Rule Update

17-013 (March 21, 2017)


  DESCRIPTION

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

DNS Client
1008180* - ISC BIND Inconsistent DS Record Assertion Failure Denial Of Service Vulnerability (CVE-2016-9444)
1008136* - ISC BIND RRSIG Record Response Assertion Failure Denial Of Service (CVE-2016-9147)


NTP Server Linux
1007741* - NTP Crypto-NAK Packets Symmetric Association Authentication Bypass Vulnerability (CVE-2015-7871)


Web Application PHP Based
1008125* - Joomla Denial Of Service Vulnerability (CVE-2013-3242)
1008135* - PHP Exif Null Pointer Dereference Vulnerability (CVE-2016-6292)
1008037* - PHP GC Use After Free Vulnerability (CVE-2016-5771)
1008144* - PHP Remote Code Execution Vulnerability (CVE-2017-5340)
1008131* - PHP Unserialize() ZVAL Reference Counter Overflow Vulnerability (CVE-2007-1286)
1007289* - PHP cURL Lib NULL Byte Injection Vulnerability
1008182* - PHP phar_parse_pharfile Integer Overflow Vulnerability (CVE-2016-10159)
1008148 - WordPress Ninja Forms Unauthenticated File Upload Vulnerability (CVE-2016-1209)
1003085* - WordPress RSS Feed Generator self_link HTTP_HOST Cross-Site Scripting
1008186* - phpMyAdmin Authenticated Remote Code Execution Vulnerability (CVE-2013-3238)


Web Client Common
1008251 - Adobe Flash Player Multiple Security Vulnerabilities (APSB17-07)
1004335* - Apple QuickTime 'QuickTimeStreaming.qtx' Remote Stack Buffer Overflow
1008107 - Oracle Java Remote Code Execution Vulnerability (CVE-2016-3598)


Web Client Internet Explorer/Edge
1008149* - Microsoft Internet Explorer Information Disclosure Vulnerability (CVE-2017-0008)


Web Server Adobe ColdFusion
1008113* - Adobe ColdFusion OOXML XXE Information Disclosure Vulnerability (CVE-2016-4264)


Web Server HTTPS
1008137 - Identified TLS/SSL DES Cipher Suite Is Being Supported


Web Server Miscellaneous
1008104* - Apache ActiveMQ Multiple Remote Code Execution Vulnerabilities (CVE-2016-3088)
1008207* - Apache Struts2 Remote Code Execution Vulnerability (CVE-2017-5638)
1008141* - Jetty Path Sanitization Vulnerability (CVE-2016-4800)


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.