Rule Update

16-011 (April 26, 2016)


  DESCRIPTION

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

Backup Server IBM Tivoli Storage Manager FastBack Server
1007351* - IBM Tivoli Storage Manager FastBack Command Execution Vulnerability (CVE-2015-1949)
1007357* - IBM Tivoli Storage Manager FastBack Server Buffer Overflow (CVE-2015-1929)
1007356* - IBM Tivoli Storage Manager FastBack Server Buffer Overflow Vulnerability (CVE-2015-1924)
1007352* - IBM Tivoli Storage Manager FastBack Server Information Disclosure Vulnerability (CVE-2015-1941)
1007354* - IBM Tivoli Storage Manager FastBack Server Memory Corruption Vulnerability
1007353* - IBM Tivoli Storage Manager FastBack Server Opcode 1301 Remote Code Execution Vulnerability
1007365* - IBM Tivoli Storage Manager FastBack Server Opcode 1335 Remote Code Execution Vulnerability
1007464* - IBM Tivoli Storage Manager FastBack Stack Buffer Overflow Vulnerability (CVE-2015-4931)


HP Intelligent Management Center (IMC)
1005845* - HP Intelligent Management Center sdFileDownload Servlet Remote File Disclosure Vulnerability


TFTP Server
1003955* - TFTP Server Packet Handling Remote Buffer Overflow Vulnerability


Web Application PHP Based
1007597 - Joomla Akeeba Kickstart Unserialize Remote Code Execution Vulnerability (CVE-2014-7228)
1006786 - PHP exif_process_unicode() Function Uninitialized Pointer Freeing Remote Code Execution Vulnerability
1007178 - WordPress Font Plugin Path Traversal Vulnerability (CVE-2015-7683)


Web Application Ruby Based
1007520 - RubyGems Actionpack Denial Of Service Vulnerability (CVE-2013-6414)


Web Client Common
1007536 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-8426)
1007600 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-8823)
1007018 - cURL/libcURL Cookie Parser Out Of Bounds Read Remote Code Execution Vulnerability (CVE-2015-3145)


Web Client Internet Explorer/Edge
1004958* - Internet Explorer Exec ActiveX Remote Code Execution
1007552* - Microsoft Edge Elevation Of Privilege Vulnerability (CVE-2016-0161)


Web Server Common
1005434* - Disallow Upload Of A PHP File
1007222* - WordPress Ajax Load More Plugin File Upload Vulnerability


Web Server IIS
1007430* - Microsoft .NET Framework Stack Overflow Denial Of Service Vulnerability (CVE-2016-0033)


Web Server Oracle
1007204* - Oracle WebLogic Server Java Deserialization Objects Remote Code Execution Vulnerability


Windows Services RPC Client
1007494* - Adobe Acrobat DLL Loading Arbitrary Code Execution Vulnerability (CVE-2016-1008)
1007566* - Adobe Flash Player DLL Hijacking Vulnerability Over Network Share (CVE-2016-1014)
1007592* - Microsoft Windows DLL Loading Vulnerabilities Over Network Share (CVE-2016-0160 and CVE-2016-0148)


Windows Services RPC Server
1007596 - Identified Suspicious File Extension Rename Activity Over Network Share
1007598 - Identified Suspicious Rename Activity Over Network Share


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.