*** NetKeeper 8.560 Release ***
Total number of signatures: 3062
Signature update 8.560 is for NetKeeper series devices.
  NK6000 (NK6105, NK6210C/F/G)
  NK3500 (NK3520, NK3550)
  NK5500 NK5900
  NK7210


Description
==================================================================
In this signature, we addressed the exploits/vulnerabilities 
and applications as below:

Different from the version 8.558 ***
Modify 13 Rules:
--------------------------------------------------------------------
1120193	WEB URI Handler Buffer Overflow - POST -1
1133572	WEB Shell Spawning Attempt via telnetd -1.b
1133723	WEB-CLIENT Mozilla Firefox Table Use After Free -1 (CVE-2017-5404)
1133919	WEB Nginx ngx_http_range_filter_module Integer Overflow -1 (CVE-2017-7529)
1133952	WEB PHP gdImageCreateFromGifCtx Out of Bounds Read -1 (CVE-2017-7890)
1134027	EXPLOIT Trend Micro Control Manager cmdHandlerLicenseManager SQL Injection (CVE-2017-11384)
1134028	EXPLOIT Trend Micro Control Manager cmdHandlerStatusMonitor SQL Injection (CVE-2017-11385)
1134019	WEB Muieblackcat Scanner
1055396	WEB Cross-site Scripting -9
1055107	SHELLCODE Egg Hunter -1
1054965	WEB HTTP Basic Authorization Header Buffer Overflow
1133407	WEB Brute Force Login -1.1021
1066106	MEDIA Youku.com access via TCP -2

Add 71 Rules:
--------------------------------------------------------------------
1134086	FILE Microsoft LNK Remote Code Execution Vulnerability -3 (CVE-2017-8464)
1134080	FILE Windows Kernel Cursor Object Local Information Disclosure
1134029	WEB-CLIENT Microsoft Internet Explorer CVE-2017-0202 Remote Memory Corruption Vulnerability (CVE-2017-0202)
1134038	WEB-CLIENT Microsoft Internet Explorer Recordset Use After Free (CVE-2017-0158)
1134039	FILE Microsoft Windows PDF Library Heap-based Buffer Overflow (CVE-2017-8728)
1134040	WEB-CLIENT Microsoft Internet Explorer CVE-2017-0064 Security Bypass (CVE-2017-0064)
1134042	FILE Adobe Flash Player CVE-2017-3080 Information Disclosure (CVE-2017-3080)
1134045	WEB-CLIENT Microsoft Edge Use After Free -1 (CVE-2017-8652)
1134046	WEB-CLIENT Microsoft Edge Use After Free -2 (CVE-2017-8652)
1134047	WEB-CLIENT Microsoft Edge CVE-2017-8598 Scripting Engine Remote Memory Corruption (CVE-2017-8598)
1134048	WEB-CLIENT Microsoft Internet Explorer CVE-2017-8749 Remote Memory Corruption (CVE-2017-8749)
1134049	WEB-CLIENT Microsoft Edge CVE-2017-8757 Remote Code Execution (CVE-2017-8757)
1134051	WEB-CLIENT Microsoft Edge CVE-2017-8731 Remote Memory Corruption (CVE-2017-8731)
1134052	FILE Adobe Flash Player ActionGetURL2 Out of Bounds Memory Corruption (CVE-2017-2930)
1134054	WEB-CLIENT Microsoft Edge PreVisitCatch Uninitialized Memory Use (CVE-2017-8656)
1134058	WEB-CLIENT Microsoft Edge Chakra arguments Off By One -1 (CVE-2017-8671)
1134059	WEB-CLIENT Microsoft Edge Chakra arguments Off By One -2 (CVE-2017-8671)
1134061	FILE Adobe Flash Player APSB17-04 Multiple Unspecified Memory Corruption (CVE-2017-2988)
1134063	FILE Adobe Flash Player APSB17-04 Multiple Unspecified Memory Corruption (CVE-2017-2993)
1134079	FILE Microsoft Windows PDF Library JPEG2000 Parsing Out of Bounds Write (CVE-2017-0291)
1134091	FILE Microsoft Office OOXML Memory Corruption (CVE-2017-11826)
