[prev in list] [next in list] [prev in thread] [next in thread]
List: emerging-updates
Subject: [Emerging-updates] Out-of-Band Ruleset Update Summary 2021/03/03
From: James Emery-Callcott <jcallcott () emergingthreats ! net>
Date: 2021-03-03 17:54:51
Message-ID: CAMAH=ZhBf74u8sf2SA_iaRy-EK71=8ZM7aqJgwDQ5ZbkWNwpCQ () mail ! gmail ! com
[Download RAW message or body]
[***] Summary: [***]
This is an OOB update to address the recent Microsoft Exchange
vulnerabilities.
More information can be found here -
https://www.microsoft.com/security/blog/2021/03/02/hafnium-targeting-exchange-servers/
Please feel free to reply here with any questions you may have
regarding the signatures and/or vulnerabilities in question.
[+++] Added rules: [+++]
Pro:
2847418 - ETPRO EXPLOIT Microsoft Exchange - Possible RCE Inbound
(CVE-2021-26857) (exploit.rules)
2847419 - ETPRO EXPLOIT Microsoft Exchange - Possible RCE with
WebShell Inbound M1 (CVE-2021-26857) (exploit.rules)
2847420 - ETPRO EXPLOIT Microsoft Exchange - Possible RCE with
WebShell Inbound M1 (CVE-2021-26857) (exploit.rules)
2847421 - ETPRO EXPLOIT Microsoft Exchange - Attempted SSRF/Stage 1
Auth Bypass Verification (CVE-2021-26855) (exploit.rules)
2847422 - ETPRO EXPLOIT Microsoft Exchange - Pre-Auth SSRF Recon
Inbound (CVE-2021-26855) (exploit.rules)
2847423 - ETPRO EXPLOIT Microsoft Exchange - Attempted ECP Privilege
Escalation (CVE-2021-26855) (exploit.rules)
James Emery-Callcott
Security Researcher | ProofPoint Inc | Emerging Threats Team
_______________________________________________
Emerging-updates mailing list
Emerging-updates@lists.emergingthreats.net
https://lists.emergingthreats.net/mailman/listinfo/emerging-updates
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic