*** EX RELS 03364 Release *** Total number of signatures: 6019 Description ================================================================== In this signature, we addressed the exploits/vulnerabilities and applications as below: Added 9 rule(s): --------------- 1134397 WEB Kaltura Remote PHP Code Execution over Cookie (CVE-2017-14143) 1134399 WEB GoAhead Web Server LD_PRELOAD Arbitrary Module Load (CVE-2017-17562) 1134415 WEB HPE Moonshot Provisioning Manager Appliance server_response Directory Traversal -1.u (CVE-2017-8977) 1134420 WEB Trend Micro Mobile Security Enterprise get_dep_profile id SQL Injection -1.u (CVE-2017-14078) 1134423 WEB AsusWRT LAN Unauthenticated Remote Code Execution 1134425 WEB Node.js Foundation Node.js zlib windowBits Denial of Service -1.1 (CVE-2017-14919) 1134427 WEB ASUS DSL-N14U B1 XXE Vulnerabilities 1160839 TUNNEL OpenVPN access via UDP -4 1160840 TUNNEL OpenVPN access via TCP -5 Modified 2 rule(s): --------------- 1058541 WEB ASUS RT-N66U 3.0.0.4.374_720 - CSRF Vulnerability (OSVDB-98455) 1131593 MISC MSF Generic Payload Delivery Deleted 20 rule(s): --------------- 1054289 VULN Novell iManager getMultiPartParameters unauthorized file upload -1 (old rule) 1054303 WEB-ACTIVEX Siemens Solid Edge SEListCtrlX ActiveX Memory Corruption Vulnerability -1 (BID-60161) (old rule) 1054419 EXPLOIT Citrix Provisioning Services streamprocess.exe Stack buffer overflow (old rule) 1054420 FTP Novell Netware FTP Server DELE Command Stack Buffer Overflow (CVE-2010-4228) (old rule) 1054421 SCADA RealFlex RealWin FC_RFUSER_FCS_LOGIN buffer overflow (old rule) 1054422 SCADA RealFlex RealWin Tag Manipulation buffer overflow -1 (old rule) 1054429 VULN Microsoft .NET Framework XAML Browser applications stack corruption (old rule) 1054480 DB IBM Informix Dynamic Server SET ENVIRONMENT Stack Buffer Overflow (CVE-2011-1033) (old rule) 1054713 NETBIOS Microsoft Windows SMB Negotiate Request Remote code execution (CVE-2009-3103) (old rule) 1054796 WEB HTTP Host Header Buffer Overflow (old rule) 1054827 EXPLOIT Novell ZENworks Configuration Management TFTPD Heap buffer overflow (old rule) 1055152 DB Oracle Database CTXSYS.DRVDISP.TABLEFUNC_ASOWN Buffer Overflow (old rule) 1055195 WEB Sun Java Web Start Plugin Command Line Argument Injection (CVE-2012-0500) (old rule) 1055203 TFTP HP Intelligent Management Center TFTP Server MODE Remote Code Execution (old rule) 1055222 RPC dcerpc general attack -1 (old rule) 1055223 RDP Microsoft Windows Remote Desktop Protocol Memory Corruption -5 (CVE-2012-0002) (old rule) 1055224 LDAP MIT Kerberos KDC LDAP Back Null Pointer Dereference Denial of Service (old rule) 1055243 FILE Microsoft Office Insecure Library Loading -2 (CVE-2014-1756) (old rule) 1055284 EXPLOIT Symantec pcAnywhere Host Services Login Remote Code Execution (CVE-2011-3478) (old rule) 1131554 WEB-CLIENT Suspicious HTML Iframe Tag -4 (old rule)