*** NK8 RELS 3312 Release ***
Total number of signatures: 3202

Description
==================================================================
In this signature, we addressed the exploits/vulnerabilities
and applications as below:

Added 21 rule(s):
---------------
1130588	POP3 Brute Force Login
1133407	WEB Brute Force Login -1
1133408	WEB Brute Force Login -2
1133421	WEB-CLIENT Microsoft Windows OLE Automation Array Remote Code Execution Vulnerability -8 (CVE-2014-6332)
1133428	NTP Network Time Protocol Daemon read_mru_list Denial of Service -1 (CVE-2016-7434)
1133432	VIRUS Eicar test string -4
1133435	WEB Trend Micro Smart Protection Server ccca_ajaxhandler.php Command Injection -1 (CVE-2016-6266)
1133438	WEB-CLIENT Cisco WebEx Chrome Extension Remote Code Execution (CVE-2017-3823)
1133441	WEB-CLIENT Generic Javascript Obfuscation -14
1133442	WEB-CLIENT Microsoft IE MIME Header Attachment Execution Vulnerability -1 (CVE-2001-0154)
1133443	WEB-CLIENT Microsoft IE MIME Header Attachment Execution Vulnerability -2 (CVE-2001-0154)
1133444	WEB-CLIENT Microsoft IE MIME Header Attachment Execution Vulnerability -3 (CVE-2001-0154)
1133445	WEB-CLIENT Microsoft IE MIME Header Attachment Execution Vulnerability -4 (CVE-2001-0154)
1133446	WEB-CLIENT Microsoft IE MIME Header Attachment Execution Vulnerability -5 (CVE-2001-0154)
1133448	WEB Multiple NETGEAR Products Information Disclosure Vulnerability (CVE-2017-5521)
1133449	SMB Microsoft SMBv2/SMBv3 Null Dereference Denial of Service Vulnerability (CVE-2017-0016)
1133451	WEB Cross-site Scripting -36
1133453	SSH D-Link DWR-932B Backdoor Access -1 (CVE-2016-10177)
1133454	SSH D-Link DWR-932B Backdoor Access -2 (CVE-2016-10177)
1160101	IM AIM/ICQ/iIM access via SSL -4
1160102	IM Gadu-Gadu access via SSL -1

Modified 13 rule(s):
---------------
1053205	IM Gadu-Gadu login via TCP -2
1053286	STOCK Qianlong login via TCP -1
1059594	WEB ElasticSearch Dynamic Script Arbitrary Java Execution (CVE-2014-3120)
1064162	IM QQ/TM login via UDP -1
1132120	WEB Generic Remote Javascript Upload and Execution -2.a
1132591	TELNET Brute Force Login
1133214	WEB-CLIENT Microsoft Scripting Engine Memory Corruption Vulnerability -1 (CVE-2016-7242)
1133293	FILE Microsoft Windows Graphics Component CVE-2016-7272 Remote Code Execution (CVE-2016-7272)
1133295	WEB-CLIENT Microsoft Internet Explorer CWigglyShape Information Disclosure (CVE-2016-7283)
1133374	WEB Zyxel P660HN-T v1 Router Unauthenticated Remote Command Execution
1133375	WEB Zyxel P660HN-T v2 Router Unauthenticated Remote Command Execution
1133376	WEB Billion 5200W-T Router Unauthenticated Remote Command Execution
1133377	WEB Billion 5200W-T Router Authenticated Remote Command Execution

Deleted 22 rule(s):
---------------
1052289	TUNNEL LogMeIn login via UDP -1 (old rule)
1052904	TUNNEL LogMeIn login via SSL -1 (old rule)
1053085	MEDIA Freecast login via TCP -1 (old rule)
1053091	P2P Soulseek connect via TCP -1 (old rule)
1053098	P2P KCeasy connect via TCP -1 (old rule)
1053721	IM BaiduHi login via TCP -1 (old rule)
1053722	IM Teltel login via SSL -1 (old rule)
1053728	IM IMI login via TCP -1 (old rule)
1063222	P2P Soulseek transfer-download via TCP -1 (old rule)
1063510	MEDIA 6.cn access via TCP -1 (old rule)
1065428	MEDIA 6.cn media via TCP -1 (old rule)
1065937	TUNNEL FreeSafeIP connect via SSL -1 (old rule)
1065942	TUNNEL LogMeIn access via TCP -1 (old rule)
1065943	TUNNEL LogMeIn access via TCP -2 (old rule)
1066142	MEDIA 6.cn login via TCP -1 (old rule)
1066143	MEDIA 6.cn media via TCP -2 (old rule)
1066144	MEDIA 6.cn access via TCP -2 (old rule)
1066145	MEDIA 6.cn transfer-download via TCP -1 (old rule)
1067947	IM ECP login via TCP -1 (old rule)
1067962	TUNNEL LogMeIn access via SSL -1 (old rule)
1068832	TUNNEL Hola connect via TCP -1 (old rule)
1068833	TUNNEL Hola connect via SSL -1 (old rule)