*** EX RELS 03307 Release ***
Total number of signatures: 6038

Description
==================================================================
In this signature, we addressed the exploits/vulnerabilities
and applications as below:


Added 27 rule(s):
---------------
1066549	MEDIA QQLive access via TCP -8
1133311	WEB Teampass upload.files.php Arbitrary File Upload
1133319	WEB SugarCRM rest_data PHP Object Deserialization
1133322	WEB op5 Monitor command_test.php Command Injection -1
1133325	SSL OpenSSL SSL3_AL_WARNING Denial of Service (CVE-2016-8610)
1133327	WEB Joomla! CMS Policy Bypass and Privilege Escalation Vulnerabilities -2 (CVE-2016-8869)
1133331	WEB Alienvault Unified Security Management and OSSIM gauge.php SQL Injection -3 (CVE-2016-8582)
1133332	WEB Microsoft SQL RDBMS Engine UNC Path Injection Privilege Escalation -2 (CVE-2016-7250)
1133333	WEB Trend Micro Virtual Mobile Infrastructure apns_worker.py Command Injection -1 (CVE-2016-6270)
1133334	WEB Trend Micro Virtual Mobile Infrastructure apns_worker.py Command Injection -2 (CVE-2016-6270)
1133337	WEB Trend Micro Smart Protection Server admin_notification.php Command Injection -1 (CVE-2016-6267)
1133343	WEB Wavelink Emulation License Server HTTP Header Processing Buffer Overflow -3 (CVE-2015-4059)
1133351	EXPLOIT Netop Remote Control dws File Stack Buffer Overflow -3
1133353	VIRUS Eicar test string -2
1160045	TUNNEL HotspotShield connect state 0 via SSL -4-1
1160046	TUNNEL HotspotShield connect via SSL -4
1160049	MEDIA QQLive media via TCP -12
1160050	MEDIA VEVO media via TCP -9
1160051	PRIPROTOCOL Thunder transfer via UDP -2
1160052	WEB Akamai.net access via SSL -2
1160053	IM AliWW login via TCP -4
1160054	IM AliWW transfer via TCP -4
1160055	IM AliWW transfer via TCP -5
1160061	TUNNEL HotspotShield connect state 0 via SSL -5-1
1160062	TUNNEL HotspotShield connect via SSL -5
1160063	MEDIA iQIYI/PPS media via TCP -19
1160065	MEDIA QQLive access via TCP -9

Modified 23 rule(s):
---------------
1050694	WEB SQL injection attempt -41
1051723	VIRUS Eicar test string
1055176	WEB Apache HTTPD Error Code 400 httpOnly Cookie Handling Information Disclosure -1 (CVE-2012-0053)
1055189	WEB SQL injection attempt -10
1056547	EXPLOIT Netop Remote Control dws File Stack Buffer Overflow -1
1057385	FILE Adobe Photoshop Asset Elements Buffer Overflow -1 (CVE-2012-2052)
1057386	FILE Adobe Photoshop Asset Elements Buffer Overflow -2 (CVE-2012-2052)
1057387	FILE Adobe Photoshop Asset Elements Buffer Overflow -3 (CVE-2012-2052)
1057388	FILE Adobe Photoshop Asset Elements Buffer Overflow -4 (CVE-2012-2052)
1059902	EXPLOIT Netcore Router Backdoor Access
1060434	UDP port 666 traffic (eg. Doom)
1065574	WEB PulseNews access via SSL -1
1066552	MEDIA QQLive media via TCP -9
1069325	CA Yahoo Authentication via SSL -7
1131343	WEB Generic Remote Javascript Upload and Execution -1.a
1131572	WEB Symantec Endpoint Protection ConsoleServlet ResetPassword Policy Bypass -1.u (CVE-2015-1486)
1131754	WEB SQL injection attempt -73.a
1131889	EXPLOIT Apple SceneKit qlmanage deaElement setElement Buffer Overflow (CVE-2015-3783)
1132120	WEB Generic Remote Javascript Upload and Execution -2.a
1132121	WEB Generic Remote Javascript Upload and Execution -3.a
1133162	WEB Joomla! CMS Policy Bypass and Privilege Escalation Vulnerabilities -1 (CVE-2016-8869)
1190000	TCP port 2375 traffic (eg. Docker)
1190001	TCP port 2376 traffic (eg. Docker)

Deleted 0 rule(s):
---------------