*** EX RELS 03401 Release ***
Total number of signatures: 6007

Description
==================================================================
In this signature, we addressed the exploits/vulnerabilities
and applications as below:


Added 12 rule(s):
---------------
1057889	WEB D-Link Devices UPnP SOAP Command Execution (BID-61005)
1058004	WEB-CLIENT Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2013-3209)
1058008	WEB-CLIENT Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2013-3845)
1058111	WEB-CLIENT Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2013-3886)
1058112	WEB-CLIENT Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2013-3885)
1058116	SSL HP LoadRunner magentproc.exe Stack Buffer Overflow -1 (CVE-2013-4800)
1135055	WEB-CLIENT Windows Powershell Remote Command Injection -3 (Possible Exploit Kit)
1135058	WEB-CLIENT Windows Powershell Remote Command Injection -5 (Possible Exploit Kit)
1135062	WEB Apache Pluto PortletV3AnnotatedDemo MultipartPortlet Arbitrary File Upload -1 (CVE-2018-1306)
1135065	WEB-ACTIVEX G DATA Total Security Activex Buffer Overflow (CVE-2018-10018)
1135067	WEB SQL Injection Attempt -89
1135068	LDAP Red Hat 389 Directory Server vslapd_log_emergency_error Denial of Service (CVE-2018-14624)

Modified 7 rule(s):
---------------
1064428	FILE WebFileTransfer img transfer-download via TCP -1
1064429	FILE WebFileTransfer rpm transfer-download via TCP -1
1066225	FILE WebFileTransfer transfer-upload via TCP -1
1068326	FILE WebFileTransfer gho transfer-download via TCP -1
1068329	FILE WebFileTransfer transfer-download via TCP -1
1135023	WEB-CLIENT Windows Powershell Remote Command Injection -1 (Possible Exploit Kit)
1135024	WEB-CLIENT Windows Powershell Remote Command Injection -2 (Possible Exploit Kit)

