*** NetKeeper 8.548 Release ***
Total number of signatures: 3062
Signature update 8.548 is for NetKeeper series devices.
  NK6000 (NK6105, NK6210C/F/G)
  NK3500 (NK3520, NK3550)
  NK5500 NK5900
  NK7210


Description
==================================================================
In this signature, we addressed the exploits/vulnerabilities 
and applications as below:

Different from the version 8.546 ***
Modify 16 Rules:
--------------------------------------------------------------------
1120193	WEB URI Handler Buffer Overflow - POST -1
1133716	SMB Microsoft MS17-010 SMB Remote Code Execution -5
1133465	WEB OpenBSD http server Denial of Service Vulnerability (CVE-2017-5850)
1133570	WEB PHPMailer Remote Code Execution -1.2 (CVE-2016-10033)
1133644	WEB Disk Sorter Enterprise GET Buffer Overflow
1133579	WEB-CLIENT Microsoft Internet Explorer Memory Corruption Vulnerability -2 (CVE-2017-0059)
1133585	FILE Adobe Acrobat ImageConversion PCX Parsing Out-Of-Bounds Write (CVE-2017-3036)
1133709	TELNET Cisco IOS and IOS XE Software Cluster Management Protocol Denial Of Service Vulnerability (CVE-2017-3881)
1133667	WEB Wordpress Mobile Detector Plugin Remote File Upload -1
1133668	WEB Wordpress Mobile Detector Plugin Remote File Upload -2
1133601	WEB b374k WEB Shell Activity -1
1133603	WEB b374k WEB Shell Activity -2
1055106	WEB PHP Arbitrary Code Injection -1.a
1120000	WEB URI Handler Buffer Overflow - GET -1
1132836	WEB Remote Command Execution via Python -2.a
1133385	WEB PHPMailer Remote Code Execution -1.1 (CVE-2016-10045)

Add 39 Rules:
--------------------------------------------------------------------
1133762	WEB URI Handler Buffer Overflow - GET -7
1133763	WEB URI Handler Buffer Overflow - POST -3
1133738	WEB Windows Powershell Remote Command Injection -1 (CVE-2013-3763)
1133729	WEB PHPMailer Remote Code Execution -1.2 (CVE-2016-10045)
1133726	WEB Dup Scout Enterprise GET Buffer Overflow
1133727	WEB URI Handler Buffer Overflow - GET -6
1133728	WEB Directory Traversal in Cookies
1133764	WEB Kaltura Remote PHP Code Execution
1133769	WEB ManageEngine Desktop Central / Password Manager LinkViewFetchServlet.dat SQL Injection (CVE-2014-3996)
1133730	WEB-CLIENT Microsoft Edge Frame Elements Same Origin Policy Bypass (CVE-2017-0066)
1133731	WEB-CLIENT Microsoft Edge CVE-2017-0070 Getter Use After Free -1 (CVE-2017-0070)
1133732	WEB-CLIENT Microsoft Edge CVE-2017-0070 Getter Use After Free -2 (CVE-2017-0070)
1133744	WEB-CLIENT Microsoft NTFS Device Access Denial of Service
1133748	FILE Adobe Acrobat and Reader JPEG2000 Parsing Out of Bounds Read (CVE-2017-3045)
1133758	WEB-CLIENT Microsoft Internet Explorer Memory Corruption Vulnerability -1 (CVE-2017-0059)
1133723	WEB-CLIENT Mozilla Firefox Table Use After Free (CVE-2017-5404)
1133724	WEB-CLIENT Javascript Obfuscation in Exploit Kits - 93 (Ransomware Attack Vector)
1133725	WEB-CLIENT Javascript Obfuscation in Exploit Kits - 94 (Ransomware Attack Vector)
1133735	SMB Samba is_known_pipename Arbitrary Module Load Remote Code Execution (CVE-2017-7494)
1133737	WEB Splunk Enterprise alerts alerts_id Server-Side Request Forgery
1133740	EXPLOIT HPE Intelligent Management Center RMI Registry Insecure Deserialization -1 (CVE-2017-5792)
1133741	EXPLOIT HPE Intelligent Management Center RMI Registry Insecure Deserialization -2 (CVE-2017-5792)
1133742	EXPLOIT HPE Intelligent Management Center RMI Registry Insecure Deserialization -3 (CVE-2017-5792)
1133743	EXPLOIT HPE Intelligent Management Center RMI Registry Insecure Deserialization -4 (CVE-2017-5792)
1133746	DB Oracle MySQL Auth Password Integer Overflow (CVE-2017-3599)
1133750	WEB Exponent CMS eaasController.php api Function SQL Injection Vulnerabilities -1.a (CVE-2017-7991)
1133751	WEB Exponent CMS eaasController.php api Function SQL Injection Vulnerabilities -1.x (CVE-2017-7991)
1133754	NTP Network Time Protocol Daemon peer_xmit mode Denial of Service (CVE-2017-6464)
1133755	SIP Digium Asterisk CDR ast_cdr_setuserfield Buffer Overflow (CVE-2017-7617)
1133767	WEB HPE Intelligent Management Center accessMgrServlet Insecure Deserialization -1 (CVE-2017-5790)
1133768	EXPLOIT HPE LoadRunner and Performance Center libxdrutil.dll mxdr_string Heap Buffer Overflow (CVE-2017-5789)
1133753	WEB PHP phar_parse_pharfile Function filename_len Property Integer Overflow (CVE-2016-10159)
1133760	WEB Oracle WebLogic Server Apache-Commons-FileUpload Library Insecure Deserialization (CVE-2013-2186)
1133766	WEB NetDecision 4.5.1 HTTP Server Buffer Overflow (CVE-2012-6096)
1133733	WEB Trend Micro SafeSync for Enterprise deviceTool.pm devid Command Injection -1
1133734	WEB Trend Micro SafeSync for Enterprise deviceTool.pm devid Command Injection -2
1133756	WEB Trend Micro SafeSync for Enterprise rollback Command Injection -1
1133757	WEB Trend Micro SafeSync for Enterprise rollback Command Injection -2
1160399	MAIL Gmail access via UDP -1

Delete 38 Rules:
--------------------------------------------------------------------
1133396	FILE Adobe Flash Player Heap Overflow (CVE-2017-2933)
1133397	FILE Adobe Acrobat Reader Buffer Overflow (CVE-2017-2948)
1133398	FILE Adobe Acrobat Reader Heap Overflow (CVE-2017-2949)
1133399	FILE Adobe Acrobat ImageConversion TIFF Heap-based Buffer Overflow (CVE-2017-2966)
1133394	WEB-CLIENT Microsoft Edge Chakra Array.shift Type Confusion -1.1 (CVE-2016-7201)
1133395	WEB-CLIENT Microsoft Edge Chakra Array.shift Type Confusion -1.2 (CVE-2016-7201)
1132946	FILE Adobe Flash AS2 TextField gridFitType Use-After-Free Remote Code Execution (CVE-2015-7652)
1133378	FILE Adobe Flash DisplacementMapFilter MapBitmap Use-After-Free Vulnerability -1 (CVE-2015-5127)
1133379	FILE Adobe Flash DisplacementMapFilter MapBitmap Use-After-Free Vulnerability -2 (CVE-2015-5127)
1133382	FILE Adobe Flash Player MovieClip Use-After-Free Vulnerability -2 (CVE-2015-5130)
1133383	FILE Adobe Flash Player XML Bad Write Memory Corruption Vulnerability -2 (CVE-2015-5549)
1133384	FILE Adobe Flash Player XML Bad Write Memory Corruption Vulnerability -3 (CVE-2015-5549)
1133386	FILE Adobe Flash MovieClip attachMovie Use-After-Free (CVE-2015-5551)
1133357	EXPLOIT Microsoft .NET Framework Heap Buffer Overflow -1 (CVE-2012-0163)
1133361	WEB-CLIENT Microsoft Internet Explorer Uninitialized memory corruption -3 (CVE-2012-1522)
1133366	FILE Microsoft Office Works File Converter Heap Overflow -3 (CVE-2012-0177)
1133368	WEB-CLIENT Microsoft Windows Object Packager Insecure Executable Loading -2 (CVE-2012-0009)
1133360	FILE Adobe Flash Player MP4 Sequence Parameter Set Parsing Buffer Overflow -2 (CVE-2011-2140)
1133365	WEB Microsoft ASP.NET Forms Authentication Insecure Redirect -2 (CVE-2011-3415)
1133389	WEB Netgear WNR2000v5 Remote Code Execution Vulnerability
1133390	WEB 3CX Phone System VAD_Deploy.aspx Arbitrary File Upload
1133391	WEB FreePBX Framework hotelwakeup Module Directory Traversal
1133392	WEB FreePBX Framework remotemod Remote Command Execution
1133401	NTP ntp.org Network Time Protocol Windows Daemon getEndptFromIoCtx Denial of Service (CVE-2016-9312)
1133403	WEB Joomla! CMS Policy Bypass and Privilege Escalation Vulnerabilities (CVE-2016-8869)
1133380	EXPLOIT MIT Kerberos 5 kadmind KADM5_POLICY Denial of Service (CVE-2015-8630)
1133400	WEB SearchBlox Multiple Authentication Bypass Vulnerabilities -4 (CVE-2015-7919)
1133359	WEB IBM Tivoli Endpoint Manager Web Reports ScheduleParam Cross-site Scripting (CVE-2012-0719)
1133362	FILE Oracle Outside In OOXML Relationship Tag Parsing Stack Buffer Overflow (ZDI-12-017)
1133363	EXPLOIT Oracle Java Runtime Bytecode Verifier Cache Code Execution -4 (CVE-2012-1723)
1133364	WEB Oracle GlassFish Enterprise Server REST Interface Cross Site Request Forgery -2 (CVE-2012-0550)
1133367	Oracle GlassFish Enterprise Server Multiple Reflected Cross Site Scripting Vulnerabilities (CVE-2012-0551)
1133358	WEB-ACTIVEX IBM Rational Rhapsody BB FlashBack FBRecorder Multiple Vulnerabilities (CVE-2011-1388)
1133393	WEB WSO WEB Shell Activity
1059583	SCADA Advantech WebAccess SCADA webvact.ocx AccessCode Buffer Overflow -1 (CVE-2014-0768)
1059584	SCADA Advantech WebAccess SCADA webvact.ocx AccessCode Buffer Overflow -2 (CVE-2014-0768)
1059594	WEB ElasticSearch Dynamic Script Arbitrary Java Execution (CVE-2014-3120)
1059617	WEB Easy File Management Web Server Stack Buffer Overflow (BID-67542)