3u Playlist Buffer Overflow Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) 22212: HTTP: Citrix Program Neighborhood Agent InName Buffer Overflow Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) * 22213: Oracle: AUTH_ALTER_SESSION Sql Injection Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) * 22304: SMB: Microsoft Windows COMSVCS.DLL Insecure Library Loading Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) 22447: LDAP: Samba LDAP Server libldb Infinite Loop Denial-of-Service Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) 22449: HTTP: XSLT Template With Self Referring Values - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) 22458: HTTP: Microsoft Windows Vulnerable ActiveX Instantiation - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) 22521: HTTP: phpFileManager cmd Command Execution Attempt - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) * 22594: HTTP: TrendMicro Antivirus Password Manager Command Execution Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) * 22644: HTTP: Microsoft Windows Insecure Library Loading Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) * 22645: SMB: Microsoft Windows Insecure Library Loading Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) 22646: ICMPv6: FreeBSD SCTP ICMPv6 Denial-of-Service Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) 22661: HTTP: Microsoft Windows OleLoadPicture Bitmap Memory Corruption Vulnerability (ZDI-16-182) - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) 22687: HTTP: Microsoft Word RTF Drawing Object Code Execution Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) 22761: SMB: Microsoft Windows DirectShow Code Execution Vulnerability - IPS Version: 3.2.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) 22762: SMB: Microsoft Windows DirectShow Code Execution Vulnerability - IPS Version: 3.2.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) * 22764: HTTP: Trend Micro InterScan Web Security Virtual Appliance Command Injection (ZDI-16-349) - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) 22868: HTTP: Microsoft .NET Framework XSLT Parsing Denial-of-Service Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) 22871: HTTP: Microsoft Internet Explorer Hyperlink Information Disclosure Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) 22872: HTTP: phoneinfo.dll or msdaora.dll File Access via HTTP - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) 22873: SMB: phoneinfo.dll or msdaora.dll File Access via SMB - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) * 23805: SMB: Microsoft Windows msdaora.dll Insecure Library Loading Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) * 23806: HTTP: Microsoft Windows msdaora.dll Insecure Library Loading Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) 23808: DNS: Nginx DNS Resolver Denial-of-Service Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) 23817: TCP: MIT Kerberos 5 kadmind KADM5_POLICY Denial-of-Service Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) 23866: HTTP: Oracle GlassFish Server ThemeServlet Directory Traversal Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) * 23882: DNS: GNU C Library getaddrinfo Buffer Overflow Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) * 23896: DNS: GNU C Library getaddrinfo Buffer Overflow Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) 23908: HTTP: Microsoft Windows OleLoadPicture Memory Corruption Vulnerability (ZDI-16-181) - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) 23959: RPC: Diasoft File Replication Pro Command Execution - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) * 23960: HTTP: Adobe Flash copyPixels Integer Overflow Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) 23967: HTTP: NETGEAR ProSafe Network Management System 300 JSP File Upload Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) 24047: HTTP: Adobe Acrobat Reader DC JPEG2000 Information Disclosure Vulnerability (ZDI-16-325) - IPS Version: 3.2.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) 24123: HTTP: Apache OpenMeetings ZIP File Path Traversal Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) 24249: HTTP: Apache Jetspeed PageManagementService Cross-Site Scripting Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) 24268: TCP: MIT Kerberos 5 kadmind process_db_args Denial-of-Service Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Performance-Optimized (Block / Notify) - Deployment: Security-Optimized (Block / Notify) * 24334: HTTPS: Trend Micro Control Manager External Entity Processing Information Disclosure(ZDI-16-457,458) - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) * 24370: HTTP/2: Microsoft HTTP.sys HTTP 2.0 Denial-of-Service Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Deployments updated and are now: - Deployment: Default (Block / Notify) * 31573: HTTP: Microsoft Office Outlook Use-After-Free Vulnerability - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Name changed from "31573: HTTP: Microsoft Outlook Use-After-Free Vulnerability ". - Description updated. - Vulnerability references updated. Removed Filters: None Digital Vaccine #9138