1134093	SMB Microsoft Windows Search Heap Buffer Overflow -2.1 (CVE-2017-8543)
1134094	SMB Microsoft Windows Search Heap Buffer Overflow -1.1 (CVE-2017-8543)
1134095	SMB Microsoft Windows Search Heap Buffer Overflow -1.2 (CVE-2017-8543)
1134096	SMB Microsoft Windows Search Heap Buffer Overflow -2.2 (CVE-2017-8543)
1134064	WEB-CLIENT Microsoft Internet Explorer Internet Messaging API Information Disclosure -7 (CVE-2016-3298)
1134065	WEB-CLIENT Microsoft Internet Explorer Internet Messaging API Information Disclosure -8 (CVE-2016-3298)
1134085	FILE Microsoft Windows Media Center MCL Code Execution -8 (CVE-2015-2509)
1134030	SCADA Mitsubishi Electric E-Designer SetupAlarm Font Stack Buffer Overflow (CVE-2017-9638)
1134031	SCADA Mitsubishi Electric E-Designer BEComliSlave Status_bit Stack Buffer Overflow (CVE-2017-9638)
1134032	WEB Nginx ngx_http_range_filter_module Integer Overflow -2 (CVE-2017-7529)
1134033	WEB Supervisor XML-RPC Authenticated Remote Code Execution (CVE-2017-11610)
1134034	WEB-CLIENT Mozilla Firefox Table Use After Free -2 (CVE-2017-5404)
1134035	WEB HTTP Host Header Command Injection
1134043	WEB Mongoose Web Server 6.5 Remote Code Execution (CVE-2017-11567)
1134044	FILE Acrobat and Reader addAnnot Use After Free (CVE-2017-11254)
1134053	EXPLOIT HPE Intelligent Management Center imcwlandm Stack Buffer Overflow -1 (CVE-2017-5804)
1134055	EXPLOIT HPE Intelligent Management Center imcwlandm Stack Buffer Overflow -2 (CVE-2017-5804)
1134056	EXPLOIT HPE Intelligent Management Center imcwlandm Stack Buffer Overflow -3 (CVE-2017-5804)
1134057	WEB Netgear ReadyNAS Surveillance Unauthenticated Remote Command Execution
1134060	DB HPE Intelligent Management Center dbman RestoreDBase MSSQL Command Injection (CVE-2017-5817)
1134062	DB HPE Intelligent Management Center dbman RestoreDBase MySQL Command Injection (CVE-2017-5819)
1134067	DNS Dnsmasq 2-byte Heap-Based Overflow (CVE-2017-14491)
1134068	DHCP Dnsmasq Heap-Based Overflow (CVE-2017-14493)
1134069	DNS Dnsmasq Integer Underflow (CVE-2017-14496)
1134070	ICMP Dnsmasq Heap-Based Overflow (CVE-2017-14492)
1134071	DNS Dnsmasq Lack of Free Denial of Service (CVE-2017-14495)
1134072	DHCP Dnsmasq IPv6 Information Leak (CVE-2017-14494)
1134073	DNS Dnsmasq Overly Large DNS Query Denial of Service (CVE-2017-13704)
1134084	WEB PHP gdImageCreateFromGifCtx Out of Bounds Read -2 (CVE-2017-7890)
1134087	SCADA Schneider Electric U.motion Builder nfcserver.php SQL Injection -1 (CVE-2017-7973)
1134092	WEB Apache HTTP PUT jsp File Upload Vulnerability (CVE-2017-12617)
1134041	WEB HPE Intelligent Management Center Apache Commons Collections (ACC) library Insecure Deserialization (CVE-2016-4372)
1134050	EXPLOIT Memcached process_bin_update body_len Integer Overflow -9 (CVE-2016-8705)
1134066	EXPLOIT Cisco Adaptive Security Appliance IKEv1 and IKEv2 Heap Buffer Overflow -3 (CVE-2016-1287)
1133584	WEB-CLIENT Generic XXE Information Disclosure -3
1111273	WEB-ACTIVEX Novell iPrint Client ActiveX Control Multiple Buffer Overflows (CVE-2008-2431)
1133582	WEB-CLIENT Generic XXE Information Disclosure -2
1131194	FTP ProFTPD mod_copy Unauthenticated Remote File Copying -1 (CVE-2015-3306)
1131563	WEB ManageEngine OpManager SubmitQuery IntegrationUser SQL Code Execution -2 (CVE-2015-7766)
