*** NK8 RELS 3423 Release ***
Total number of signatures: 3204

Description
==================================================================
In this signature, we addressed the exploits/vulnerabilities
and applications as below:

Added 32 rule(s):
---------------
1135456	FILE Microsoft Graphics Device Interface CVE-2019-0619 Information Disclosure -1
1135459	WEB-CLIENT Microsoft Edge Chakra InlineArrayPush InlineArrayPop Type Confusion -1 (CVE-2018-8617)
1135461	EXPLOIT HPE Intelligent Management Center dbman decryptMsgAes Stack Buffer Overflow (CVE-2018-7114)
1135462	EXPLOIT libVNC LibVNCServer Tight File Transfer Extension Use After Free (CVE-2018-6307)
1135463	WEB Belkin Wemo UPnP Remote Code Execution
1135466	FILE Microsoft Graphics Device Interface DoGdiCommentMultiFormats Information Disclosure -1 (CVE-2019-0614)
1135469	FILE RARLAB WinRAR ACE Vulnerability -1.1 (CVE-2018-20251)
1135470	FILE RARLAB WinRAR ACE Vulnerability -1.2 (CVE-2018-20251)
1135471	WEB Jenkins ACL Bypass and Metaprogramming RCE (CVE-2019-1003000)
1135479	SSL OpenSSL GOLDENDOODLE invalid padding
1135480	WEB Apache Solr Config API Insecure Deserialization (CVE-2019-0192)
1135481	SSL OpenSSL GOLDENDOODLE padding attack
1135482	DHCP Microsoft Windows DHCP Server CVE-2019-0626 Denial of Service
1135483	DHCP Microsoft Windows DHCP Client CVE-2019-0726 Code Execution
1135485	WEB Netgear ReadyNAS Surveillance and NUUO NVRMini Remote Command Execution (CVE-2018-15716)
1135486	WEB Linksys WAP54Gv3 Remote Debug Root Shell
1135487	WEB ZTE ZXV10 H108L Routers Remote Code Execution
1135488	WEB HPE Intelligent Management Center iccSelectCommand Expression Language Injection
1135489	WEB HPE Intelligent Management Center PrimeFaces Expression Language Injection
1135490	UDP TP-Link SR20 Router LAN RCE
1135492	EXPLOIT HPE Intelligent Management Center dbman BackupZipFile Command Injection - 1.3 (CVE-2017-5821)
1135493	EXPLOIT HPE Intelligent Management Center dbman RestartDB Command Injection -1.2 (CVE-2017-5816)
1135494	WEB-CLIENT Microsoft Edge and Internet Explorer Same Origin Policy Information Disclosure
1135495	EXPLOIT HPE Intelligent Management Center imcwlandm SSID Stack Buffer Overflow -2.1 (CVE-2017-5806)
1135496	EXPLOIT HPE Intelligent Management Center imcwlandm SSID Stack Buffer Overflow -2.2 (CVE-2017-5806)
1135497	EXPLOIT HPE Intelligent Management Center imcwlandm SSID Stack Buffer Overflow -2.3 (CVE-2017-5806)
1135498	EXPLOIT HPE Intelligent Management Center imcwlandm UserName Stack Buffer Overflow -1.2 (CVE-2017-5805)
1135499	EXPLOIT HPE Intelligent Management Center imcwlandm UserName Stack Buffer Overflow -1.2 (CVE-2017-5805)
1135500	FILE Meltdown Physical System Memory Dump (CVE-2017-5754)
1135501	WEB-CLIENT Mozilla Firefox http-index-format File Out-Of-Bounds Read -2 (CVE-2017-5444)
1135502	WEB HPE Intelligent Management Center TopoDebugServlet Insecure Deserialization - 1.1
1135504	WEB HPE Intelligent Management Center TopoDebugServlet Insecure Deserialization - 1.2

Modified 3 rule(s):
---------------
1133798	WEB-CLIENT Mozilla Firefox http-index-format File Out-Of-Bounds Read -1 (CVE-2017-5444)
1135455	WEB NetGear Multiple ProSafe Wireless Controllers Remote Code Execution
1150093	SCADA RealFlex RealWin SCADA SCPC_INITIALIZE and SCPC_INITIALIZE_RF Buffer Overflow -1 (CVE-2010-4142)

