Summary
Digital Vaccine #9138 (CONT) July 17, 2018
Details
Modified Filters (metadata changes only):
* = Enabled in Default deployments
16240: HTTP: McAfee ePolicy Orchestrator XML External Entity Vulnerability
- IPS Version: 3.6.2 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
* 16241: HTTPS: McAfee ePolicy Orchestrator XML External Entity Vulnerability
- IPS Version: 1.0.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
* 16244: HTTP: Oracle Java SE GSUB ReqFeatureIndex Buffer Overflow Vulnerability (ZDI-14-013)
- IPS Version: 1.0.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
16246: RTSP: VideoLAN VLC RTSP Buffer Overflow Vulnerability
- IPS Version: 1.0.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
* 16247: HTTP: Apache Tomcat NIO Connector Denial-of-Service Vulnerability
- IPS Version: 1.0.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
* 16249: TLS: OpenSSL do_ssl3_write Denial-of-Service Vulnerability
- IPS Version: 1.0.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
16250: MySQL: Oracle MySQL XPath Denial-of-Service Vulnerability
- IPS Version: 3.6.2 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
* 16251: HTTPS: Apache Tomcat NIO Connector Denial-of-Service Vulnerability
- IPS Version: 1.0.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
16254: TCP: Data Packets with No ACK Flag
- IPS Version: 1.0.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
16268: HTTP: Nagios Remote Plugin Executor Command Execution Vulnerability
- IPS Version: 3.6.2 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
* 16269: HTTPS: Nagios Remote Plugin Executor Command Execution Vulnerability
- IPS Version: 1.0.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
16288: HTTP: Apple CUPS Web Interface URL Handling Cross-Site Scripting Vulnerability
- IPS Version: 1.0.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
16289: TCP: HP Data Protector Opcode 27 Buffer Overflow Vulnerability
- IPS Version: 1.0.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
* 16290: TCP: PostgreSQL SET ROLE Security Bypass Vulnerability
- IPS Version: 1.0.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
* 16294: HTTPS: HP Diagnostics Server magentservice.exe Buffer Overflow Vulnerability (ZDI-12-016)
- IPS Version: 1.0.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
* 16295: TCP: PostgreSQL Path Data Type Integer Overflow Vulnerability
- IPS Version: 1.0.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
16296: HTTPS: GnuTLS Server Hello Response Buffer Overflow Vulnerability
- IPS Version: 3.2.2 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
* 16299: HTTP: Oracle Java awt_setPixels Information Disclosure Vulnerability
- IPS Version: 1.0.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
16302: UDP: Digium Asterisk SIP Session Expiration Header Denial-of-Service Vulnerability
- IPS Version: 1.0.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
* 16306: RPC: OpenAFS Buffer Overflow Vulnerability
- IPS Version: 3.6.2 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
16310: TLS: OpenSSL Denial-of-Service Vulnerability over SMTP
- IPS Version: 3.2.2 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
16311: HTTP: FreePBX config.php Command Execution Vulnerability
- IPS Version: 1.0.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
16332: UDP: Linux Kernel IPv6-UDP Fragmentation Offload Denial-of-Service Vulnerability
- IPS Version: 3.6.2 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
16444: HTTP: PHP CDF Infinite Loop Denial-of-Service Vulnerability
- IPS Version: 3.6.2 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
* 16456: HTTPS: Cisco Security Agent File Upload Vulnerability (ZDI-11-088)
- IPS Version: 1.0.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
* 16458: HTTP: Oracle Java Private MethodHandle Sandbox Bypass Vulnerability
- IPS Version: 1.0.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
* 16461: HTTP: Ericom AccessNow Server Buffer Overflow Vulnerability (ZDI-14-160)
- IPS Version: 1.0.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
16463: DNS: ISC BIND Recursive Nameservers Prefetch Denial-of-Service Vulnerability
- IPS Version: 1.0.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
16464: DNS: ISC BIND EDNS Option Processing Denial-of-Service Vulnerability
- IPS Version: 3.6.2 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
16467: HTTP: Microsoft Internet Explorer Applet Object Use-After-Free Vulnerability
- IPS Version: 3.6.2 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
* 16470: TCP: HylaFAX+ LDAP Authentication User Name Buffer Overflow Vulnerability
- IPS Version: 1.0.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
16476: UDP: OpenSSL DTLS Recursion Denial-of-Service Vulnerability
- IPS Version: 3.6.2 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
16490: HTTP: Microsoft Internet Explorer ScrollIntoView Use-After-Free Vulnerability (ZDI-15-013)
- IPS Version: 1.0.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
* 16505: DNS: PHP php_parserr DNS TXT Record Buffer Overflow Vulnerability
- IPS Version: 1.0.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
