Rule Update

17-054 (November 14, 2017)


  DESCRIPTION

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

Asterisk Server IAX2
1008467* - Asterisk Skinny Denial Of Service Vulnerability (CVE-2017-9358)


DHCPv6 Server
1008651* - Dnsmasq DHCPv6 Buffer Overflow Vulnerability (CVE-2017-14493)


DNS Client
1008650* - Dnsmasq Heap Buffer Overflow Vulnerability (CVE-2017-14491)


HP Intelligent Management Center WSM iNode
1008551* - HPE Intelligent Management Center Multiple Stack Buffer Overflow Vulnerabilities


Microsoft Office
1008695 - Microsoft Word Memory Corruption Vulnerability (CVE-2017-11854)


Remote Desktop Protocol Server
1003716* - Identified Too Many Remote Desktop Protocol (RDP) Connection Request


SSL/TLS Server
1008553* - GnuTLS DN Decoding Double Free Error Denial Of Service Vulnerability (CVE-2015-6251) - Server


Unix Kerberos
1008561 - Kerberos kadmind Policy Null Pointer Dereference Denial Of Service Vulnerability (CVE-2015-8630)
1008473* - MIT Kerberos Recvauth Message Handling Denial Of Service Vulnerability (CVE-2014-5355)


VoIP Smart
1008466* - Asterisk PJSIP Denial Of Service Vulnerability (CVE-2017-9359)


Web Application Common
1008530* - ImageMagick WritePTIFImage Denial Of Service Vulnerability (CVE-2017-11640) - 1


Web Client Common
1008538* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB17-24) - 5
1004133* - Heuristic Detection Of Malicious PDF Documents
1008716 - Microsoft Excel Memory Corruption Vulnerability (CVE-2017-11878)
1008630 - Microsoft Office Memory Corruption Vulnerability (CVE-2017-8631)
1008708 - Microsoft Windows Kernel Elevation Of Privilege Vulnerability (CVE-2017-11847)


Web Client Internet Explorer/Edge
1008710 - Microsoft Edge Memory Corruption Vulnerability (CVE-2017-11845)
1008704 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2017-11840)
1008705 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2017-11841)
1008701 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2017-11861)
1008706 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2017-11873)
1008696 - Microsoft Internet Explorer And Edge Scripting Engine Information Disclosure Vulnerability (CVE-2017-11791)
1008700 - Microsoft Internet Explorer And Edge Scripting Engine Memory Corruption Vulnerability (CVE-2017-11837)
1008707 - Microsoft Internet Explorer And Edge Scripting Engine Memory Corruption Vulnerability (CVE-2017-11843)
1008712 - Microsoft Internet Explorer And Edge Scripting Engine Memory Corruption Vulnerability (CVE-2017-11846)
1008699 - Microsoft Internet Explorer And Edge Scripting Engine Memory Corruption Vulnerability (CVE-2017-11858)
1008697 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2017-11855)
1008698 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2017-11856)
1008703 - Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CVE-2017-11869)


Web Proxy Apache
1006244* - Apache HTTP Server 'mod_cache' Module Remote Denial Of Service Vulnerability


Web Server Apache
1008556* - Apache Continuum Arbitrary Command Execution Vulnerability
1008683 - Apache HTTP Server Memory Corruption Vulnerability (CVE-2017-9788)


Web Server SAP
1008615* - SAP Netweaver Disp Work Request Resource Exhaustion Denial Of Service Vulnerability (CVE-2017-9845)


Integrity Monitoring Rules:

1006683* - TMTR-0016: Suspicious Running Processes Detected


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.