*** NK8 RELS 3322 Release ***
Total number of signatures: 3177

Description
==================================================================
In this signature, we addressed the exploits/vulnerabilities
and applications as below:

Added 18 rule(s):
---------------
1133578	WEB GoAhead system.ini Information Disclosure Vulnerability (CVE-2017-5674)
1133588	EXPLOIT Memcached process_bin_update body_len Integer Overflow -7 (CVE-2016-8705)
1133589	EXPLOIT Memcached process_bin_update body_len Integer Overflow -8 (CVE-2016-8705)
1133597	WEB-ACTIVEX Microsoft Windows DirectShow Information Disclosure -1 (CVE-2017-0042)
1133601	WEB b374k WEB Shell Activity -1
1133603	WEB b374k WEB Shell Activity -2
1133604	WEB-ACTIVEX Microsoft Windows DirectShow Information Disclosure -1 (CVE-2017-0042)
1133605	WEB Moxa MXview Private Key Disclosure Vulnerability (CVE-2017-7455)
1133606	EXPLOIT Memcached process_bin_sasl_auth Integer Underflow -2 (CVE-2016-8706)
1133607	MALWARE Suspicious IoT Worm TELNET Activity -4
1133608	WEB Trend Micro InterScan Web Security ManagePatches filename Remote Code Execution (ZDI-16-348)
1133609	WEB-CLIENT Javascript Obfuscation in Exploit Kits - 89 (Ransomware Attack Vector)
1133610	WEB Trend Micro SafeSync for Enterprise restartService Command Injection -1 (ZDI-17-130)
1133611	WEB Trend Micro SafeSync for Enterprise restartService Command Injection -2 (ZDI-17-130)
1133612	WEB Trend Micro Control Manager lang Parameter Arbitrary File Inclusion (ZDI-17-069)
1160201	MEDIA YouTube access via UDP -4
1160202	MEDIA Youku.com access via SSL -1
1160203	MEDIA Youku.com access via SSL -2

Modified 11 rule(s):
---------------
1059958	WEB Directory Traversal -27
1065542	MEDIA Youku.com media via TCP -3
1066103	MEDIA Youku.com login via SSL -1
1068405	MEDIA Youku.com media via TCP -6
1068664	MEDIA YouTube access via UDP -2
1131155	WEB-CLIENT WScript.Shell Remote Code Execution -3
1132235	FILE Adobe Flash DomainMemory Integer Overflow -3 (CVE-2015-8651)
1132853	WEB-CLIENT Javascript Obfuscation in Exploit Kits - 75 (Ransomware Attack Vector)
1133205	WEB SQL injection attempt -82
1133409	EXPLOIT Memcached process_bin_sasl_auth Integer Underflow -1 (CVE-2016-8706)
1133594	FILE Microsoft Office/WordPad Remote Code Execution Vulnerability (CVE-2017-0199)