16510: HTTP: EFS Easy File Management Web Server UserID Buffer Overflow Vulnerability
- IPS Version: 3.1.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
16516: HTTP: HP Release ControlAdministrator User Password Reset
- IPS Version: 3.6.2 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
16541: HTTP: D-Link HNAP Request Buffer Overflow Vulnerability
- IPS Version: 1.0.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
16565: HTTP: Symantec Web Gateway dbutils.php SQL Injection Vulnerability
- IPS Version: 1.0.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
16567: HTTP: MW6 Technologies MaxiCode ActiveX Control Buffer Overflow Vulnerability
- IPS Version: 3.6.2 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
* 16584: HTTP: Oracle Java AtomicReferenceFieldUpdater Memory Corruption Vulnerability
- IPS Version: 1.0.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
* 16626: HTTP: Apache HTTP Server mod_proxy_ajp Denial-of-Service Vulnerability
- IPS Version: 1.0.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
16627: TCP: HP Data Protector Backup Multiple Opcodes Communication
- IPS Version: 1.0.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
16629: HTTP: Mozilla Firefox SharedWorker MessagePort Use-After-Free Vulnerability
- IPS Version: 3.6.2 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
16631: HTTP: Apache HTTP Server mod_status Buffer Overflow Vulnerability (ZDI-14-236)
- IPS Version: 1.0.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
16635: TCP: OpenSSL Anonymous ECDH Denial-of-Service Vulnerability
- IPS Version: 1.0.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
* 16636: SCTP: Linux Kernel SCTP COOKIE_ECHO Denial-of-Service Vulnerability
- IPS Version: 3.2.8 and after.
- NGFW Version: Not available.
- TPS Version: 4.0.0 and after in IPS Persona mode.
- vTPS Version: 4.0.1 and after in IPS Persona mode.
- Requires: Only IPS models or TPS in IPS Persona
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
* 16638: SCTP: Linux Kernel SCTP COOKIE_ECHO Denial-of-Service Vulnerability
- IPS Version: 3.2.8 and after.
- NGFW Version: Not available.
- TPS Version: 4.0.0 and after in IPS Persona mode.
- vTPS Version: 4.0.1 and after in IPS Persona mode.
- Requires: Only IPS models or TPS in IPS Persona
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
* 16645: HTTP: Malicious Java Applet Download
- IPS Version: 1.0.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
* 16647: HTTP: Apache HTTP Server mod_deflate Denial-of-Service Vulnerability
- IPS Version: 1.0.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
* 16654: HTTP: Libav LZO Integer Overflow Vulnerability
- IPS Version: 1.0.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
* 16668: SMB: Samba NMDB Buffer Overflow Vulnerability
- IPS Version: 1.0.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
16687: HTTP: Atlassian JIRA Issue Collector Directory Traversal Vulnerability
- IPS Version: 1.0.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
16692: HTTP: Apache HTTP Server mod_cache Denial-of-Service Vulnerability
- IPS Version: 1.0.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
16698: HTTP: Cryptographic Locker Ransomware Communication Attempt
- IPS Version: 1.0.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
16722: HTTP: Adobe Acrobat/Reader JavaScript Privileged Function Invocation
- IPS Version: 1.0.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
16729: UDP: OpenSSL DTLS Handshake Denial-of-Service Vulnerability
- IPS Version: 1.0.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
16741: UDP: OpenSSL DTLS Handshake Denial-of-Service Vulnerability
- IPS Version: 1.0.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
* 16767: HTTP: Senkas Kolibri Webserver URI Buffer Overflow Vulnerability
- IPS Version: 1.0.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
16792: HTTP: Squid Proxy Range Header Denial-of-Service Vulnerability
- IPS Version: 1.0.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
16806: UDP: Non-Standard Function Declaration
- IPS Version: 1.0.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
16807: TCP: GNU Bash Remote Code Execution Vulnerability
- IPS Version: 1.0.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
16831: UDP: OpenSSL DTLS Denial-of-Service Vulnerability
- IPS Version: 1.0.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
* 16846: HTTP: Microsoft Word styles Use-After-Free Vulnerability (ZDI-14-350)
- IPS Version: 1.0.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
* 16858: HTTP: Microsoft .NET Framework Integer Underflow Vulnerability
- IPS Version: 1.0.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
* 16871: HTTP: Google Android Browser Same Origin Policy Bypass Vulnerability
- IPS Version: 1.0.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
16888: TLS: OpenSSL TLS SRP Buffer Overflow Vulnerability
- IPS Version: 3.2.2 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
16892: HTTP: Drupal Core SQL Injection Vulnerability
- IPS Version: 1.0.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
16897: HTTP: Microsoft Internet Explorer Document Fragment Use-After-Free Vulnerability (ZDI-15-023)
