Rule Update

17-007 (February 21, 2017)


  DESCRIPTION

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

DCERPC Services - Client
1008138* - Microsoft Windows SMB Tree Connect Response Denial Of Service Vulnerability (CVE-2017-0016)


DNS Client
1008180 - ISC BIND Inconsistent DS Record Assertion Failure Denial Of Service Vulnerability (CVE-2016-9444)
1008136 - ISC BIND RRSIG Record Response Assertion Failure Denial Of Service (CVE-2016-9147)


Suspicious Client Ransomware Activity
1007579* - Ransomware HTTP Request


Unix Kerberos
1008095* - MIT Kerberos 'kadmin' DB Denial Of Service Vulnerability (CVE-2016-3119)


Web Application Common
1007609* - ImageMagick Remote Code Execution Vulnerability (CVE-2016-3714)


Web Application PHP Based
1008125 - Joomla Denial Of Service Vulnerability (CVE-2013-3242)
1008037 - PHP GC Use After Free Vulnerability (CVE-2016-5771)
1008131 - PHP Unserialize() ZVAL Reference Counter Overflow Vulnerability (CVE-2007-1286)
1008140* - WordPress REST API Unauthenticated Content Injection Vulnerability
1008132* - phpMyAdmin RegEx Pattern Modifier Code Injection Vulnerability (CVE-2016-5734)


Web Client Common
1008121* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB17-01) - 2
1008183 - Adobe Flash Player Multiple Security Vulnerabilities (APSB17-04)
1008171 - Microsoft Windows Graphics Component Information Disclosure Vulnerability (CVE-2017-0038)
1008108 - Oracle Java Uninitialized Object Generation Remote Code Execution Vulnerability (CVE-2016-3606)


Web Client Internet Explorer/Edge
1008064* - Microsoft Edge Memory Corruption Vulnerability (CVE-2016-7288)


Web Media Applications
1002451* - YouTube


Web Server Miscellaneous
1008097* - Identified Apache Struts Incorrect Default 'excludeParams' Security Bypass Vulnerability
1008141 - Jetty Path Sanitization Vulnerability (CVE-2016-4800)
1008093* - Oracle GlassFish Server Username And Password Brute Force Vulnerability (CVE-2011-0807)


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.