1131577	WEB Watchguard XCS Remote Command Execution
1131578	WEB ManageEngine EventLog Analyzer Remote Code Execution -1.a (CVE-2015-7387)
1131646	EXPLOIT X11 Keyboard Command Injection
1131867	WEB Oracle Endeca IDI ETL Server UploadFileConent Directory Traversal
1132062	WEB F5 iControl iCall Script Root Command Execution -1 (CVE-2015-3628)
1132162	EXPLOIT Jenkins CLI RMI Java Deserialization Vulnerability (CVE-2015-8103)
1132197	WEB IBM WebSphere Application Server Commons-Collections Library Remote Code Execution -1 (CVE-2015-7450)
1132248	WEB D-Link DCS-931L Network Camera File Upload (CVE-2015-2049)
1160634	IM AIM/ICQ/iIM access via SSL -5
1160636	MEDIA YouTube access via UDP -5
1160637	MEDIA Youku.com access via TCP -4

Delete 68 Rules:
--------------------------------------------------------------------
1134010	TELNET Brute Force Login -1.1027
1133682	WEB-CLIENT Microsoft Edge Memory Corruption Vulnerability (CVE-2017-0227)
1133683	WEB-CLIENT Microsoft Scripting Engine Memory Corruption Vulnerability (CVE-2017-0228)
1133684	WEB-CLIENT Microsoft Scripting Engine Memory Corruption Vulnerability (CVE-2017-0238)
1133685	WEB-CLIENT Microsoft Scripting Engine Memory Corruption Vulnerability (CVE-2017-0236)
1133686	WEB-CLIENT Microsoft Edge Memory Corruption Vulnerability (CVE-2017-0240)
1133687	FILE Adobe Flash Player DisplayObject Memory Corruption (CVE-2017-3068)
1133688	FILE Adobe Flash Player Memory Corruption Vulnerability (CVE-2017-3069)
1133689	FILE Adobe Flash Player DisplayObject Memory Corruption (CVE-2017-3074)
1133690	FILE Adobe Flash Player Memory Corruption Vulnerability (CVE-2017-3070)
1133692	FILE Adobe Flash Player DisplayObject Memory Corruption (CVE-2017-3072)
1133693	FILE Adobe Flash Player Masking Display Object Use-After-Free (CVE-2017-3071)
1133696	WEB Microsoft IIS WebDAV ScStoragePathFromUrl Buffer Overflow -2 (CVE-2017-7269)
1133701	WEB-CLIENT Microsoft Edge repeat Sign Extension Information Disclosure -1 (CVE-2017-0240)
1133702	WEB-CLIENT Microsoft Edge repeat Sign Extension Information Disclosure -2 (CVE-2017-0240)
1133710	SMB Microsoft Windows SMB Server SMBv1 CVE-2017-0147 Information Disclosure (CVE-2017-0147)
1133712	WEB-CLIENT Microsoft Edge asm.js Type Confusion (CVE-2017-0093)
1133721	SMB Microsoft Windows SMB DataDisplacement Buffer Overflow (CVE-2017-0145)
1133720	SMB Microsoft Windows LSASS Authenticate Message Denial of Service -3 (CVE-2016-7237)
1133697	WEB-CLIENT Cisco WebEx Chrome Extension Remote Code Execution -2 (CVE-2017-3823)
1133704	WEB HPE Intelligent Management Center accessMgrServlet Insecure Deserialization -2 (CVE-2017-5790)
1133660	WEB Western Digital My Cloud Authentication Bypass
1133661	SSL OpenSSL DHE and ECDHE Parameters NULL Pointer Dereference -1 (CVE-2017-3730)
1133662	SSL OpenSSL DHE and ECDHE Parameters NULL Pointer Dereference -2 (CVE-2017-3730)
1133666	WEB-CLIENT Javascript Obfuscation in Exploit Kits - 92 (Ransomware Attack Vector)
1133669	SCADA VIPA Controls WinPLC7 recv Stack-based Buffer Overflow (CVE-2017-5177)
1133670	DNS ISC BIND DNS64 and RPZ Query Processing Denial of Service (CVE-2017-3135)
1133673	WEB Trend Micro Control Manager download.php Information Disclosure
1133675	WEB Trend Micro Control Manager importFile.php Directory Traversal (ZDI-17-060)
