How do you determine if there are any available signatures to cover a particular CVE?
There are a couple different ways that you can determine if a CVE has any current coverage. Use either of the two methods below to determine this:
- You can search for the particular CVE on CVE Search located at http://xforce.iss.net/CveSearch.do?p=. This can manually be found by going to http://xforce.iss.net/, going to the Product Coverage Search section, and then Search by CVE.
- In the SiteProtector Console, go to Help -> Attack Signatures -> Protocol Analysis Module and download the pam.zip file. Alternatively, this can be downloaded at http://www.iss.net/security_center/reference/help/pam/pam.zip. Once the file has been downloaded, extract the pam.chm file from the zip archive and open pam.chm. Under the Contents tab, expand PAM -> cross reference then click on CVE. Here you will find a list of the CVEs with the corresponding signature(s).
If the particular CVE you are interested in is not listed in either of these two places, contact Technical Support referencing the CVE in question.
If the above information does not resolve your issue, contact IBM Security Systems Technical Support.
|Security||IBM Security Host Protection||AIX, HP-UX, Linux, Windows||2.2.2, 7.0 - SR 4.1, 7.0 - SR 4.2, 7.0 - SR 4.3, 7.0 - SR 4.4, 1.0.0, 1.5.0|
|Security||Internet Scanner Software||Windows||7.0.2|
|Security||Proventia Desktop Endpoint Security||Windows||8.0, 9.0, 10.0, 10.1|
|Security||Proventia Network Enterprise Scanner||Firmware||1.4, 2.1, 2.2, 2.3|
|Security||Proventia Network Multi-Function Security||Firmware||3.14, 3.15, 4.1, 4.2, 4.3, 4.4, 4.5, 4.6|
|Security||Proventia Virtualized Network Security Platform||Firmware||3.1, 3.3, 4.1, 4.3, 4.4, 4.5, 4.6|
|Security||IBM Security Network Intrusion Prevention System||General Information||Firmware||1.8, 2.5, 3.3, 4.1, 4.2, 4.3, 4.4, 4.5, 4.6, 4.6.1|
|Security||IBM Security Network Protection||General Information||Firmware||5.1.1, 5.1.2, 5.2.0, 220.127.116.11|