*** NK8 RELS 3314 Release *** Total number of signatures: 3171 Description ================================================================== In this signature, we addressed the exploits/vulnerabilities and applications as below: Added 5 rule(s): --------------- 1133467 WEB Wordpress 4.7.0/4.7.1 Unauthenticated Content Injection 1133471 WEB-CLIENT Google Chrome Blink ImageBitmap Integer Overflow -1 (CVE-2016-5182) 1133475 WEB VegaDNS axfr_get.php Command Injection -1.u 1133480 EXPLOIT Remote Command Execution via Shell Script -2 1133481 EXPLOIT LibVNCServer LibVNCClient FramebufferUpdate Rectangle Heap Buffer Overflow -1 (CVE-2016-9941) Modified 4 rule(s): --------------- 1130844 WEB ManageEngine Desktop Central Unauthorized Administrative Password Reset -1.a (CVE-2015-2560) 1131197 WEB Novell ZENworks Configuration Management Session ID Information Disclosure -1.a (CVE-2015-0784) 1131279 EXPLOIT Angler Exploit Kit Adobe Flash Download Activity 1133458 WEB HTTP Invalid Content Type Deleted 46 rule(s): --------------- 1054246 LDAP OpenLDAP Modrdn RDN UTF-8 String Code Execution -1 (CVE-2010-0211) (old rule) 1054629 WEB Oracle Java IE Browser Plugin docbase Parameter Stack Buffer Overflow -1 (CVE-2010-3552) (Ransomware Attack Vector) (old rule) 1055049 WEB-CLIENT Microsoft Internet Explorer Invalid Pointer Remote Code Execution -1 (CVE-2010-0806) (old rule) 1055050 WEB-CLIENT Microsoft Internet Explorer Invalid Pointer Remote Code Execution -2 (CVE-2010-0806) (old rule) 1055454 NETBIOS Samba smbd Packets Chaining AndX Offset Infinite Loop -1 (CVE-2012-0870) (old rule) 1056084 DB Oracle Database TNS Listener Service Registration Lack of Authentication (CVE-2012-1675) (old rule) 1056150 EXPLOIT Microsoft Lync Insecure Library Loading -2 (CVE-2012-1849) (old rule) 1056229 EXPLOIT Microsoft Windows Shell File Name Code Execution-2 (CVE-2012-0175) (old rule) 1056251 SAP NetWeaver DiagiEventSource Denial of Service (CVE-2012-2514) (old rule) 1056282 WEB Ruby on Rails Where Hash SQL Injection (CVE-2012-2695) (old rule) 1056288 EXPLOIT HP Operations Agent Opcode Stack Buffer Overflow (CVE-2012-2019) (old rule) 1056352 SMB Microsoft Remote Administration Protocol Heap Buffer Overflow -1 (CVE-2012-1852) (old rule) 1056353 SMB Microsoft Remote Administration Protocol Stack Buffer Overflow (CVE-2012-1853) (old rule) 1056486 WEB InduSoft Web Studio Unauthenticated Insecure Remote Operations -1 (CVE-2011-4051) (old rule) 1056604 EXPLOIT Microsoft .NET Framework Insecure Library Loading -1 (CVE-2012-2519) (old rule) 1056606 EXPLOIT Microsoft .NET Framework Insecure Library Loading -2 (CVE-2012-2519) (old rule) 1057040 SSL Microsoft Windows SSL and TLS Security Feature Bypass -1 (CVE-2013-0013) (old rule) 1057224 WEB-ACTIVEX Honeywell Multiple Products HscRemoteDeploy.dll ActiveX Control Code Execution -1 (CVE-2013-0108) (old rule) 1057306 EXPLOIT Oracle Outside In CorelDRAW File Parser Heap Buffer Overflow (CVE-2013-0418) (old rule) 1057345 SIP Digium Asterisk HTTP Manager Interface Resource Exhaustion -1 (CVE-2013-2686) (old rule) 1057351 SMB Microsoft Windows File Name Parsing Memory Corruption (CVE-2012-4774) (old rule) 1057391 WEB Microsoft Multiple Products HTML Sanitization Cross-site Scripting -1 (CVE-2013-1289) (old rule) 1057429 SSL OpenSSL AES-NI Integer Underflow -1 (CVE-2012-2686) (old rule) 1057614 WEB-ACTIVEX Novell GroupWise Client ActiveX gwmim1.ocx Untrusted Pointer Dereference -1 (CVE-2013-0804) (old rule) 1057620 LDAP Microsoft Windows Active Directory LDAP Denial of Service (CVE-2013-1282) (old rule) 1057651 SCADA 3S Smart Software Solutions CoDeSys Gateway Server Stack Buffer Overflow (CVE-2012-4708) (old rule) 1057667 EXPLOIT Nagios Remote Plugin Executor Arbitrary Command Execution -2 (CVE-2013-1362) (old rule) 1057740 WEB-ACTIVEX Oracle WebCenter Content CheckOutAndOpen.dll ActiveX Remote Code Execution -1 (CVE-2013-1559) (old rule) 1057762 WEB MiniUPnPd 1.0 Stack Buffer Overflow Remote Code Execution (CVE-2013-0230) (old rule) 1057763 EXPLOIT Oracle Java java.sql.DriverManager Sandbox Bypass (CVE-2013-1488) (old rule) 1057796 WEB Apache Struts URL and Anchor tag includeParams OGNL Command Execution -1 (CVE-2013-2115) (old rule) 1057807 WEB phpMyAdmin preg_replace Function Code Injection (CVE-2013-3238) (old rule) 1057838 EXPLOIT Java Applet ProviderSkeleton Insecure Invoke Method -1 (CVE-2013-2460) (old rule) 1057846 DB Oracle MySQL Server Geometry Query Denial Of Service -3 (CVE-2013-1861) (old rule) 1057873 FILE Corel PDF Fusion Stack Buffer Overflow -1 (CVE-2013-3248) (old rule) 1057877 WEB Apache Struts Wildcard Matching OGNL Code Execution -1 (CVE-2013-2134) (old rule) 1057878 WEB Apache Struts Wildcard Matching OGNL Code Execution -2 (CVE-2013-2134) (old rule) 1057919 WEB HP System Management Homepage Command Injection -1 (CVE-2013-3576) (old rule) 1057920 VULN Corel PDF Fusion wintab32.dll Insecure Library Loading -1 (CVE-2013-0742) (old rule) 1057922 WEB PHP php_quot_print_encode Heap Buffer Overflow (CVE-2013-2110) (old rule) 1057924 EXPLOIT HP Data Protector CRS Opcode 235 Stack Buffer Overflow (CVE-2013-2325) (old rule) 1057925 EXPLOIT HP Data Protector CRS Opcode 234 Stack Buffer Overflow (CVE-2013-2326) (old rule) 1057926 EXPLOIT HP Data Protector CRS Opcode 264 Stack Buffer Overflow (CVE-2013-2327) (old rule) 1057940 WEB PHP xml_parse_into_struct Heap Memory Corruption -1 (CVE-2013-4113) (old rule) 1057941 WEB Squid HTTP Host Header Port Handling Denial of Service -1 (CVE-2013-4123) (old rule) 1057959 EXPLOIT HP Data Protector CRS Opcode 215 and 263 Stack Buffer Overflow -1 (CVE-2013-2328) (old rule)