Proventia A Series, XPU vPRA

CRITICAL: Proventia 22.25 contains 21 new events, including protocol anomaly detections, signatures for SunRPC, signatures for Helix Server, improved detection of MSRPC attacks, and additional protection against threats from exploitation of a cross-zone privilege escalation vulnerability in Internet Explorer. See the following X-Force Alert for more information: http://xforce.iss.net/xforce/alerts/id/177.

Checks:

Risk	VulnID	Check Name	Category
High	4939	RPC_Statd_MyName_Format_String	Unauthorized Access Attempt
High	6758	Oracle_Listener_Bo	Unauthorized Access Attempt
High	7069	RPC_TTDBServer_Format_String	Unauthorized Access Attempt
High	8971	Sunrpc_rwall_Msg_Format_String	Unauthorized Access Attempt
High	10847	MySQL_Change_User_Auth_Bypass	Suspicious Activity
High	11108	CVS_Directory_Double_Free	Unauthorized Access Attempt
High	12444	HTTP_IE_Script_HRAlign_Overflow	Unauthorized Access Attempt
High	13004	Helix_RealServer_Overflow	Unauthorized Access Attempt
Medium	14077	HTTP_IIS_Track	Suspicious Activity
High	15039	HTTP_Negotiate_SSP_ASN1_Overflow	Denial of Service
High	15166	Konik_TCP_Response	Unauthorized Access Attempt
Medium	16119	Email_Outlook_URL_Spoof	Suspicious Activity
Low	16252	HTTP_Skype	Protocol Signature
High	16314	SSL_Challenge_Length_Overflow	Unauthorized Access Attempt
Low	16385	Sunrpc_rwall_Message	Protocol Signature
Medium	16386	Sunrpc_rwall_Message_Overflow	Suspicious Activity
Medium	16394	HTTP_IE_ADODB_Stream_SaveToFile	Suspicious Activity
Medium	16430	CVS_Request_Path_Overflow	Unauthorized Access Attempt
Medium	16431	CVS_Request_Argument_Overflow	Unauthorized Access Attempt
Medium	16432	CVS_Request_Tag_Overflow	Unauthorized Access Attempt
Medium	16433	CVS_Request_Option_Overflow	Unauthorized Access Attempt

If you are an existing customer or partner, and you wish to download X-Press Updates from our download center, click here.