- IPS Version: 1.0.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
* 16936: RFB: LibVNCServer rfbSendNewScaleSize Use-After-Free Vulnerability
- IPS Version: 1.0.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
16938: HTTP: PHP Fileinfo Denial-of-Service Vulnerability
- IPS Version: 1.0.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
* 16942: HTTPS: Mozilla Network Security Services RSA Security Bypass Vulnerability
- IPS Version: 1.0.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
16943: FTP: GNU Wget Symbolic Link Arbitrary Write Vulnerability
- IPS Version: 1.0.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
* 16947: TLS: OpenSSL TLS SRP Buffer Overflow Vulnerability
- IPS Version: 1.0.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
* 16950: HTTP: Microsoft Word Memory Corruption Vulnerability
- IPS Version: 1.0.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
* 16951: SMB: Microsoft Windows Object Packager Memory Corruption Vulnerability
- IPS Version: 1.0.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
* 16953: HTTP: Microsoft Word Memory Corruption Vulnerability
- IPS Version: 1.0.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
16999: HTTP: Microsoft Internet Explorer removeNode Use-After-Free Vulnerability
- IPS Version: 1.0.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
17006: HTTP: Microsoft Internet Explorer ActiveX Control Type Confusion Vulnerability (ZDI-15-028)
- IPS Version: 1.0.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
* 17010: HTTP: Sophos Web Appliance Write Command Injection Vulnerability (ZDI-14-069)
- IPS Version: 1.0.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
* 17035: HTTPS: Sophos Web Appliance Write Command Injection Vulnerability (ZDI-14-069)
- IPS Version: 1.0.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
* 17041: HTTP: LibreOffice Impress Remote Control Use-After-Free Vulnerability
- IPS Version: 1.0.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
17049: ICMPv6: FreeBSD rtsold Buffer Overflow Vulnerability
- IPS Version: 3.2.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
17056: TLS: OpenSSL Invalid Session Ticket Denial-of-Service Vulnerability (ONLY enable under DoS attack)
- IPS Version: 3.1.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
17064: HTTP: Microsys Promotic PmBase64Decode Buffer Overflow (ZDI-15-091)
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
17068: HTTPS: Symantec Endpoint Protection Manager Cross-Site Scripting Vulnerability
- IPS Version: 1.0.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
17069: TLS: Microsoft SChannel CertificateVerify Buffer Overflow Vulnerability
- IPS Version: 3.2.2 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
* 17071: HTTPS: Symantec Endpoint Protection Manager Cross-Site Scripting Vulnerability
- IPS Version: 1.0.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
17148: POP3: Cyrus IMAP Server popsubfolders USER Buffer Overflow Vulnerability
- IPS Version: 1.0.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
* 17158: HTTP: PHP Unserialize Integer Overflow Vulnerability
- IPS Version: 1.0.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
* 17166: TCP: OpenSSL DTLS SRTP Extension Parsing Denial-of-Service Vulnerability
- IPS Version: 1.0.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
17176: HTTP: Microsoft Internet Explorer setActive Use-After-Free Vulnerability (ZDI-15-081)
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
17177: ICMPv6: Invalid Message Type
- IPS Version: 3.0.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
17187: TCP: MIT Kerberos Suspicious TGS-REQ Request
- IPS Version: 1.0.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
* 17199: HTTP: Microsoft ASP.NET DisplayText Cross-Site Scripting Vulnerability
- IPS Version: 1.0.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
17208: TCP: OpenSSL SRTP Extension Parsing
- IPS Version: 3.1.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
19234: HTTP: Novell eDirectory IMONITOR Cross-Site-Scripting Vulnerability
- IPS Version: 1.0.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
* 19255: HTTP: SAP SQL Anywhere Buffer Overflow Vulnerability (ZDI-14-412,415)
- IPS Version: 1.0.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
19259: HTTP: Microsoft Internet Explorer TextData Use-After-Free Vulnerability (ZDI-15-128)
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
* 19262: HTTP: ActualScripts ActualAnalyzer Cookie Command Injection Vulnerability
- IPS Version: 1.0.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
19266: TLS: Microsoft SChannel Client Hello Memory Corruption Vulnerability
- IPS Version: 3.1.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
* 19286: NTP: NTP Configure Command Buffer Overflow Vulnerability
- IPS Version: 1.0.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
19290: HTTP: PTC Arbortext IsoView ActiveX Control Buffer Overflow Vulnerability (ZDI-14-398/399)
- IPS Version: 1.0.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
* 19291: HTTP: Vtiger CRM SOAP Code Execution Vulnerability
- IPS Version: 1.0.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
