Rule Update

17-016 (April 17, 2017)


  DESCRIPTION

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

DCERPC Services
1008224* - Microsoft Windows SMB Remote Code Execution Vulnerabilities (CVE-2017-0144 and CVE-2017-0146)
1008227* - Microsoft Windows SMB Remote Code Execution Vulnerability (CVE-2017-0147)
1008306 - Microsoft Windows SMB Remote Code Execution Vulnerability (MS17-010)
1008305 - Microsoft Windows SMBv1 Remote Code Execution Vulnerability
1004401* - Print Spooler Service Impersonation Vulnerability


Remote Desktop Protocol Server
1008307 - Microsoft Windows Remote Desktop Protocol Remote Code Execution Vulnerability


Web Application PHP Based
1008193* - PHP exif_convert_any_to_int Denial Of Service Vulnerability (CVE-2016-10158)
1008148* - WordPress Ninja Forms Unauthenticated File Upload Vulnerability (CVE-2016-1209)


Web Media Applications
1002451* - YouTube


Web Server Apache
1008117* - Apache Subversion mod_authz_svn Module Denial Of Service Vulnerability (CVE-2016-2168)


Web Server Common
1008194* - Oracle Java SE Remote Security Vulnerability (CVE-2017-3241)


Web Server Miscellaneous
1008178* - Novell Service Desk clientImportUploadForm Directory Traversal Vulnerability (CVE-2016-1593)


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.