Deleted 43 rule(s):
---------------
1058382	LDAP OpenLDAP rwm Overlay Denial of Service -1 (CVE-2013-4449) (old rule)
1058385	LDAP HylaFAXplus LDAP Authentication User Name Buffer Overflow (CVE-2013-5680) (old rule)
1058425	DOS GNOME Vino VNC Server Denial of Service -1 (CVE-2013-5745) (old rule)
1058427	WEB HP Intelligent Management Center SOM sdFileDownload Information Disclosure -1 (CVE-2013-4826) (old rule)
1058441	EXPLOIT Microsoft Access CVE-2013-3157 Memory Corruption (CVE-2013-3157) (old rule)
1058442	WEB Oracle BPEL Process Manager ScriptServlet Information Disclosure (CVE-2013-3828) (old rule)
1058446	WEB Nagios core CGI Process_cgivars Off-By-One -1 (CVE-2013-7108) (old rule)
1058507	EXPLOIT Watermark Master wstyle File Handling Buffer Overflow Vulnerability (CVE-2013-6937) (old rule)
1058519	EXPLOIT HP Data Protector Opcode 42 Directory Traversal -1 (CVE-2013-6194) (old rule)
1058540	EXPLOIT ASUS RT-AC66U acsd Param - Remote Root Shell Exploit (CVE-2013-4659) (old rule)
1058560	SIP IBM Lotus Sametime WebPlayer DoS (CVE-2013-3986) (old rule)
1058570	WEB-ACTIVEX WellinTech Multiple Products kxClientDownload ActiveX Remote Code Execution(CVE-2013-2827) (old rule)
1058702	FILE Adobe Flash Player Unspecified Memory Corruption -1 (CVE-2013-3345) (old rule)
1058714	FILE Adobe Reader AcroForm.api RLE Encoded BMP File Handling Integer Overflow -1 (CVE-2013-2729) (old rule)
1058765	FILE Adobe Acrobat and Reader Unspecified Memory Corruption (CVE-2013-3354) (old rule)
1058766	FILE Adobe Acrobat and Reader Unspecified Stack Overflow -1 (CVE-2013-0626) (old rule)
1058911	VULN HP Data Protector Backup Client Service Remote Code Execution -1 (CVE-2013-2347) (old rule)
1059417	WEB Apache Tomcat Large Chunked Transfer Denial of Service -1 (CVE-2013-4322) (old rule)
1059475	WEB Splunk collect file Directory Traversal (CVE-2013-6771) (old rule)
1059481	EXPLOIT Oracle Java SE GSUB ReqFeatureIndex Buffer Overflow (CVE-2013-5907) (old rule)
1059614	SIP Yealink VoIP Phone SIP-T38G - Remote Command Execution (CVE-2013-5758) (old rule)
1059622	EXPLOIT Kerberos Cross-Realm Referrals KDC NULL Pointer Dereference Denial of Service -2 (CVE-2013-1417) (old rule)
1059624	EXPLOIT HP LeftHand Virtual SAN Appliance Remote Arbitrary Code Execution Vulnerability (CVE-2013-2343) (old rule)
1059625	VULN HP Data Protector Backup Client Service Remote Code Execution -2 (CVE-2013-2347) (old rule)
1059627	EXPLOIT HP Data Protector Opcode 45 and 46 Code Execution -5 (CVE-2013-2348) (old rule)
1059628	EXPLOIT HP Data Protector Opcode 45 and 46 Code Execution -6 (CVE-2013-2348) (old rule)
1059629	EXPLOIT Oracle Java JPEGImageWriter Memory Corruption (CVE-2013-2429) (old rule)
1059630	EXPLOIT Oracle Java and JavaFX JPEGImageReader Memory Corruption (CVE-2013-2430) (old rule)
1059639	WEB-ACTIVEX Mitsubishi MCWorkX ActiveX Control File Execution -1 (CVE-2013-2817) (old rule)
1059640	WEB-ACTIVEX Mitsubishi MCWorkX ActiveX Control File Execution -2 (CVE-2013-2817) (old rule)
1059706	WEB HP AutoPass License Server File Upload (CVE-2013-6221) (old rule)
1130117	WEB Apache HTTP Server mod_cache Denial of Service (CVE-2013-4352) (old rule)
1130199	EXPLOIT Microsoft Silverlight Remote Code Execution -1 (CVE-2013-0074) (old rule)
1130379	FILE Adobe Reader acroform api with Sandbox Bypass Exploit (CVE-2013-0641) (old rule)
1130388	EXPLOIT Oracle Java 2D ImagingLib Integer Overflow -2 (CVE-2013-1493) (old rule)
1130389	EXPLOIT Oracle Java Final Field Overwrite -3 (CVE-2013-2423) (old rule)
1130394	EXPLOIT Oracle Java IntegerInterleavedRaster Signed Integer Overflow (CVE-2013-2471) (old rule)
1130395	EXPLOIT Java Applet ProviderSkeleton Insecure Invoke Method -3 (CVE-2013-2460) (old rule)
1133458	WEB-CLIENT JavaScript Heap Exploitation -3 (old rule)
1133509	WEB-CLIENT JavaScript Heap Exploitation -4.1 (old rule)
1133510	WEB-CLIENT JavaScript Heap Exploitation -5.1 (old rule)
1133511	WEB-CLIENT JavaScript Heap Exploitation -6.1 (old rule)
1133512	WEB-CLIENT JavaScript Heap Exploitation -13 (old rule)