Deleted 54 rule(s):
---------------
1057212	EXPLOIT Portable SDK for UPnP Devices libupnp Device Service Name Stack Buffer -1 (CVE-2012-5958) (old rule)
1057226	FILE VideoLAN VLC Media Player PNG Code Execution (CVE-2012-5470) (old rule)
1057716	IMAP SurgeMail IMAP Service APPEND Command Remote Buffer Overflow (old rule)
1057717	EXPLOIT Sybase M-Business Anywhere agSoap.exe Malformed SOAP Request Remote Code Execution (old rule)
1057733	WEB Nginx ngx_http_parse_chunked Buffer Overflow -2 (CVE-2013-2028) (old rule)
1057735	WEB D-Link DIR615h OS Command Injection (BID-57882) (old rule)
1057737	WEB Linksys WRT160nv2 apply.cgi Remote Command Injection (BID-57887) (old rule)
1057742	FILE Adobe Flash 9/10 ASnative NULL Pointer Dereference -1 (old rule)
1057809	WEB-ACTIVEX McAfee Virtual Technician ActiveX Control Insecure Method Exposure -2 (CVE-2012-5879) (old rule)
1057811	WEB-ACTIVEX IBM SPSS SamplePower c1sizer ActiveX Control Buffer Overflow -1 (CVE-2012-5946) (old rule)
1057812	WEB-ACTIVEX IBM SPSS SamplePower Vsflex7l ActiveX Control Buffer Overflow -1 (CVE-2012-5947) (old rule)
1057817	WEB HP Intelligent Management Center UAM acmServletDownload Information Disclosure (CVE-2012-5211) (old rule)
1057818	SYSLOG HP Intelligent Management Center SyslogDownloadServlet Information Disclosure (CVE-2012-5206) (old rule)
1057819	VULN 3S Smart Software Solutions CoDeSys Gateway Server Denial Of Service (CVE-2012-4707) (old rule)
1057820	EXPLOIT 3S Smart Software Solutions CoDeSys Gateway Server Heap Buffer Overflow (CVE-2012-4706) (old rule)
1057823	EXPLOIT Cisco Prime LAN Management Solution Remote Command Execution -2 (CVE-2012-6392) (old rule)
1057824	EXPLOIT Cisco Prime LAN Management Solution Remote Command Execution -3 (CVE-2012-6392) (old rule)
1057825	DB Oracle Database O5Logon Protocol Information Disclosure (CVE-2012-3137) (old rule)
1057833	VULN 3S Smart Software Solutions CoDeSys Gateway Server Directory Traversal -1 (CVE-2012-4705) (old rule)
1057838	EXPLOIT Java Applet ProviderSkeleton Insecure Invoke Method -1 (CVE-2013-2460) (old rule)
1057846	DB Oracle MySQL Server Geometry Query Denial Of Service -3 (CVE-2013-1861) (old rule)
1057849	WEB Microsoft Multiple Products HTML Sanitization Cross-site Scripting -2 (CVE-2013-1289) (old rule)
1057859	DNS ISC BIND Regular Expression Handling Denial of Service -2 (CVE-2013-2266) (old rule)
1057873	FILE Corel PDF Fusion Stack Buffer Overflow -1 (CVE-2013-3248) (old rule)
1057876	SSL GnuTLS TLS Record Decoding Out-of-bounds Memory Access (CVE-2013-2116) (old rule)
1057877	WEB Apache Struts Wildcard Matching OGNL Code Execution -1 (CVE-2013-2134) (old rule)
1057878	WEB Apache Struts Wildcard Matching OGNL Code Execution -2 (CVE-2013-2134) (old rule)
1057879	EXPLOIT HP Data Protector CRS Opcode 259 Stack Buffer Overflow (CVE-2013-2329) (old rule)
1057880	EXPLOIT HP Data Protector CRS Opcode 305 Stack Buffer Overflow -1 (CVE-2013-2330) (old rule)
1057882	EXPLOIT HP Data Protector CRS Opcode 1092 Stack Buffer Overflow (CVE-2013-2331) (old rule)
1057883	EXPLOIT HP Data Protector CRS Opcode 211 Stack Buffer Overflow (CVE-2013-2333) (old rule)
1057884	EXPLOIT HP Data Protector CRS Opcode 1091 Stack Buffer Overflow -1 (CVE-2013-2334) (old rule)
1057899	WEB VMware vCenter Chargeback Manager ImageUploadServlet Arbitrary File Upload -1 (CVE-2013-3520) (old rule)
1057919	WEB HP System Management Homepage Command Injection -1 (CVE-2013-3576) (old rule)
1057921	WEB Corel PDF Fusion wintab32.dll Insecure Library Loading -2 (CVE-2013-0742) (old rule)
1057922	WEB PHP php_quot_print_encode Heap Buffer Overflow (CVE-2013-2110) (old rule)
1057924	EXPLOIT HP Data Protector CRS Opcode 235 Stack Buffer Overflow (CVE-2013-2325) (old rule)
1057925	EXPLOIT HP Data Protector CRS Opcode 234 Stack Buffer Overflow (CVE-2013-2326) (old rule)
1057926	EXPLOIT HP Data Protector CRS Opcode 264 Stack Buffer Overflow (CVE-2013-2327) (old rule)
1057940	WEB PHP xml_parse_into_struct Heap Memory Corruption -1 (CVE-2013-4113) (old rule)
1057941	WEB Squid HTTP Host Header Port Handling Denial of Service -1 (CVE-2013-4123) (old rule)
1057959	EXPLOIT HP Data Protector CRS Opcode 215 and 263 Stack Buffer Overflow -1 (CVE-2013-2328) (old rule)
1057960	EXPLOIT HP Data Protector CRS Opcode 215 and 263 Stack Buffer Overflow -2 (CVE-2013-2328) (old rule)
1057961	EXPLOIT HP Data Protector CRS Opcode 260 Stack Buffer Overflow -1 (CVE-2013-2332) (old rule)
1057964	WEB Apache HTTP Server mod_dav MERGE Request Denial of Service (CVE-2013-1896) (old rule)
1057965	EXPLOIT HP Data Protector CRS Opcode 227 Stack Buffer Overflow -1 (CVE-2013-2335) (old rule)
1057972	WEB Windows Powershell Remote Command Injection -1 (CVE-2013-3763) (old rule)
1057973	WEB Apache HTTP Server mod_rewrite RewriteLog Command Execution -1 (CVE-2013-1862) (old rule)
1057974	WEB Apache HTTP Server mod_rewrite RewriteLog Command Execution -2 (CVE-2013-1862) (old rule)
1057975	EXPLOIT HP Data Protector CRS Opcode 207 Stack Buffer Overflow (CVE-2013-2324) (old rule)
1057976	EXPLOIT HP Data Protector CRS Opcode 210 Stack Buffer Overflow (CVE-2013-2324) (old rule)
1057977	EXPLOIT HP Data Protector CRS Opcode 236 Stack Buffer Overflow (CVE-2013-2324) (old rule)
1057980	WEB-ACTIVEX HP LoadRunner lrFileIOService ActiveX Control Input Validation Error (CVE-2013-2370) (old rule)
1057981	EXPLOIT Oracle Java SE XML Digital Signature Spoofing (CVE-2013-2461) (old rule)