Rule Update

16-002 (January 26, 2016)


  DESCRIPTION

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

OpenSSL
1007328* - OpenSSL Certificate Missing PSS Parameter Denial Of Service Vulnerability (CVE-2015-3194)


SSL Client
1007382 - Identified MD5 Hash Algorithm In TLS Server Key Exchange Traffic - Client
1007384 - TLS1.2 Signature Hash Algorithm Downgrade Attack Used In SLOTH - Client


SSL/TLS Server
1007380 - Identified MD5 Hash Algorithm In TLS Server Key Exchange Traffic - Server
1007379* - TLS1.2 Signature Hash Algorithm Downgrade Attack Used In SLOTH - Server


Web Client Common
1007385 - Adobe Acrobat And Reader Memory Corruption Vulnerability (CVE-2016-0931)
1007387 - Adobe Acrobat And Reader Memory Corruption Vulnerability (CVE-2016-0933)
1007398 - Adobe Acrobat And Reader Memory Corruption Vulnerability (CVE-2016-0936)
1007390 - Adobe Acrobat And Reader Memory Corruption Vulnerability (CVE-2016-0938)
1007391 - Adobe Acrobat And Reader Memory Corruption Vulnerability (CVE-2016-0939)
1007395 - Adobe Acrobat And Reader Memory Corruption Vulnerability (CVE-2016-0944)
1007396 - Adobe Acrobat And Reader Memory Corruption Vulnerability (CVE-2016-0945)
1007397 - Adobe Acrobat And Reader Memory Corruption Vulnerability (CVE-2016-0946)
1007394 - Adobe Acrobat And Reader Security Bypass Vulnerability (CVE-2016-0943)
1007386 - Adobe Acrobat And Reader Use After Free Vulnerability (CVE-2016-0932)
1007388 - Adobe Acrobat And Reader Use After Free Vulnerability (CVE-2016-0934)
1007389 - Adobe Acrobat And Reader Use After Free Vulnerability (CVE-2016-0937)
1007392 - Adobe Acrobat And Reader Use After Free Vulnerability (CVE-2016-0940)
1007393 - Adobe Acrobat And Reader Use After Free Vulnerability (CVE-2016-0941)
1007368* - Microsoft DirectShow Heap Corruption Vulnerability (CVE-2016-0015)
1007250* - Microsoft Windows Integer Underflow Vulnerability (CVE-2015-6130)
1007287* - Microsoft Windows Library Loading Remote Code Execution Vulnerability Over WebDAV (CVE-2015-6128)
1007288* - Microsoft Windows Library Loading Remote Code Execution Vulnerability Over WebDAV (CVE-2015-6132)
1007284* - Microsoft Windows Library Loading Remote Code Execution Vulnerability Over WebDAV (CVE-2015-6133)
1007179 - Oracle Java Runtime Environment TTF/Type1 Font Multiple NULL Pointer Dereferences Vulnerabilities


Web Client Internet Explorer/Edge
1007225* - Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CVE-2015-6136)
1007362* - Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CVE-2016-0002)


Web Server Common
1005496* - Identified HTTP Request Smuggling Attack


Web Server Miscellaneous
1007060 - Red Hat JBoss RichFaces Remote Code Execution Vulnerability (CVE-2015-0279)


Integrity Monitoring Rules:

1003020* - Trend Micro Deep Security Manager


Log Inspection Rules:

1002828* - Application - Secure Shell Daemon (SSHD)