Deleted 46 rule(s):
---------------
1059562	EXPLOIT LibYAML Scanner yaml_parser_scan_uri_escapes Heap Buffer Overflow (CVE-2014-2525) (old rule)
1059583	ICS Advantech WebAccess SCADA webvact.ocx AccessCode Buffer Overflow -1 (CVE-2014-0768) (old rule)
1059584	ICS Advantech WebAccess SCADA webvact.ocx AccessCode Buffer Overflow -2 (CVE-2014-0768) (old rule)
1059599	WEB-CLIENT Microsoft Direct2D SVG Path Memory Corruption -3 (CVE-2014-0263) (old rule)
1059607	SIP Digium Asterisk Cookie Stack Overflow -3 (CVE-2014-2286) (old rule)
1059612	WEB-ACTIVEX Mitsubishi ActiveX Control EZPcAut280.dll KeywordSet Argument Buffer Overflow (CVE-2014-2074) (old rule)
1059617	WEB Easy File Management Web Server Stack Buffer Overflow (BID-67542) (old rule)
1059621	WEB SkyBlueCanvas CMS Remote Command Execution (CVE-2014-1683) (old rule)
1059632	WEB PHP CDF File Handling Infinite Loop (CVE-2014-0238) (old rule)
1059636	WEB-ACTIVEX Oracle Data Quality DateTimeWrapper onchange Untrusted Pointer Dereference -1 (CVE-2014-2416) (old rule)
1059637	WEB-ACTIVEX Oracle Data Quality DateTimeWrapper onchange Untrusted Pointer Dereference -2 (CVE-2014-2416) (old rule)
1059644	WEB-ACTIVEX Oracle Data Quality DscXB onloadstatechange Untrusted Pointer Dereference -1 (CVE-2014-2417) (old rule)
1059645	WEB-ACTIVEX Oracle Data Quality DscXB onloadstatechange Untrusted Pointer Dereference -2 (CVE-2014-2417) (old rule)
1059646	WEB-CLIENT Generic Javascript Obfuscation -22 (old rule)
1059652	DNS ISC BIND Recursive Nameservers Prefetch Denial of Service (CVE-2014-3214) (old rule)
1059654	NETBIOS Samba DNS Reply Flag Denial of Service -1 (CVE-2014-0239) (old rule)
1059658	WEB Linksys Unauthenticated Security Bypass Vulnerability (old rule)
1059659	WEB SAP Sybase Event Stream Processor esp_parse ConnectionType Unsafe Pointer Dereference -1 (CVE-2014-3457) (old rule)
1059667	WEB Hikvision DVR Devices Multiple Vulnerabilities -1 (old rule)
1059668	WEB Hikvision DVR Devices Multiple Vulnerabilities -2 (old rule)
1059669	WEB D-Link Multiple Routers HNAP Protocol Security Bypass Vulnerability (BID-37690) (old rule)
1059670	WEB D-Link HNAP Request Stack Buffer Overflow -1 (CVE-2014-3936) (old rule)
1059671	WEB D-Link DIR-645 Routers Remote Authentication Bypass Vulnerability (BID-58231) (old rule)
1059673	WEB D-LINK Router Specific User Agent Backdoor Activity (old rule)
1059676	WEB Tenda Router Backdoor Activity -1 (old rule)
1059677	WEB Tenda Router Backdoor Activity -2 (old rule)
1059679	WEB Netgear WNDR3700 Router Multiple Remote Authentication Bypass (BID-63296) (old rule)
1059680	WEB Alpha Networks ADSL2/2+ router Information Disclosure (old rule)
1059681	WEB Linksys WAG200G MMCS Service Backdoor Activity -1 (old rule)
1059682	WEB Linksys WAG200G MMCS Service Backdoor Activity -2 (old rule)
1059684	MISC Bitcoin/LiteCoin/Dogecoin Mining Activity -1 (old rule)
1059685	BACKDOOR Zollard Variant Outbound Connection Activity -1 (old rule)
1059687	WEB-ACTIVEX Mitsubishi EZPcAut260.dll ActiveX Control ESOpen Buffer Overflow (CVE-2014-1641) (old rule)
1059697	WEB Directory Traversal -13 (old rule)
1059704	WEB Cogent DataHub Web Server GetPermissions.asp Command Injection -2 (CVE-2014-3789) (old rule)
1059710	ICS WellinTech KingSCADA kxNetDispose.dll Stack Buffer Overflow -1 (CVE-2014-0787) (old rule)
1059711	ICS WellinTech KingSCADA kxNetDispose.dll Stack Buffer Overflow -2 (CVE-2014-0787) (old rule)
1059727	ICS Yokogawa CS3000 BKFSim_vhfd.exe Buffer Overflow (CVE-2014-3888) (old rule)
1059728	WEB Gitlist Unauthenticated Remote Command Execution (CVE-2014-4511) (old rule)
1059737	WEB SAP Sybase Event Stream Processor esp_parse ConnectionType Unsafe Pointer Dereference -1 (CVE-2014-3458) (old rule)
1059757	WEB Rocket Servergraph Admin Center userRequest and tsmRequest Command Execution -1 (CVE-2014-3915) (old rule)
1059763	WEB Wordpress page-flip-image-gallery plugins Remote File Upload (EDB-30084) (old rule)
1059791	SSL OpenSSL dtls1_reassemble_fragment Invalid Fragment Buffer Overflow -4 (CVE-2014-0195) (old rule)
1059792	WEB Symantec Web Gateway Multiple PHP Pages Cross Site Scripting (CVE-2014-1652) (old rule)
1059802	ICS Advantech WebAccess SCADA webvact.ocx NodeName Buffer Overflow -3 (CVE-2014-0764) (old rule)
1132627	WEB-CLIENT Javascript Obfuscation in Exploit Kits - 65 (Ransomware Attack Vector) (old rule)