Rule Update

18-043 (August 7, 2018)


  DESCRIPTION

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

CyberArk Password Vault
1009127* - CyberArk Password Vault Memory Disclosure Vulnerability (CVE-2018-9842)


FTP Server WarFTPd
1009229 - WarFTPd 'CWD/MKD' Command Denial Of Service Vulnerability (CVE-2000-0131)


ISC DHCP OMAPI
1008902 - Identified Too Many DHCP OMAPI Connections


Microsoft Office
1009200 - Microsoft Excel Information Disclosure Vulnerability (CVE-2018-8246)


VoIP Smart
1008911 - Asterisk SUBSCRIBE Request Buffer Overflow Remote Code Execution Vulnerability (CVE-2018-7284)


Web Application Common
1005933* - Identified Directory Traversal Sequence In Uri Query Parameter
1009178 - ImageMagick 'MngInfoDiscardObject' Heap Use After Free Vulnerability (CVE-2017-18272) - 1
1009198 - ImageMagick 'ReadTXTImage' Denial Of Service Vulnerability (CVE-2017-18273) - 1


Web Application PHP Based
1008920 - Joomla Component 'jLike' Information Leak Vulnerability (CVE-2018-6610)


Web Client Common
1009165 - Adobe Acrobat And Reader Heap Overflow Vulnerability (CVE-2018-4978)
1009175 - Adobe Acrobat And Reader Heap Overflow Vulnerability (CVE-2018-4984)
1008886* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB18-02) - 3
1009096* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB18-09) - 1
1009208* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB18-21) - 3
1009177 - ImageMagick 'MngInfoDiscardObject' Heap Use After Free Vulnerability (CVE-2017-18272)
1009197 - ImageMagick 'ReadTXTImage' Denial Of Service Vulnerability (CVE-2017-18273)
1009149 - Microsoft Windows OpenType Font Driver Elevation Of Privilege Vulnerability (CVE-2018-1008)
1008961* - Microsoft Windows Remote Assistance Information Disclosure Vulnerability (CVE-2018-0878)
1009238* - Microsoft Windows Remote Code Execution Vulnerability


Web Client Internet Explorer/Edge
1009221 - Microsoft Edge Memory Corruption Vulnerability (CVE-2018-8139)
1008929* - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2018-0893)


Web Server Apache
1009170 - Apache Server Side Include Cross Site Scripting Vulnerability (CVE-2002-0840)


Web Server Miscellaneous
1008840* - Apache CouchDB '_config' Command Execution Vulnerability


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

1003447* - Web Server - Apache