*** NK8 RELS 3327 Release *** Total number of signatures: 3193 Description ================================================================== In this signature, we addressed the exploits/vulnerabilities and applications as below: Added 6 rule(s): --------------- 1133710 SMB Microsoft Windows SMB Server SMBv1 CVE-2017-0147 Information Disclosure (CVE-2017-0147) 1133713 SMB MS17-010 EternalBlue SMB Remote Windows Kernel Pool Corruption (CVE-2017-0146) 1133716 SMB Microsoft MS17-010 SMB Remote Code Execution -5 1133717 MISC BitMonero Mining Activity 1133718 SMB Microsoft Windows SMB NT Rename and Trans Secondary Buffer Overflow (CVE-2017-0146) 1133721 SMB Microsoft Windows SMB DataDisplacement Buffer Overflow (CVE-2017-0145) Modified 5 rule(s): --------------- 1056085 EXPLOIT Remote Command Execution via Perl -2 1133449 SMB Microsoft SMBv2/SMBv3 Null Dereference Denial of Service Vulnerability (CVE-2017-0016) 1133637 SMB Microsoft MS17-010 SMB Remote Code Execution -3 1133638 SMB Microsoft MS17-010 SMB Remote Code Execution -4 1133696 WEB Microsoft IIS WebDAV ScStoragePathFromUrl Buffer Overflow -2 (CVE-2017-7269) Deleted 25 rule(s): --------------- 1058061 WEB-CLIENT Microsoft Windows Theme File Code Execution (CVE-2013-0810) (old rule) 1058108 WEB Microsoft .NET Framework Entity Expansion Vulnerability (CVE-2013-3860) (old rule) 1058175 WEB HP Intelligent Management Center BIMS UploadServlet Directory Traversal -1 (CVE-2013-4822) (old rule) 1058184 WEB Windows Powershell Remote Command Injection -2 (CVE-2013-3763) (old rule) 1058191 SMTP Microsoft Outlook MIME Email Message Parsing Remote Code Execution -1 (CVE-2013-3870) (old rule) 1058196 WEB-ACTIVEX HP LoadRunner WriteFileString Directory Traversal (CVE-2013-4798) (old rule) 1058197 SSL HP LoadRunner XDR Data Handling Heap Buffer Overflow (CVE-2013-4799) (old rule) 1058206 EXPLOIT Oracle Java java.awt.image.ByteComponentRaster Memory Corruption (CVE-2013-2473) (old rule) 1058215 FILE Microsoft Windows and Office TIFF Handling GDI Memory Corruption -4 (CVE-2013-3906) (old rule) 1058287 EXPLOIT Oracle Java sun.awt.image.ImagingLib.lookupByteBI Buffer Overflow (CVE-2013-2463) (old rule) 1058307 WEB Apache Struts Wildcard Matching OGNL Code Execution -4 (CVE-2013-2134) (old rule) 1058314 FILE Apple Quicktime 7 Invalid Atom Length Buffer Overflow -2 (CVE-2013-1017) (old rule) 1058334 WEB Cisco Prime Data Center Network Manager Arbitrary File Upload -1 (CVE-2013-5486) (old rule) 1058430 WEB vTiger CRM SOAP AddEmailAttachment Arbitrary File Upload (CVE-2013-3214) (old rule) 1058936 FILE Microsoft Windows and Office TIFF Handling GDI Memory Corruption -2 (CVE-2013-3906) (old rule) 1058937 FILE Microsoft Windows and Office TIFF Handling GDI Memory Corruption -3 (CVE-2013-3906) (old rule) 1059104 WEB Apache Camel XSLT Component Java Code Execution (CVE-2014-0003) (old rule) 1059139 WEB McAfee ePolicy Orchestrator XML External Entity -1 (CVE-2014-2205) (old rule) 1059142 WEB PHP Fileinfo Call Stack Exhaustion Denial of Service (CVE-2014-1943) (old rule) 1059144 SSL Apple Products SSLVerifySignedServerKeyExchange Security Feature Bypass (CVE-2014-1266) (old rule) 1059147 FILE Poster Software PUBLISH-iT PUI File Processing Buffer Overflow -1 (CVE-2014-0980) (old rule) 1059148 FILE Poster Software PUBLISH-iT PUI File Processing Buffer Overflow -2 (CVE-2014-0980) (old rule) 1059648 WEB VMware vCenter Chargeback Manager ImageUploadServlet Arbitrary File Upload -2 (CVE-2013-3520) (old rule) 1059814 DB Oracle Database Server LpxFSMSax QName Stack Buffer Overflow (CVE-2013-3751) (old rule) 1130562 SSL HP LoadRunner magentproc.exe Stack Buffer Overflow -3 (CVE-2013-4800) (old rule)