六方云知识库

2019年03月01日IPS特征库升级公告

2019年03月11日 09:34


    IPS特征库版本号:IPS-20190301-1.1.0.24

    发表日期:2019-03-01 11:17

 

漏洞/病毒名

特征摘要

特征说明

Microsoft Edge out of bounds write   attempt

微软Edge浏览器漏洞攻击检测

这些特征均提取自实验室捕捉到的windows平台漏洞利用样本,通过安全研究人员的深入分析,基于漏洞本质原因和攻击模式提取核心检测特征,通杀率较高

Microsoft Windows win32k.sys use after   free attempt

微软Windows win32k.sys UAF漏洞攻击检测

Microsoft Windows DNS buffer overflow   attack detected

微软Windows DNS(DNSAPI.dll)缓冲区溢出攻击检测

Microsoft Windows DNS buffer overflow   attack detected


Microsoft Windows kernel privilege   escalation attack detected

微软Windows内核特权提升漏洞攻击检测

Sunway ForceControl SNMP NetDBServer   Integer Signedness Buffer   Overflow

三维力控SNMP NetDBServer 整数无符号缓冲区溢出

3S CoDeSys Gateway Server stack buffer   overflow attempt

CODESYS 网关服务器栈缓冲区溢出尝试

Sielco Sistemi Winlog DbiSetToRecordNo   code execution op 28

Sielco Sistemi Winlog DbiSetToRecordNo   op 28 代码执行

RealFlex RealWin SCADA   On_FC_RFUSER_FCS_LOGIN Buffer Overflow

RealFlex RealWin SCADA   On_FC_RFUSER_FCS_LOGIN 缓冲区溢出

Broadwin WebAccess ActiveX Control   Insecure method   (WriteTextData or CloseFile)

Broadwin WebAccess ActiveX 控件不安全的方法调用(WriteTextData CloseFile)

Siemens SIMATIC WinCC flexible runtime   stack buffer overflow   attempt

西门子SIMATIC WinCC flexible runtime 栈缓冲区溢出尝试

Cogent unicode buffer overflow attempt

Cogent unicode 缓冲区溢出尝试

ScadaTec Procyon Core server password   overflow attempt

ScadaTec Procyon Core 服务器密码溢出尝试

 

 

IPS-20190301-1.1.0.zip(需解压后升级)


more

手机扫码打开

logo