IPS Signature Database Update
| Name | ips.sig | |||
| Version | 3.0.114 | |||
| StoneOS | Firewall 5.5R8P2 or above, and NIPS/IDS 5.5R5-3.5 or above, and BDS 5.5R8-3.3 or above | |||
| Release Date | 2022-06-27 | |||
| New Signature (8) |
Rule ID | Rule Name | StoneOS | Detail |
| 336664 | GitLab Community and Enterprise Edition Notes Stored Cross Site Scripting Vulnerability (CVE-2022-1175) | 5.5R5 or above | click for more information | |
| 336662 | Acquia Mautic Tracking Pixel Stored Cross Site Scripting Vulnerability (CVE-2022-25772) | 5.5R8 or above | click for more information | |
| 336663 | Horde Groupware Webmail Edition Cross Site Request Forgery Vulnerability (CVE-2022-30287) | 5.0R4 or above | click for more information | |
| 336660 | VanDyke VShell Server Trigger Arbitrary Code Execution Vulnerability (CVE-2022-28054) | 5.5R5 or above | click for more information | |
| 336661 | OpenSSL c_rehash Script Command Injection Vulnerability (CVE-2022-1292) | 5.5R8 or above | click for more information | |
| 336649 | Tenda HG9 Router Authenticated Command Injection Vulnerability (CVE-2022-30023) | 5.5R5 or above | click for more information | |
| 1705197 | Oracle Database Server DBMS_CDC_PUBLISH Multiple Procedure SQL Injection Vulnerability (CVE-2010-0870) | 5.0R4 or above | click for more information | |
| 1705198 | Oracle Database Server CREATE_TABLES SQL Injection (CVE-2009-1991) | 5.0R4 or above | click for more information | |
| Updated Signature (15) |
Rule ID | Rule Name | StoneOS | Detail |
| 336615 | Squid Proxy Unauthenticated HTTP Header Denial of Service Vulnerabilities Vulnerability (CVE-2021-31806) | 5.5R5 or above | Click here for more information | |
| 313154 | Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability -2 (CVE-2016-3385) | 5.0R4 or above | Click here for more information | |
| 709597 | Oracle HTTP Server Security Policy Bypass Vulnerability (CVE-2005-1383) | 5.0R4 or above | Click here for more information | |
| 334134 | Apache Superset Markdown Component Stored Cross-Site Scripting Vulnerability (CVE-2021-27907) | 5.5R5 or above | Click here for more information | |
| 306550 | SAP Sybase Event Stream Processor esp_parse Connection Unsafe Pointer Dereference Vulnerability (CVE-2014-3457) | 5.5R5 or above | Click here for more information | |
| 311361 | Drupal Core XML-RPC Endpoint Xmlrpc.php Tags Denial of Service Vulnerability -1 (CVE-2014-5266) | 5.0R4 or above | Click here for more information | |
| 310923 | Moodle Remote Command Execution Vulnerability (CVE-2013-3630) | 5.0R4 or above | Click here for more information | |
| 322408 | Kolibri HTTP Server HEAD Request Buffer Overflow Vulnerability (CVE-2002-2268) | 5.5R4 or above | Click here for more information | |
| 333554 | Cisco Data Center Network Manager saveZoneInputFileToServer Directory Traversal Vulnerability (CVE-2019-15980) | 5.5R5 or above | Click here for more information | |
| 330099 | HAProxy cookie Denial of Service Vulnerability (CVE-2019-14241) | 5.5R5 or above | Click here for more information | |
| 305447 | Apache HTTP Server Byte-Range DoS (CVE-2011-3192) | 5.5R4 or above | Click here for more information | |
| 330151 | Synology Photo Station Arbitrary File Upload Vulnerability (CVE-2017-11151) | 5.0R4 or above | Click here for more information | |
| 322394 | PHP Win32 escapeshellcmd() Input Validation Command Execution Vulnerability (CVE-2004-0542) | 5.5R5 or above | Click here for more information | |
| 335217 | ExifTool DjVu File Arbitrary Code Execution Vulnerability (CVE-2021-22204) | 5.5R5 or above | Click here for more information | |
| 333924 | Apache HTTP Server 2.4.50 Path Traversal Vulnerability (CVE-2021-42013) | 5.5R5 or above | Click here for more information | |