This SRU number: 2019-12-18-001
Previous SRU number: 2019-12-17-001
Applies to:
This SEU number: 2104
Previous SEU: 2103
Applies to:
This is the complete list of rules modified in SRU 2019-12-18-001 and SEU 2104.
The format of the file is:
GID - SID - Rule Group - Rule Message - Policy State
The Policy State refers to each default Cisco Talos policy, Connectivity, Balanced, Security, and Maximum Detection.
The default passive policy state is the same as the Balanced policy state with the exception of alert being used instead of drop.
Note: Unless stated explicitly, the rules are for the series of products listed above.
| GID | SID | Rule Group | Rule Message | Policy State | |||
|---|---|---|---|---|---|---|---|
| Con. | Bal. | Sec. | Max. | ||||
| 1 | 37328 | DELETED | FILE-IMAGE Adobe Camera Raw Plug-in TIFF image processing buffer underflow attempt | off | off | off | off |
| 1 | 37330 | DELETED | FILE-IMAGE Adobe Camera Raw Plug-in TIFF image processing buffer underflow attempt | off | off | off | off |
| 1 | 37333 | DELETED | FILE-IMAGE Adobe Camera Raw Plug-in TIFF image processing buffer underflow attempt | off | off | off | off |
| 1 | 37334 | DELETED | FILE-IMAGE Adobe Camera Raw Plug-in TIFF image processing buffer underflow attempt | off | off | off | off |
| 1 | 37335 | DELETED | FILE-IMAGE Adobe Camera Raw Plug-in TIFF image processing buffer underflow attempt | off | off | off | off |
| 1 | 37336 | DELETED | FILE-IMAGE Adobe Camera Raw Plug-in TIFF image processing buffer underflow attempt | off | off | off | off |
| 1 | 37337 | DELETED | FILE-IMAGE Adobe Camera Raw Plug-in TIFF image processing buffer underflow attempt | off | off | off | off |
| 1 | 37338 | DELETED | FILE-IMAGE Adobe Camera Raw Plug-in TIFF image processing buffer underflow attempt | off | off | off | off |
| 1 | 37339 | DELETED | FILE-IMAGE Adobe Camera Raw Plug-in TIFF image processing buffer underflow attempt | off | off | off | off |
| 1 | 37340 | DELETED | FILE-IMAGE Adobe Camera Raw Plug-in TIFF image processing buffer underflow attempt | off | off | off | off |
| 1 | 37341 | DELETED | FILE-IMAGE Adobe Camera Raw Plug-in TIFF image processing buffer underflow attempt | off | off | off | off |
| 1 | 37342 | DELETED | FILE-IMAGE Adobe Camera Raw Plug-in TIFF image processing buffer underflow attempt | off | off | off | off |
| 1 | 50276 | MALWARE-BACKDOOR | Win.Backdoor.Chopper webshell inbound request attempt | off | drop | drop | drop |
| 1 | 50277 | MALWARE-BACKDOOR | Win.Backdoor.Chopper webshell inbound request attempt | off | drop | drop | drop |
| 1 | 50860 | SERVER-WEBAPP | Palo Alto GlobalProtect SSL VPN buffer overflow attempt | off | off | drop | drop |
| 1 | 52449 | POLICY-OTHER | Potential phishing domain ddns.net outbound connection detected | off | off | off | off |
| GID | SID | Rule Group | Rule Message | Policy State | |||
|---|---|---|---|---|---|---|---|
| Con. | Bal. | Sec. | Max. | ||||
| 1 | 20341 | PROTOCOL-VOIP | To header unquoted tokens in field attempt | off | off | off | drop |
| 1 | 39946 | PROTOCOL-DNS | PowerDNS TKEY query denial of service attempt | off | off | drop | drop |
| 1 | 39947 | PROTOCOL-DNS | PowerDNS TKEY query denial of service attempt | off | off | drop | drop |
| 1 | 39948 | PROTOCOL-DNS | PowerDNS TCP TKEY query denial of service attempt | off | off | drop | drop |
| 1 | 39949 | PROTOCOL-DNS | PowerDNS TCP TKEY query denial of service attempt | off | off | drop | drop |
| 1 | 39950 | PROTOCOL-DNS | PowerDNS TCP TSIG query denial of service attempt | off | off | drop | drop |
| 1 | 39951 | PROTOCOL-DNS | PowerDNS TCP TSIG query denial of service attempt | off | off | drop | drop |
| 1 | 39952 | PROTOCOL-DNS | PowerDNS TSIG query denial of service attempt | off | off | drop | drop |
| 1 | 39953 | PROTOCOL-DNS | PowerDNS TSIG query denial of service attempt | off | off | drop | drop |
| 1 | 47881 | PROTOCOL-DNS | dnsmasq add_pseudoheader memory leak attempt | off | off | drop | drop |