* 19301: HTTP: GitHub Client Command Execution Vulnerability
- IPS Version: 1.0.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
* 19324: HTTP: Microsoft Internet Explorer TextData Use-After-Free Vulnerability (ZDI-15-128)
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
19329: HTTP: PHP Unserialize Use-After-Free Vulnerability
- IPS Version: 3.1.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
19331: HTTP: Trihedral VTScada Web Interface Denial-of-Service Vulnerability (ZDI-14-425)
- IPS Version: 1.0.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
19336: HTTP: Microsoft Internet Explorer frameset Use-After-Free Vulnerability (ZDI-15-130)
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
19340: SMB: Microsoft Windows Explorer .LNK DLL Planting Code Execution Vulnerability (ZDI-15-086)
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
* 19361: UDP: OpenSSL DTLS dtls1_buffer_record Denial-of-Service Vulnerability
- IPS Version: 1.0.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
19375: SMTP: Exim SMTP Server Buffer Overflow Vulnerability
- IPS Version: 3.2.2 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
* 19379: HTTP: Red Hat Package Manager CPIO Header Buffer Overflow Vulnerability
- IPS Version: 1.0.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
* 19403: HTTP: Microsoft Internet Explorer RegEx Element Use-After-Free Vulnerability
- IPS Version: 1.0.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
19408: HTTP: Microsoft Internet Explorer Universal Cross-Site Scripting Vulnerability
- IPS Version: 1.0.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
19424: HTTP: McAfee ePolicy Orchestrator XML Entity Injection Vulnerability
- IPS Version: 1.0.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
* 19435: HTTP: Oracle Java PhantomReference Use-After-Free Vulnerability
- IPS Version: 1.0.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
19436: HTTP: TRENDnet SecurView Internet Camera ActiveX Instantiation
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
19438: HTTP: PHP exif_read_data NULL Pointer Deference Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
19456: HTTP: Samsung SmartViewer STWAxConfig DVRSetupSave Method Usage (ZDI-15-462)
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
* 19498: TCP: OpenSSL ClientHello Denial-of-Service Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
* 19537: HTTP: Apache Tomcat Chunked Transfer Denial-of-Service Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
19588: HTTP: WordPress .zip File Plugin Upload
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
19638: HTTP: Adobe Illustrator EPS File DSC Comment Buffer Overflow Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
19644: SMB: Samba NetrServerPasswordSet Command Usage
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
* 19666: HTTPS: Symantec Web Gateway OS Command Injection Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
19667: HTTP: PHP Unserialize Use-After-Free Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
* 19673: TCP: EMC AutoStart ftAgent Remote Code Execution Vulnerability (ZDI-15-173)
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
* 19675: TCP: EMC AutoStart ftAgent Remote Code Execution Vulnerability (ZDI-15-174)
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
19684: TCP: MIT Kerberos klogind recvauth Denial-of-Service Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
19685: TCP: MIT Kerberos kpropd recvauth Denial-of-Service Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
19686: TCP: MIT Kerberos kshd recvauth Denial-of-Service Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
* 19687: DNS: glibc gethostbyname_r Buffer Overflow Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
19690: HTTP: Microsoft IIS Integer Overflow Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
19691: HTTP: Microsoft IIS Web Server Information Disclosure Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
* 19704: HTTP: Microsoft Office Memory Corruption Vulnerability (ZDI-15-132)
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
19707: HTTP: Microsoft Office Memory Corruption Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
* 19721: HTTP: SolarWinds SQL Injection Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
19722: HTTP: WebGate WESP SDK WESPDiscovery Buffer Overflow Vulnerability (ZDI-15-057)
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
19723: HTTP: LANDesk Management Suite AMTVersion Cross-Site Scripting Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
19729: HTTP: PHP libzip Integer Overflow Denial-of-Service Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
19731: TCP: OpenSSL ssl3_get_client_key_exchange Denial-of-Service Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
19743: TCP: Fortinet Single Sign On Hello Message Denial-of-Service Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
19778: HTTP: Electric Sheep Fencing pfSense webgui Cross-Site Scripting Multiple Vulnerabilities
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
19779: HTTP: Electric Sheep Fencing pfSense webgui Arbitrary File Delete
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
