Rule Update

17-050 (October 17, 2017)


  DESCRIPTION

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

Asterisk Server IAX2
1008467 - Asterisk Skinny Denial Of Service Vulnerability (CVE-2017-9358)


DHCPv6 Server
1008651 - Dnsmasq DHCPv6 Buffer Overflow Vulnerability (CVE-2017-14493)


DNS Client
1008650 - Dnsmasq Heap Buffer Overflow Vulnerability (CVE-2017-14491)


HP Intelligent Management Center IMC Syslog Daemon
1008505* - HPE Intelligent Management Center (iMC) Remote Code Execution Vulnerability (CVE-2017-5815)


Microsoft Office
1008661 - Microsoft Office Memory Corruption Vulnerability (CVE-2017-11826)
1008629 - Microsoft Office Memory Corruption Vulnerability (CVE-2017-8744)


VoIP Smart
1008466 - Asterisk PJSIP Denial Of Service Vulnerability (CVE-2017-9359)


Web Application Common
1008606* - ImageMagick WritePSImage Information Disclosure Vulnerability (CVE-2017-11535) - 1


Web Client Common
1008667 - Adobe Flash Player Type Confusion Vulnerability (CVE-2017-11292)
1008655 - Microsoft JET Database Engine Remote Code Execution Vulnerability (CVE-2017-8717)
1008656 - Microsoft JET Database Engine Remote Code Execution Vulnerability (CVE-2017-8718)


Web Client Internet Explorer/Edge
1008657 - Microsoft Edge Information Disclosure Vulnerability (CVE-2017-11794)
1008153* - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2017-0037)


Web Server Apache
1008127* - Apache Commons File Upload Boundary Denial Of Service Vulnerability (CVE-2016-3092)


Web Server IIS
1004398* - Request Header Buffer Overflow Vulnerability


Web Server Miscellaneous
1008620* - Apache Struts Denial Of Service Vulnerability (CVE-2017-9793)


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.