*** NK8 RELS 3351 Release ***
Total number of signatures: 3223

Description
==================================================================
In this signature, we addressed the exploits/vulnerabilities
and applications as below:

Added 21 rule(s):
---------------
1133761	IMAP Alt-N MDaemon IMAP Server FETCH Command Buffer Overflow (CVE-2008-1358)
1134149	WEB Apache Struts 2 REST Plugin XStream Denial of Service (CVE-2017-9793)
1134150	EXPLOIT VideoLAN VLC Media Player TY processing buffer overflow -2 (CVE-2008-4654)
1134151	SVN Apache Subversion svn-ssh URL Command Execution -1 (CVE-2017-9800)
1134155	FTP Ayukov NFTP FTP Client Buffer Overflow (CVE-2017-15222)
1134157	WEB Apache Tomcat HTTP PUT Remote Code Execution -1.2 (CVE-2017-12617)
1134158	RADIUS FreeRADIUS rad_coalesce Out of Bounds Read (CVE-2017-10979)
1134159	DHCP FreeRADIUS fr_dhcp_attr2vp Integer Underflow Out of Bounds Read (CVE-2017-10986)
1134162	EXPLOIT strongSwan gmp Plugin Denial of Service (CVE-2017-11185)
1134163	EXPLOIT Trend Micro Control Manager cmdHandlerStatusMonitor SQL Injection (CVE-2017-11385)
1134168	FILE Microsoft Windows Uniscribe Remote Code Execution Vulnerability (CVE-2017-0072)
1134170	DHCP Dnsmasq Heap-Based Overflow -1.2 (CVE-2017-14493)
1134173	WEB Trend Micro Mobile Security Enterprise eas_agent_sync_client_info slink_id SQL Injection -1 (CVE-2017-14078)
1134175	SCADA Advantech WebAccess rmTemplate.aspx SQL Injection (CVE-2017-12710)
1134178	DNS NSmasq answer_auth and answer_request Integer Underflow -2 (CVE-2017-13704)
1134179	FILE Microsoft Windows Uniscribe Remote Code Execution Vulnerability (CVE-2017-0088)
1134180	WEB phpMyAdmin setup.php PHP Code Injection (CVE-2009-1151)
1134182	WEB-CLIENT CoinHive Mining Attempt
1134187	SIP Digium Asterisk non-SIP URIs Denial-of-Service (CVE-2017-14098)
1134191	SIP Digium Asterisk app_minivm Caller-ID Command Execution (CVE-2017-14100)
1134192	WEB Oracle Identity Manager authentication bypass (CVE-2017-10151)

Modified 4 rule(s):
---------------
1110895	WEB-CLIENT WScript.Shell Remote Code Execution -1 (Ransomware Attack Vector)
1133964	WEB Apache Struts 2 REST plugin Remote Code Execution (CVE-2017-9805)
1134068	DHCP Dnsmasq Heap-Based Overflow -1.1 (CVE-2017-14493)
1134073	DNS NSmasq answer_auth and answer_request Integer Underflow -1 (CVE-2017-13704)

Deleted 8 rule(s):
---------------
1130215	FILE Microsoft Windows OLE Packer Remote Code Execution -2 (CVE-2014-6352) (old rule)
1130219	WEB-CLIENT Samsung Galaxy KNOX Android Browser Remote Code Execution (OSVDB-114590) (old rule)
1130221	WEB-CLIENT Microsoft Internet Explorer Memory Corruption Vulnerability -2 (CVE-2014-4050) (old rule)
1130224	RPC Drupal Core XML-RPC Endpoint xmlrpc.php Tags Denial of Service -2 (CVE-2014-5266) (old rule)
1130227	WEB PHP Fileinfo cdf_read_property_info Denial of Service (CVE-2014-3587) (old rule)
1130235	WEB Pandora FMS SQLi Remote Code Execution (old rule)
1130237	WEB HP System Management Homepage red2301.html RedirectUrl Cross Site Scripting (CVE-2014-2640) (old rule)
1130243	WEB-CLIENT Microsoft Internet Explorer CTitleElement Use After Free (old rule)