* 19781: HTTP: Info-ZIP UnZip Buffer Overflow Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
19783: HTTP: PHP phar_parse_tarfile Integer Overflow Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
19806: HTTP: Magento Forwarded Parameter Usage
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
19839: HTTP: ProFTPD SITE CPFR/CPTO Command Usage
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
* 19840: HTTP: Electric Sheep Fencing pfSense webgui deletefile Directory Traversal Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
* 19842: HTTP: ManageEngine ServiceDesk Plus User Privileges Escalation Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
19858: HTTP: Symantec Web Gateway Cross-Site Scripting Vulnerability (ZDI-15-443)
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
* 19862: LDAP: OpenLDAP slapd Deref Overlay Null Pointer Dereference Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
* 19865: HTTP: WordPress Comments Stored Cross-Site Scripting Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
19867: HTTP: WordPress Long Comment Submission
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
19886: TCP: Diffie-Hellman DHE_EXPORT Weak Cipher Suite Negotiation
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
19887: TCP: Diffie-Hellman DHE Weak Cipher Suite Negotiation
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
19890: HTTP: Microsoft Internet Explorer CTxtPtr Memory Access Error Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
* 19891: HTTP: ClamAV UPX File Handling Integer Overflow Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
19892: DNS: PowerDNS Multiple Products Denial-of-Service Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
19893: DNS: PowerDNS Multiple Products Denial-of-Service Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
19896: HTTPS: OpenSSL Invalid PSS Parameters Denial-of-Service Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
19897: HTTP: ManageEngine EventLog Analyzer Cross-Site Request Forgery Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
19898: HTTP: ManageEngine EventLog Analyzer User Management Request
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
19899: HTTP: ManageEngine EventLog Analyzer User Management Request
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
* 19902: SSL: HP LoadRunner launcher.dll Buffer Overflow Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
19915: TLS: OpenSSL ClientHello ASN1_TYPE_cmp Denial-of-Service Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
* 19920: HTTP: Microsoft Office osf.Sandbox Memory Corruption Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
* 19941: HTTPS: OpenSSL Invalid PSS Parameters Denial-of-Service Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
19951: HTTP: HP SiteScope Log Analyzer Information Disclosure Vulnerability (ZDI-15-239)
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
* 19970: TCP: Apache Qpid Session.gap Denial-of-Service Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
* 19971: TCP: Apache Qpid Sequence Set Denial-of-Service Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
19980: FTP: PHP ftp_genlist method Buffer Overflow Vulnerability
- IPS Version: 3.6.1 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
19982: HTTP: WordPress MailChimp Subscribe Form Plugin Code Injection Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
* 19993: HTTP: SAP 3D Visual Enterprise Viewer 3DM File Buffer Overflow Vulnerability (ZDI-15-526)
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
20001: HTTP: Apple CUPS Web Interface URL Handling Cross-Site Scripting Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
* 20004: HTTP: Apple Safari Cross-Origin Security Bypass Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
20016: FTP: PHP ftp_genlist method Buffer Overflow Vulnerability
- IPS Version: 3.6.1 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
20021: HTTP: WebUI mainfile.php Logon PHP Code Execution Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
20022: HTTP: cURL and libcurl Cookie Path Parsing Remote Code Execution Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
20027: HTTP: Apple CUPS Privilege Escalation Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
20038: HTTP: Apache HTTP Server mod_log_config Denial-of-Service Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
20039: HTTP: LANDesk Management Suite File Inclusion Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
20058: NTP: Network Time Protocol Daemon ctl_putdata Buffer Overflow Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
20156: HTTP: Google Chrome XSSAuditor Policy Bypass Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
20157: HTTP: Electric Sheep Fencing pfSense webgui Cross-Site Scripting Multiple Vulnerabilities
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
20191: DNS: ISC BIND Suspicious TKEY Denial-of-Service Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
* 20348: SMTP: IBM Domino GIF Processing Heap Buffer Overflow Vulnerability (ZDI-15-135)
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
20361: HTTP: PHP Multipart Form-Data Denial-of-Service Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
