*** EX RELS 03337 Release ***
Total number of signatures: 6033

Description
==================================================================
In this signature, we addressed the exploits/vulnerabilities
and applications as below:


Added 16 rule(s):
---------------
1133850	SMB Samba Symlink Directory Traversal
1133851	EXPLOIT Genivia gSOAP XML parser Buffer Overflow (CVE-2017-9765)
1133852	SMB Samba Writeable Share Insecure Library Loading -2.1 (CVE-2017-7494)
1133853	WEB GoAhead login.cgi Information Disclosure Vulnerability
1133854	SMB Samba Writeable Share Insecure Library Loading -3 (CVE-2017-7494)
1133855	WEB GoAhead IPCam Remote Code Execution -2
1133856	SMB Samba Writeable Share Insecure Library Loading -2.2 (CVE-2017-7494)
1133857	NTP Network Time Protocol Daemon read_mru_list Denial of Service -5 (CVE-2016-7434)
1133859	WEB Squid Squoison Host Header Cache Poisoning -2 (CVE-2016-4553)
1160556	WEB ifeng.com access via SSL -1
1160557	IM Voxer access via TCP -1
1160558	WEB-IM ICQ access via SSL -1
1160559	MEDIA Sohu TV media via TCP -12
1160560	MEDIA Sohu TV access via SSL -1
1160561	WEB Taobao access via TCP -7
1160562	WEB Taobao media via TCP -1

Modified 74 rule(s):
---------------
1048892	NETWORK redirect host access via ICMP -1
1048897	NETWORK Source Quench access via ICMP -1
1048900	NETWORK TJPingPro1.1Build 2 Windows access via ICMP -1
1048901	NETWORK PING WhatsupGold Windows access via ICMP -1
1048904	NETWORK Destination Unreachable access via ICMP -1
1048905	NETWORK Destination Unreachable access via ICMP -2
1048906	NETWORK Destination Unreachable access via ICMP -3
1048917	NETWORK PING LINUX/*BSD access via ICMP -1
1048925	NETWORK PING access via ICMP -1
1048926	NETWORK traceroute access via ICMP -1
1048927	NETWORK Address Mask Reply access via ICMP -1
1048929	NETWORK Address Mask Request access via ICMP -1
1048931	NETWORK Alternate Host Address access via ICMP -1
1048933	NETWORK Datagram Conversion Error access via ICMP -1
1048935	NETWORK Destination Unreachable access via ICMP -4
1048936	NETWORK Destination Unreachable access via ICMP -5
1048937	NETWORK Destination Unreachable access via ICMP -6
1048938	NETWORK Destination Unreachable access via ICMP -7
1048939	NETWORK Destination Unreachable access via ICMP -8
1048940	NETWORK Destination Unreachable access via ICMP -9
1048941	NETWORK Destination Unreachable access via ICMP -10
1048942	NETWORK Destination Unreachable access via ICMP -11
1048943	NETWORK Destination Unreachable access via ICMP -12
1048944	NETWORK Destination Unreachable access via ICMP -13
1048945	NETWORK Destination Unreachable access via ICMP -14
1048946	NETWORK Destination Unreachable access via ICMP -15
1048947	NETWORK Destination Unreachable access via ICMP -16
1048951	NETWORK Fragment Reassembly Time Exceeded access via ICMP -1
1048956	NETWORK Information Reply access via ICMP -1
1048958	NETWORK Information Request access via ICMP -1
1048960	NETWORK Mobile Host Redirect access via ICMP -1
1048962	NETWORK Mobile Registration Reply access via ICMP -1
1048964	NETWORK Mobile Registration Request access via ICMP -1
1048966	NETWORK Parameter Problem (Bad Length) access via ICMP -1
1048967	NETWORK Parameter Problem (Missing a Requiered Option) access via ICMP -1
1048968	NETWORK Parameter Problem (Unspecified Error) access via ICMP -1
1048970	NETWORK Photuris (Reserved) access via ICMP -1
1048971	NETWORK Photuris (Unknown Security Parameters Index) access via ICMP -1
1048972	NETWORK Photuris (Authentication Failed) access via ICMP -1
1048973	NETWORK Photuris (Decryption Failed) access via ICMP -1
1048975	NETWORK Redirect (for TOS and Host) access via ICMP -1
1048976	NETWORK Redirect (for TOS and Network) access via ICMP -1
1048978	NETWORK Reserved for Security (Type 19) access via ICMP -1
1048980	NETWORK Router Advertisement access via ICMP -1
1048981	NETWORK Router Selection access via ICMP -1
1048982	NETWORK SKIP access via ICMP -1
1048985	NETWORK Time-To-Live Exceeded in Transit access via ICMP -1
1048987	NETWORK Timestamp Reply access via ICMP -1
1048989	NETWORK Timestamp Request access via ICMP -1
1048991	NETWORK Traceroute ipopts access via ICMP -1
1050288	NETWORK source route - lsrr access via ICMP -1
1050290	NETWORK sourceroute-ssrr access via ICMP -1
1051140	NETWORK PING SoftEther Keep-Alive access via ICMP -1
1061733	MEDIA Sohu TV access via TCP -1
1066401	NETWORK PING access via ICMPv6 -1
1066504	NETWORK Echo Reply access via ICMPv6 -1
1066505	NETWORK Destination Unreachable access via ICMPv6 -1
1066506	NETWORK Packet Too Big access via ICMPv6 -1
1066507	NETWORK Time Exceeded access via ICMPv6 -1
1066508	NETWORK Parameter Problem access via ICMPv6 -1
1066509	NETWORK Router Solicitation access via ICMPv6 -1
1066510	NETWORK Router Advertisement access via ICMPv6 -1
1066511	NETWORK Neighbor Solicitation access via ICMPv6 -1
1066512	NETWORK Neighbor Advertisement access via ICMPv6 -1
1066513	NETWORK Redirect Message access via ICMPv6 -1
1066514	NETWORK access via ICMPv6 -1
1069077	SG - P2P BitComet access via UDP
1080002	SG - P2P eDonkey access via TCP
1080003	SG - P2P BitTorrent access via TCP
1080011	SG - P2P Winny access via TCP
1132784	WEB Squid Squoison Host Header Cache Poisoning -1 (CVE-2016-4553)
1133705	WEB Dahua IPCam Credentials Leak -1 (CVE-2017-6341)
1133708	WEB GoAhead IPCam Remote Code Execution -1
1133735	SMB Samba Writeable Share Insecure Library Loading -1 (CVE-2017-7494)