1133676	WEB Trend Micro Control Manager Widget importFile.php Directory Traversal (ZDI-17-063)
1133677	WEB Trend Micro Control Manager dlp_policy.php Directory Traversal
1133678	SSL OpenSSL ChaCha20-Poly1305 and RC4-MD5 Integer Underflow -1 (CVE-2017-3731)
1133679	SSL OpenSSL ChaCha20-Poly1305 and RC4-MD5 Integer Underflow -2 (CVE-2017-3731)
1133694	SSL GnuTLS Proxy Certificate Information Extension Memory Corruption (CVE-2017-5334)
1133695	SSL OpenSSL DHE and ECDHE Parameters NULL Pointer Dereference -3 (CVE-2017-3730)
1133703	WEB HPE Intelligent Management Center accessMgrServlet Insecure Deserialization -1 (CVE-2017-5790)
1133706	WEB Dahua IPCam Credentials Leak -2 (CVE-2017-6341)
1133708	WEB GoAhead IPCam Remote Code Execution -1
1133709	TELNET Cisco IOS and IOS XE Software Cluster Management Protocol Denial Of Service Vulnerability (CVE-2017-3881)
1134021	WEB HPE Intelligent Management Center ictExpertDownload Expression Language Injection -1.x (CVE-2017-12500)
1133667	WEB Wordpress Mobile Detector Plugin Remote File Upload -1
1133668	WEB Wordpress Mobile Detector Plugin Remote File Upload -2
1133700	WEB Bluecoat ASG Report Email Remote Command Execution (CVE-2016-9091)
1133711	FILE Nagios Core Local Privilege Escalation (CVE-2016-9566)
1133663	WEB ElasticSearch Unauthenticated Remote Code Execution -2.x (CVE-2015-1427)
1133664	WEB ElasticSearch Unauthenticated Remote Code Execution -3.x (CVE-2015-1427)
1133681	EXPLOIT Multiple Vendors Rpcbind Libtirpc Denail Of Service (CVE-2013-1950)
1133691	WEB Magento Vimeo Invalid Image Cross Site Request Forgery
1133714	WEB Trend Micro Smart Protection Server wcs_bwlists_handler.php Command Injection -1.u
1133715	WEB Trend Micro Smart Protection Server wcs_bwlists_handler.php Command Injection -2
1133722	WEB Trend Micro Smart Protection Server wcs_bwlists_handler.php Command Injection -1.b
1058331	SCADA ABB MicroSCADA wserver.exe Remote Code Execution (OSVDB-100324)
1052275	WEB Microsoft IIS ISAPI FrontPage fp30reg.dll Chunked Overflow
1059669	WEB D-Link Multiple Routers HNAP Protocol Security Bypass Vulnerability (BID-37690)
1130407	WEB-ACTIVEX X360 VideoPlayer ActiveX Control 2.6 - Full ASLR and DEP Bypass
1130409	WEB Wordpress Pixabay Images PHP Code Upload (OSVDB-117145)
1130478	EXPLOIT HP Client Automation Command Injection -1 (CVE-2015-1497)
1130480	WEB-CLIENT Javascript Injection for Eval-based Unpackers
1130481	WEB Lenovo Superfish Adware Vulnerability (CVE-2015-2077)
1130536	WEB ElasticSearch Unauthenticated Remote Code Execution -1 (CVE-2015-1427)
1130687	EXPLOIT HP Client Automation Command Injection -3 (CVE-2015-1497)
1130690	WEB-ACTIVEX Oracle Data Quality LoaderWizard DataPreview Type Confusion -1 (ZDI-15-103)
1130691	WEB-ACTIVEX Oracle Data Quality LoaderWizard DataPreview Type Confusion -2 (ZDI-15-103)
1130702	WEB D-Link/TRENDnet NCC Service Command Injection -1 (CVE-2015-1187)
1130703	WEB D-Link/TRENDnet NCC Service Command Injection -2 (CVE-2015-1187)
1130704	WEB D-Link/TRENDnet NCC Service Command Injection -3 (CVE-2015-1187)
1130705	WEB D-Link/TRENDnet NCC Service Command Injection -4 (CVE-2015-1187)
1130858	WEB SixApart MovableType Storable Perl Code Execution (CVE-2015-1592)