* 20418: HTTP: phpFileManager cmd Parameter Command Execution Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
* 20419: SMTP: IBM Domino BMP Color Palette Buffer Overflow Vulnerability (ZDI-15-194)
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
* 20420: SMTP: IBM Lotus Domino BMP Parsing Integer Overflow Vulnerability (ZDI-15-193)
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
* 20429: HTTP: Oracle Java SE OCSP nextUpdate Replay Attack Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
* 20432: HTTP: Adobe Flash MP3 ID3 Tag Buffer Overflow Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
20515: HTTP: Microsoft Internet Explorer Label Element Use-After-Free Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
20536: TCP: Dell NetVault Backup Denial-of-Service Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
* 20620: SSL: OpenSSL X509_cmp_time Denial of Service
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
* 20705: SSH: Sysax Multi Server SSH Component Denial-Of-Service Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
* 20716: DNS: ISC BIND DNSSEC Validation Denial-of-Service Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
* 20791: HTTP: Novell ZENworks Mobile Management Cross-Site Scripting Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
20792: HTTP: Microsoft Windows VBScript Join Function Use-After-Free Vulnerability (ZDI-15-591)
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
20800: HTTP: Adobe Flash Oversized MP3 ID3 Frame Header
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
20803: HTTP: OpenEMR Authentication Bypass Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
20815: HTTP: Microsoft Windows VBScript Filter Function Use-After-Free Vulnerability(ZDI-15-592,ZDI-18-123)
- IPS Version: 1.0.0 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
20816: HTTP: Microsoft Windows VBScript InStr/InStrRev Function Use-After-Free Vulnerability (ZDI-15-594)
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
20817: HTTP: Microsoft Windows VBScript Replace Function Use-After-Free Vulnerability (ZDI-15-595)
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
20818: HTTP: Microsoft Windows VBScript Split Function Use-After-Free Vulnerability (ZDI-15-596)
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
* 20820: UDP: HID VertX and Edge Discoveryd Command Injection Vulnerability (ZDI-16-223)
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Miscellaneous modification.
20897: SMB: Microsoft Windows Media Center MCL Executable File Download
- IPS Version: 3.2.2 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
20920: SMB: Microsoft Windows Media Center MCL Executable File Upload
- IPS Version: 3.2.2 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
20927: HTTP: ManageEngine ServiceDesk Directory Traversal Vulnerability (ZDI-15-396)
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
20933: HTTP: Endian Firewall Code Execution Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
* 20986: HTTPS: Endian Firewall Code Execution Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
21154: HTTP: Typo3 CMS sanitizeLocalUrl Cross-Site Scripting Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
* 21196: HTTP: Oracle Application Testing Suite DownloadServlet Directory Traversal Vulnerability(ZDI-16-036)
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
* 21338: HTTP: Oracle Application Testing Suite Authentication Bypass Vulnerability (ZDI-16-042)
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
21436: DNS: ISC BIND openpgpkey_61.c Denial-of-Service Vulnerability
- IPS Version: 3.2.2 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
21509: HTTP: Microsoft Internet Explorer Links Bar Usage
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
21512: TCP: VMware vCenter Server JMX RMI Code Execution Vulnerability (ZDI-15-455)
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
* 21614: HTTP: Microsoft Office File Modification Password Use-After-Free Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
21765: UDP: MIT Kerberos build_principal_va Denial-of-Service Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
* 21766: TLS: Squid SSL-Bump Denial-of-Service Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
* 21767: TLS: Squid SSL-Bump Denial-of-Service Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
21994: TCP: MIT Kerberos build_principal_va Denial-of-Service Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
22091: HTTPS: Squid Proxy SSL-Bump Certificate Validation Bypass Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
* 22110: HTTP: Adobe Acrobat DC/Foxit Reader XFA FormCalc Integer Overflow Vulnerability (ZDI-16-028,286)
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
22169: DB2: Ingres Database Server Buffer Overflow Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
22179: MySQL: Oracle MySQL Client Version Comment/String Buffer Overflow Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
22188: DNS: Microsoft Windows ICS NAT Helper Denial-of-Service Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
22190: TCP: Overlong Boundary in Multipart MIME Type Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
