Rule Update

18-057 (October 16, 2018)


  DESCRIPTION

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

Asterisk RTP Protocol
1008964 - Digium Asterisk Compound RTCP Out-Of-Bounds Write Vulnerability (CVE-2017-17664)


DCERPC Services - Client
1009331* - Microsoft Filter Manager Elevation Of Privilege Vulnerability (CVE-2018-8333)


Directory Server LDAP
1008842* - OpenLDAP 'deref_parseCtrl' Denial Of Service Vulnerability (CVE-2015-1545)


Mail Server Common
1009117* - Dovecot 'rfc822_parse_domain' Out Of Bounds Read Vulnerability (CVE-2017-14461)


Microsoft Office
1009073* - Microsoft Office Remote Code Execution Vulnerability (CVE-2018-8157)


Remote Desktop Protocol Server
1009343 - Identified Too Many SSL Alert Messages In SSLv3 Over RDP


Web Application Common
1009310 - Microsoft Exchange Server SSRF Vulnerability (CVE-2018-16793)


Web Client Common
1008937 - Apache Subversion Client svn-ssh URL Command Execution Vulnerability (CVE-2017-9800)
1009092* - Foxit PDF Reader JavaScript 'XFA Clone' Remote Code Execution Vulnerability (CVE-2018-3850)
1009237 - Foxit Reader Multiple Security Vulnerabilities - 1
1009231 - Foxit Reader Multiple Security Vulnerabilities - 2
1009236 - Foxit Reader Multiple Security Vulnerabilities - 3
1009232 - Foxit Reader Multiple Security Vulnerabilities - 4
1009235 - Foxit Reader Multiple Security Vulnerabilities - 5
1009147 - Microsoft Windows .NET Framework Device Guard Security Feature Bypass Vulnerability (CVE-2018-1039)
1009171* - Microsoft Windows Shell Remote Code Execution Vulnerability (CVE-2018-8414)
1009238* - Microsoft Windows Shell Remote Code Execution Vulnerability (CVE-2018-8414) - 1
1009338* - Microsoft Windows Shell Remote Code Execution Vulnerability (CVE-2018-8495)


Integrity Monitoring Rules:

1003105* - Database Server - PostgreSQL


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.