*** NK8 RELS 3380 Release *** Total number of signatures: 3244 Description ================================================================== In this signature, we addressed the exploits/vulnerabilities and applications as below: Added 31 rule(s): --------------- 1057212 EXPLOIT Portable SDK for UPnP Devices libupnp Device Service Name Stack Buffer -1 (CVE-2012-5958) 1058983 WEB Cisco Linksys X3000 Router Apply.Cgi Command Execution Vulnerability -1 (CVE-2013-3307) 1058984 WEB Cisco Linksys X3000 Router Apply.Cgi Command Execution Vulnerability -2 (CVE-2013-3307) 1059678 WEB Netgear WNDR4700 Router Multiple Remote Authentication Bypass (CVE-2013-3072) 1132726 WEB GD Library libgd gd_gd2.c Heap Buffer Overflow -2 (CVE-2016-3074) 1132727 WEB GD Library libgd gd_gd2.c Heap Buffer Overflow -3 (CVE-2016-3074) 1134004 WEB Netgear WNR2000v5 Information Disclosure (CVE-2016-10176) 1134603 WEB QNAP VioStor NVR firmware version 4.0.3 and QNAP NAS multiple vulnerabilities 1134677 WEB D-Link DSL-2750B OS Command Injection 1134684 WEB Multiple Vivotek IP Camera Products HTTP Request Remote Code Execution 1134685 WEB Multiple Vivotek IP Camera Products Heap Overflow Vulnerability 1134687 WEB Netgear DGN1000 And Netgear DGN2200 Unauthenticated Command Execution 1134688 WEB Netgear WNR2000 Information Disclosure -1 1134689 WEB Netgear WNR2000 Information Disclosure -2 1134690 WEB Netgear WNR2000 Information Disclosure -3 1134691 WEB Joomla restore.php PHP Code Injection (CVE-2014-7228) 1134692 MALWARE VPNFilter Connect Activity 1134693 TELNET NETGEAR TelnetEnable Magic Packet -1 1134694 TELNET NETGEAR TelnetEnable Magic Packet -2 1134695 WEB NETGEAR DGN2200B Cross Site Scripting -1 1134696 WEB NETGEAR DGN2200B Cross Site Scripting -2 1134697 WEB QNAP QTS X-Forwarded-For Buffer Overflow 1134698 EXPLOIT TP-Link TDDP Multiple Vulnerabilities -1 1134699 EXPLOIT TP-Link TDDP Multiple Vulnerabilities -2 1134700 EXPLOIT Mikrotik RouterOS Denial of Service (CVE-2012-6050) 1134701 EXPLOIT Mikrotik RouterOS CSRF Vulnerability (CVE-2015-2350) 1134702 WEB Akeeba Kickstart restoration.php Information Disclosure (CVE-2014-7229) 1134703 WEB Akeeba Kickstart restoration.php CSRF Vulnerability (CVE-2014-7229) 1160982 MAIL Yahoo access via SSL -1 1160987 TERMINAL Chrome Remote Desktop access via UDP -2 1160988 TERMINAL VNC access via UDP -1 Modified 5 rule(s): --------------- 1063526 MAIL Gmail login via SSL -1 1063739 MAIL Yahoo access via TCP -3 1132610 WEB-CLIENT Javascript Obfuscation in Exploit Kits - 62 (Ransomware Attack Vector) 1132963 WEB Squid Proxy ESI Response Processing Denial of Service (CVE-2016-4555) 1160855 TERMINAL VNC access via SSL -1 Deleted 28 rule(s): --------------- 1131867 WEB Oracle Endeca IDI ETL Server UploadFileConent Directory Traversal (old rule) 1131889 EXPLOIT Apple SceneKit qlmanage deaElement setElement Buffer Overflow (CVE-2015-3783) (old rule) 1132002 WEB vBulletin 5.1.2 Unserialize Code Execution (CVE-2015-7808) (old rule) 1132062 WEB F5 iControl iCall Script Root Command Execution -1 (CVE-2015-3628) (old rule) 1132098 FILE Adobe Flash opaqueBackground Use After Free -2 (CVE-2015-5122) (old rule) 1132100 DNS ISC BIND openpgpkey_61.c Denial of Service -1 (CVE-2015-5986) (old rule) 1132107 WEB-ACTIVEX Samsung SmartViewer STWAxConfig Memory Corruption -1 (CVE-2015-8039) (old rule) 1132127 WEB-CLIENT Microsoft Scripting Engine Information Disclosure Vulnerability (CVE-2015-6135) (old rule) 1132141 WEB-CLIENT Microsoft Browser Memory Corruption Vulnerability (CVE-2015-6154) (old rule) 1132148 WEB-CLIENT Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-6149) (old rule) 1132196 WEB-CLIENT Microsoft Internet Explorer Memory Corruption Vulnerability -2 (CVE-2015-6065) (old rule) 1132197 WEB IBM WebSphere Application Server Commons-Collections Library Remote Code Execution -1 (CVE-2015-7450) (old rule) 1132244 NTP Network Time Protocol Daemon Pidfile Driftfile Arbitrary File Overwrite -2 (CVE-2015-7703) (old rule) 1132245 WEB LANDesk Management Suite frm_splitfrm Remote File Inclusion (CVE-2014-5362) (old rule) 1132248 WEB D-Link DCS-931L Network Camera File Upload (CVE-2015-2049) (old rule) 1132336 EXPLOIT Red Hat JBoss Commons-Collections Library Remote Code Execution (CVE-2015-7501) (old rule) 1132339 SSL SSLv2 CBC Cipher SSL_RC4_128_EXPORT40_WITH_MD5 (old rule) 1132357 WEB-CLIENT Microsoft Edge Memory Corruption Vulnerability (CVE-2016-0123) (old rule) 1132358 WEB-CLIENT Microsoft Edge Memory Corruption Vulnerability (CVE-2016-0119) (old rule) 1132367 WEB-CLIENT Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-0114) (old rule) 1132375 WEB-CLIENT Microsoft Browser Memory Corruption Vulnerability (CVE-2016-0109) (old rule) 1132409 WEB ManageEngine Multiple Products customerName SQL Injection Remote Code Execution -1.2 (ZDI-15-232) (old rule) 1132411 WEB ManageEngine Multiple Products customerName SQL Injection Remote Code Execution -2.2 (ZDI-15-232) (old rule) 1132554 FILE Adobe Flash Player Security Bypasse (CVE-2016-1006) (old rule) 1132557 FILE Adobe Flash Player Use After Free (CVE-2016-1013) (old rule) 1132559 FILE Adobe Flash Player Use After Free (CVE-2016-1016) (old rule) 1132562 FILE Adobe Flash Player Buffer Overflow (CVE-2016-1018) (old rule) 1132563 FILE Adobe Flash Player Type Confusion (CVE-2016-1019) (old rule)