22192: UDP: Snort Back Orifice Pre-Processor Buffer Overflow Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
22196: HTTP: Apple iTunes m3u Playlist Buffer Overflow Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
22212: HTTP: Citrix Program Neighborhood Agent InName Buffer Overflow Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
* 22213: Oracle: AUTH_ALTER_SESSION Sql Injection Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
* 22304: SMB: Microsoft Windows COMSVCS.DLL Insecure Library Loading Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
22447: LDAP: Samba LDAP Server libldb Infinite Loop Denial-of-Service Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
22449: HTTP: XSLT Template With Self Referring Values
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
22458: HTTP: Microsoft Windows Vulnerable ActiveX Instantiation
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
22521: HTTP: phpFileManager cmd Command Execution Attempt
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
* 22594: HTTP: TrendMicro Antivirus Password Manager Command Execution Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
* 22644: HTTP: Microsoft Windows Insecure Library Loading Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
* 22645: SMB: Microsoft Windows Insecure Library Loading Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
22646: ICMPv6: FreeBSD SCTP ICMPv6 Denial-of-Service Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
22661: HTTP: Microsoft Windows OleLoadPicture Bitmap Memory Corruption Vulnerability (ZDI-16-182)
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
22687: HTTP: Microsoft Word RTF Drawing Object Code Execution Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
22761: SMB: Microsoft Windows DirectShow Code Execution Vulnerability
- IPS Version: 3.2.2 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
22762: SMB: Microsoft Windows DirectShow Code Execution Vulnerability
- IPS Version: 3.2.2 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
* 22764: HTTP: Trend Micro InterScan Web Security Virtual Appliance Command Injection (ZDI-16-349)
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
22868: HTTP: Microsoft .NET Framework XSLT Parsing Denial-of-Service Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
22871: HTTP: Microsoft Internet Explorer Hyperlink Information Disclosure Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
22872: HTTP: phoneinfo.dll or msdaora.dll File Access via HTTP
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
22873: SMB: phoneinfo.dll or msdaora.dll File Access via SMB
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
* 23805: SMB: Microsoft Windows msdaora.dll Insecure Library Loading Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
* 23806: HTTP: Microsoft Windows msdaora.dll Insecure Library Loading Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
23808: DNS: Nginx DNS Resolver Denial-of-Service Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
23817: TCP: MIT Kerberos 5 kadmind KADM5_POLICY Denial-of-Service Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
23866: HTTP: Oracle GlassFish Server ThemeServlet Directory Traversal Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
* 23882: DNS: GNU C Library getaddrinfo Buffer Overflow Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
* 23896: DNS: GNU C Library getaddrinfo Buffer Overflow Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
23908: HTTP: Microsoft Windows OleLoadPicture Memory Corruption Vulnerability (ZDI-16-181)
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
23959: RPC: Diasoft File Replication Pro Command Execution
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
* 23960: HTTP: Adobe Flash copyPixels Integer Overflow Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
23967: HTTP: NETGEAR ProSafe Network Management System 300 JSP File Upload Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
24047: HTTP: Adobe Acrobat Reader DC JPEG2000 Information Disclosure Vulnerability (ZDI-16-325)
- IPS Version: 3.2.2 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
24123: HTTP: Apache OpenMeetings ZIP File Path Traversal Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
24249: HTTP: Apache Jetspeed PageManagementService Cross-Site Scripting Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
24268: TCP: MIT Kerberos 5 kadmind process_db_args Denial-of-Service Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Performance-Optimized (Block / Notify)
- Deployment: Security-Optimized (Block / Notify)
* 24334: HTTPS: Trend Micro Control Manager External Entity Processing Information Disclosure(ZDI-16-457,458)
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
* 24370: HTTP/2: Microsoft HTTP.sys HTTP 2.0 Denial-of-Service Vulnerability
- IPS Version: 3.1.3 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
* 31573: HTTP: Microsoft Office Outlook Use-After-Free Vulnerability
- IPS Version: 3.6.2 and after.
- NGFW Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "31573: HTTP: Microsoft Outlook Use-After-Free Vulnerability ".
- Description updated.
- Vulnerability references updated.
Removed Filters: None
Digital Vaccine #9138
