Rule Update

18-033 (June 19, 2018)


  DESCRIPTION

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

DCERPC Services
1003080* - Server Service Vulnerability (srvsvc)


DNS Client
1009135* - Microsoft Windows DNSAPI Remote Code Execution Vulnerability (CVE-2018-8225)


SIP SSL Client
1008554* - Digium Asterisk TLS Certificate Validation Security Bypass Vulnerability (CVE-2015-3008)


Unix RSync
1008896* - Rsync 'receive_xattr' Heap-based Buffer Overread Vulnerability (CVE-2017-16548)


VoIP Soft Phones
1008653* - Digium Asterisk Non-SIP URIs Denial Of Service Vulnerability (CVE-2017-14098)


Web Application Common
1009145 - Atlassian OAuth Plugin Information Disclosure Vulnerability (CVE-2017-9506)
1009111 - ImageMagick 'DecodeLabImage' And 'EncodeLabImage' Denial Of Service Vulnerability (CVE-2018-9133) - 1
1009109 - ImageMagick 'IsWEBPImageLossless' Heap Buffer Over Read Vulnerability (CVE-2018-9135) - 1
1009118 - ImageMagick 'ReadDCMImage' Denial Of Service Vulnerability (CVE-2018-8804) - 1
1008986 - ImageMagick 'load_tile' Denial Of Service Vulnerability (CVE-2017-13133) - 1


Web Application PHP Based
1008895 - PHP 'php_wddx_push_element' Function Out Of Bound Read Vulnerability (CVE-2016-7418)
1008914* - PHP WDDX Deserialization Denial Of Service Vulnerability (CVE-2017-11143)
1008913* - PHP WDDX Deserialization Heap Out-Of-Bound Read Vulnerability (CVE-2017-11145)


Web Client Common
1009110 - ImageMagick 'DecodeLabImage' And 'EncodeLabImage' Denial Of Service Vulnerability (CVE-2018-9133)
1009108 - ImageMagick 'IsWEBPImageLossless' Heap Buffer Over Read Vulnerability (CVE-2018-9135)
1009063 - ImageMagick 'ReadDCMImage' Denial Of Service Vulnerability (CVE-2018-8804)
1008985 - ImageMagick 'load_tile' Denial Of Service Vulnerability (CVE-2017-13133)


Web Server Apache
1009045 - Apache httpd 'mod_cache_socache' Denial Of Service Vulnerability (CVE-2018-1303)


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.

Featured Stories