Rule Update

17-056 (November 28, 2017)


  DESCRIPTION

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

HP Network Automation
1008676 - HPE Network Automation FileServlet Information Disclosure Vulnerability (CVE-2017-5811)


Microsoft Office
1008716* - Microsoft Excel Memory Corruption Vulnerability (CVE-2017-11878)
1008746* - Microsoft Office Memory Corruption Vulnerability (CVE-2017-11882)


SSL Client
1008533 - GnuTLS Proxy Certificate Information Extension Memory Corruption Vulnerability (CVE-2017-5334) - Client


SSL/TLS Server
1008534 - GnuTLS Proxy Certificate Information Extension Memory Corruption Vulnerability (CVE-2017-5334) - Server


Suspicious Client Application Activity
1008756 - Identified Potentially Malicious RAT Traffic - VII


Web Application PHP Based
1008626 - Drupal Services Module Remote Code Execution Vulnerability


Web Client Common
1008735* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB17-36) - 5


Web Client Internet Explorer/Edge
1008701* - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2017-11861)


Web Server Oracle
1008688 - Oracle Identity Manager Default Account Vulnerability (CVE-2017-10151)


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.