Deleted 30 rule(s):
---------------
1056420	EXPLOIT Oracle Java Sandbox Breach - 4 (CVE-2012-4681) (old rule)
1056421	EXPLOIT Oracle Java Sandbox Breach - 5 (CVE-2012-4681) (old rule)
1056424	EXPLOIT Oracle Java Sandbox Breach - 6 (CVE-2012-4681) (old rule)
1056666	EXPLOIT Multiple Apple QuickTime TeXML QuickTime3GPP.qtx Stack Buffer Overflows -2 (CVE-2012-0663) (old rule)
1057299	WEB HP Intelligent Management Center Arbitrary File Upload (CVE-2012-5201) (old rule)
1057323	EXPLOIT HP LeftHand Virtual SAN Appliance hydra Credential Information Disclosure (CVE-2012-3282) (old rule)
1057324	EXPLOIT HP LeftHand Virtual SAN Appliance hydra Diag Processing Buffer Overflow -1 (CVE-2012-3283) (old rule)
1057325	SNMP HP LeftHand Virtual SAN Appliance hydra SNMP Processing Buffer Overflow (CVE-2012-3284) (old rule)
1057326	EXPLOIT HP LeftHand Virtual SAN Appliance hydra Ping Processing Buffer Overflow (CVE-2012-3285) (old rule)
1057330	WEB-ACTIVEX Apple QuickTime ActiveX Control Clear Method Use After Free -1 (CVE-2012-3754) (old rule)
1057351	SMB Microsoft Windows File Name Parsing Memory Corruption (CVE-2012-4774) (old rule)
1057356	WEB Squid Proxy Cache cachemgr.cgi Resource Exhaustion (CVE-2012-5643) (old rule)
1057378	SIP Digium Asterisk HTTP Management Interface Stack Overflow -1 (CVE-2012-5976) (old rule)
1057379	SIP Digium Asterisk HTTP Management Interface Stack Overflow -2 (CVE-2012-5976) (old rule)
1057384	EXPLOIT Multiple AntiVirus Products TAR File Scan Evasion Vulnerability (CVE-2012-1424) (old rule)
1057385	FILE Adobe Photoshop Asset Elements Buffer Overflow -1 (CVE-2012-2052) (old rule)
1057386	FILE Adobe Photoshop Asset Elements Buffer Overflow -2 (CVE-2012-2052) (old rule)
1057387	FILE Adobe Photoshop Asset Elements Buffer Overflow -3 (CVE-2012-2052) (old rule)
1057388	FILE Adobe Photoshop Asset Elements Buffer Overflow -4 (CVE-2012-2052) (old rule)
1057395	WEB Novell ZENworks Asset Management Web Console Information Disclosure -4 (CVE-2012-4933) (old rule)
1057396	WEB Novell ZENworks Asset Management Web Console Information Disclosure -5 (CVE-2012-4933) (old rule)
1057398	WEB Symantec Web Gateway blocked.php Blind SQL Injection -2 (CVE-2012-2574) (old rule)
1057429	SSL OpenSSL AES-NI Integer Underflow -1 (CVE-2012-2686) (old rule)
1057464	EXPLOIT HP Data Protector Express Multiple Opcode Parsing Stack Buffer Overflow -2 (CVE-2012-0121) (old rule)
1057472	EXPLOIT Microsoft Windows Briefcase Integer Underflow Vulnerability -2 (CVE-2012-1527) (old rule)
1057475	EXPLOIT Oracle Java Runtime Bytecode Verifier Cache Code Execution -2 (CVE-2012-1723) (old rule)
1057479	DOS VMware ESX and ESXi Server SOAP Request Handling Denial Of Service -1 (CVE-2012-5703) (old rule)
1057480	DOS VMware ESX and ESXi Server SOAP Request Handling Denial Of Service -2 (CVE-2012-5703) (old rule)
1057484	WEB-CLIENT Quest InTrust AnnotateX.dll Uninitialized Pointer Code Execution Vulnerability -1 (CVE-2012-5896) (old rule)
1057486	EXPLOIT Portable SDK for UPnP Devices libupnp Device Service Name Stack Buffer -2 (CVE-2012-5958) (old rule)