Rule Update

17-055 (November 21, 2017)


  DESCRIPTION

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

DCERPC Services
1008660 - Microsoft Windows SMB Out-Of-Bounds Read Denial Of Service Vulnerability (CVE-2017-11781)


Microsoft Office
1008746 - Microsoft Office Memory Corruption Vulnerability (CVE-2017-11882)


OpenSSL
1008715 - OpenSSL X.509 IPAddressFamily Extension Parsing Out-Of-Bounds Read Vulnerability (CVE-2017-3735) - Server


OpenSSL Client
1008714 - OpenSSL X.509 IPAddressFamily Extension Parsing Out-Of-Bounds Read Vulnerability (CVE-2017-3735) - Client


Solr Service
1008691 - Apache Solr XML External Entity Expansion Remote Code Execution (CVE-2017-12629)


Web Application PHP Based
1008548 - PHP Session Data Injection Vulnerability (CVE-2016-7125)


Web Client Common
1008739 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB17-36) - 1
1008744 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB17-36) - 2
1008743 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB17-36) - 3
1008745 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB17-36) - 4
1008735 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB17-36) - 5
1008736 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB17-36) - 6
1008740 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB17-36) - 7
1008738 - Adobe Flash Player Multiple Security Vulnerabilities (APSB17-33)


Web Server Miscellaneous
1007532* - JBoss Application Server Unauthenticated Remote Command Execution Vulnerability


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.