Rule Update

18-039 (July 24, 2018)


  DESCRIPTION

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

Advanced Message Queuing Protocol (AMQP)
1009126* - Pivotal Spring AMQP Remote Code Execution Vulnerability (CVE-2017-8045)


SNMP Server
1009115* - Microsoft Windows SNMP Service Denial of Service Vulnerability (CVE-2018-0967)


SSH Client
1008580* - OpenSSH Client Multiple Security Vulnerabilities


VoIP Smart
1008941* - Asterisk 'chan_pjsip' SDP Format Denial Of Service Vulnerability


Web Application Common
1009145* - Atlassian OAuth Plugin Information Disclosure Vulnerability (CVE-2017-9506)
1009154* - ImageMagick 'GetImagePixelCache' Denial Of Service Vulnerability (CVE-2018-11655) - 1
1009152* - ImageMagick 'MngInfoDiscardObject' Heap Use After Free Vulnerability (CVE-2018-11251) - 1
1009156* - ImageMagick 'ReadDCMImage' Denial Of Service Vulnerability (CVE-2018-11656) - 1
1008966* - ImageMagick Multiple Security Vulnerabilities (Server) - 1
1008968* - ImageMagick Multiple Security Vulnerabilities (Server) - 2
1008957* - ImageMagick Multiple Security Vulnerabilities (Server) - 8
1008953* - ImageMagick Multiple Security Vulnerabilities (Server) - 9
1009151* - Pivotal Spring PATCH Requests Remote Code Execution (CVE-2017-8046)


Web Application PHP Based
1008856* - PHP Out-Of-Bounds Write Vulnerability (CVE-2016-5399)


Web Client Common
1009218* - Microsoft Windows VBScript Engine Use-After-Free Vulnerability


Web Server Common
1009124* - CyberArk Password Vault Web Access Remote Code Execution Vulnerability (CVE-2018-9843)


Integrity Monitoring Rules:

1003087* - AntiVirus - Trend Micro OfficeScan Client
1003744* - AntiVirus - Trend Micro OfficeScan Server
1003379* - Application - Gzip
1003166* - Application - IBM WebSphere Application Server
1003533* - Application - OpenSSH
1003370* - Application - OpenSSL
1003167* - Application - Oracle Bea WebLogic Server
1003374* - Application - PHP
1003139* - Application Server - Sun ONE
1002998* - Backup Server - CA BrightStor ARCserve
1003200* - Database Server - IBM DB2
1003241* - Database Server - Ingres
1003090* - Database Server - Oracle
1003105* - Database Server - PostgreSQL for Windows
1003102* - Directory Service - Novell eDirectory
1002914* - FTP Server - NettermFTP
1002898* - FTP Server - WS_FTP
1002849* - FTP Server - WarFTPD
1002851* - HTTP Server - Apache
1002910* - HTTP Server - IIS
1002853* - HTTP Server - Tomcat
1003151* - Instant Messenger - AOL Instant Messenger
1003152* - Instant Messenger - MSN Messenger
1003136* - Instant Messenger - Yahoo! Messenger
1003077* - Mail Server - IBM Lotus Domino
1003363* - Mail Server - IPSwitch IMail
1003039* - Mail Server - MDaemon
1003040* - Mail Server - MailEnable
1003092* - Mail Server - Merak
1003063* - Mail Server - Microsoft Exchange Server
1003367* - Microsoft Windows - DHCP Server
1002776* - Microsoft Windows - Startup Programs Modified
1003096* - PDF Viewer - Adobe Acrobat
1002900* - TFTP Server - 3CDaemon
1003019* - Trend Micro Deep Security Agent / Relay
1003020* - Trend Micro Deep Security Manager


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.