Rule Update

18-026 (May 8, 2018)


  DESCRIPTION

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

DCERPC Services
1003984* - SMB NTLM Authentication Lack Of Entropy Vulnerability


DCERPC Services - Client
1009058 - Detected Server Message Block (SMB) Outgoing Request


DNS Server
1008652 - DNSmasq Answer Auth And Answer Request Integer Underflow Vulnerability (CVE-2017-13704)


EMC Data Protector Advisor
1008827* - EMC Data Protection Advisor 'ScheduledReportResource' Directory Traversal Information Disclosure Vulnerability (CVE-2017-8003)


HP Intelligent Management Center (IMC)
1008905* - HPE Intelligent Management Center 'UrlAccessController' Authentication Bypass Vulnerability (CVE-2017-8982)


HP Intelligent Management Center Dbman
1008909* - HPE Intelligent Management Center 'dbman' Stack-based Buffer Overflow Remote Code Execution Vulnerability (CVE-2017-8981)
1008795* - HPE Intelligent Management Center Multiple 'dbman' Opcode Command Injection Vulnerabilities


Microsoft Office
1009075 - Microsoft Excel Multiple Remote Code Execution Vulnerabilities (May-2018)
1009073 - Microsoft Office Remote Code Execution Vulnerability (CVE-2018-8157)
1009072 - Microsoft Office Remote Code Execution Vulnerability (CVE-2018-8158)


Trend Micro Control Manager
1008799* - Trend Micro Control Manager 'cmdHandlerFileHandling' Directory Traversal Remote Code Execution Vulnerability (CVE-2017-11389)


Trend Micro OfficeScan
1008907* - Trend Micro OfficeScan Multiple Security Vulnerabilities
1008659* - Trend Micro Smart Protection Server 'wcs_bwlists_handler' Command Injection Remote Code Execution Vulnerability


Web Application Common
1008997* - Oracle WebLogic Remote Diagnosis Assistant Information Disclosure Vulnerability (CVE-2018-2617)
1009057 - Pivotal Spring Data Commons Remote Code Execution Vulnerability (CVE-2018-1273)


Web Application PHP Based
1009054* - Drupal Core Remote Code Execution Vulnerability (CVE-2018-7602)
1008848* - PHP 'gdImageCreateFromGifCtx' Denial Of Service Vulnerability (CVE-2018-5711)
1008919* - PHP 'var_unserializer.c' Buffer Overflow Vulnerability (CVE-2016-10161)


Web Client Common
1008886* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB18-02) - 3
1009088 - Microsoft Windows Multiple Elevation Of Privilege Vulnerabilities (May 2018)
1009067 - Microsoft Windows VBScript Engine Remote Code Execution Vulnerability (CVE-2018-8174)


Web Client Internet Explorer/Edge
1009078 - Microsoft Edge Memory Corruption Vulnerability (CVE-2018-8123)
1009068 - Microsoft Edge Memory Corruption Vulnerability (CVE-2018-8179)
1009094 - Microsoft Edge Out Of Bounds Read Vulnerability (CVE-2018-8137)
1008933* - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2018-0933)
1008934* - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2018-0934)
1009086 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2018-0946)
1009085 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2018-0951)
1009084 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2018-0953)
1009076 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2018-8133)
1009083 - Microsoft Internet Explorer And Edge Scripting Engine Memory Corruption Vulnerability (CVE-2018-0954)
1009061 - Microsoft Internet Explorer Information Disclosure Vulnerability (CVE-2017-11790)
1009082 - Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CVE-2018-0955)
1009081 - Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CVE-2018-8114)
1009079 - Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CVE-2018-8122)


Web Server Miscellaneous
1008944* - Novell ZenWorks Configuration Management Remote Code Execution Vulnerability (CVE-2015-0779)


Web Server Oracle
1009046* - Oracle WebLogic Server Elevation Of Privilege Vulnerability (CVE-2018-2628)


Web Server SAP
1008950* - SAP NetWeaver AS JAVA CRM Remote Command Execution Vulnerability (CVE-2018-2380)


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.