Rule Update

17-039 (August 15, 2017)


  DESCRIPTION

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

FTP Server Common
1008463* - Core FTP Server Heap Overflow Vulnerability


HP Intelligent Management Center (IMC)
1008469* - HPE Intelligent Management Center CommonUtils ZIP Directory Traversal Vulnerability (CVE-2017-5793)


Kerberos KDC Server
1008475* - MIT Kerberos TGS RequestHandler Denial Of Service Vulnerability (CVE-2015-2697)


Unix SSH
1008515* - OpenSSH KEXINIT Denial Of Service Vulnerability (CVE-2016-8858)


VoIP Soft Phones
1008430* - Asterisk Long Contact URIs REGISTER Requests Denial Of Service Vulnerability


Web Application Common
1008415* - ImageMagick 'pict.c' Denial Of Service Vulnerability (CVE-2017-8353)
1008496* - ImageMagick Denial Of Service Vulnerability (CVE-2017-9407) - 1
1008499* - ImageMagick Denial Of Service Vulnerability (CVE-2017-9439) - 1
1008500* - ImageMagick Denial Of Service Vulnerability (CVE-2017-9440) - 1
1008418* - ImageMagick Memory Corruption Vulnerability (CVE-2016-8862)


Web Application PHP Based
1008516* - PHP Buffer Over-Read Into Uninitialized Memory Vulnerability (CVE-2017-7890)
1008409* - PHP exif_process_IFD_in_TIFF Function Memory Leak Vulnerability (CVE-2016-7128)


Web Client Common
1008537 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB17-24) - 1
1008545 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB17-24) - 2
1008535 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB17-24) - 3
1008544 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB17-24) - 4
1008538 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB17-24) - 5
1008543 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB17-24) - 6
1008536 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB17-24) - 7
1008546 - Adobe Flash Player Type Confusion Vulnerability (CVE-2017-3106)
1008392 - Foxit Reader BMP Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
1008478 - Microsoft MsMpEng Use After Free Vulnerability (CVE-2017-8540)
1008480 - Microsoft MsMpEng Use After Free Vulnerability (CVE-2017-8541)
1008532 - Microsoft Windows GDI Information Disclosure Vulnerability (CVE-2017-0190)


Web Proxy Squid
1008111* - Squid HTTP Response Denial Of Service Vulnerability


Web Server Apache
1008519* - Apache HTTP Server Denial Of Service Vulnerability (CVE-2017-7668)


Web Server Miscellaneous
1008491* - Apache Struts Security Bypass Vulnerability (CVE-2016-4436)


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.