Rule Update

17-045 (September 12, 2017)


  DESCRIPTION

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

SSH Client
1008580 - OpenSSH Forward Option Handler Buffer Overflow Vulnerability (CVE-2016-0778)


Web Application Common
1005402* - Identified Suspicious User Agent In HTTP Request
1008512 - ImageMagick Denial Of Service Vulnerability (CVE-2017-9261) - 1
1008418* - ImageMagick Memory Corruption Vulnerability (CVE-2016-8862)
1008540 - ImageMagick ReadMATImage Information Disclosure Vulnerability (CVE-2017-11644) - 1
1008542 - ImageMagick ReadMATImage Information Disclosure Vulnerability (CVE-2017-11724) - 1


Web Client Common
1008511 - ImageMagick Denial Of Service Vulnerability (CVE-2017-9261)
1008539 - ImageMagick ReadMATImage Information Disclosure Vulnerability (CVE-2017-11644)
1008541 - ImageMagick ReadMATImage Information Disclosure Vulnerability (CVE-2017-11724)
1008604 - Microsoft Windows .NET Framework Remote Code Execution Vulnerability (CVE-2017-8759)
1008602 - Microsoft Windows PDF Library Multiple Remote Code Execution Vulnerabilities (Sep-2017)
1008592 - Microsoft Windows Win32k Graphics Remote Code Execution Vulnerability (CVE-2017-8682)


Web Client Internet Explorer/Edge
1008594 - Microsoft Edge Memory Corruption Vulnerability (CVE-2017-8731)
1008595 - Microsoft Edge Memory Corruption Vulnerability (CVE-2017-8734)
1008603 - Microsoft Edge Remote Code Execution Vulnerability (CVE-2017-8757)
1008484* - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2017-8601)
1008564 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2017-8634)
1008566 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2017-8640)
1008597 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2017-8738)
1008601 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2017-8753)
1008600 - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2017-8750)
1008598 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2017-8747)
1008599 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2017-8749)


Web Server Common
1008581 - Identified Suspicious IP Addresses In XFF HTTP Header


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.