描述

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

DCERPC Services - Client

1008915* - Microsoft Windows SMBv3 Denial Of Service Vulnerability (CVE-2018-0833)

DHCPv6 Server

1008668 - Dnsmasq Information Leak Vulnerability (CVE-2017-14494)

HP Intelligent Management Center (IMC)

1008709* - HPE Intelligent Management Center 'getSelInsBean' Expression Language Injection Vulnerability (CVE-2017-12490)

1008718 - HPE Intelligent Management Center 'userSelectPagingContent' Expression Language Injection Vulnerability (CVE-2017-12521)

1008797* - HPE Operations Orchestration Backwards-Compatibility Beanutils Deserialization Vulnerability (CVE-2017-8994)

1008687* - HPE Operations Orchestration Central-Remoting Insecure Deserialization Vulnerability (CVE-2017-8994)

1008765* - Hewlett Packard Enterprise Intelligent Management Center Language Injection Remote Code Execution Vulnerabilities

HP Network Automation

1008677 - HPE Network Automation PermissionFilter Authentication Bypass Vulnerability (CVE-2017-5812)

HP OpenView

1004786* - HP Data Protector Client EXEC_CMD Perl Remote Code Execution Vulnerability

Mail Client Windows

1001190* - Microsoft Windows Explorer WMF File Denial Of Service.

1001269* - Microsoft Windows Media Format ASF Parsing Remote Code Execution (CVE-2007-0064)

Mail Server Exim

1008940* - Exim Buffer Overflow Remote Code Execution Vulnerability (CVE-2018-6789)

RADIUS Server

1008816 - FreeRADIUS 'rad_coalesce' Out Of Bounds Read Vulnerability (CVE-2017-10979)

Remote Desktop Protocol Server

1007969* - Identified Suspicious Remote Desktop Protocol (RDP) Brute Force Attempt

Suspicious Client Application Activity

1008946 - Heuristic Detection Of Suspicious Digital Certificate

Suspicious Client Ransomware Activity

1007706* - Ransomware Network Traffic - 3

Symantec Messaging Gateway

1008575* - Symantec Messaging Gateway Unauthenticated Remote Code Execution Vulnerability (CVE-2017-6327)

VoIP Smart

1008846* - Digium Asterisk PJSIP Contact Header Denial Of Service Vulnerability (CVE-2017-17850)

VoIP Soft Phones

1006537* - Asterisk Open Source SIP SUBSCRIBE Request Denial Of Service Vulnerability

Web Application Common

1005936* - Identified Local File Inclusion (LFI) Over HTTP

Web Application PHP Based

1008041* - Drupal Coder Module Remote Code Execution Vulnerability

1006386* - PHP 'unserialize()' Integer Overflow Vulnerability (CVE-2014-3669)

1008863 - PHP Openssl Extension PEM Sealing Denial Of Service Vulnerability (CVE-2017-11144)

1008893 - PHP ZIP Signature Verification Out Of Bound Memory Access Vulnerability (CVE-2016-7414)

1008664* - PHP finish_nested_data Function Heap Buffer Overflow Vulnerability (CVE-2017-12933)

Web Client Common

1008886* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB18-02) - 3

1008889* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB18-02) - 4

1007515* - Adobe Flash Player Heap Overflow Vulnerability (CVE-2016-1001)

1008854* - Adobe Flash Player Remote Code Execution Vulnerability (CVE-2018-4878)

1007507* - Adobe Flash Player Use After Free Vulnerability (CVE-2016-0988)

1007014* - Adobe Reader And Acrobat Heap Based Buffer Overflow Vulnerability (CVE-2015-5105)

1008719 - Foxit Reader PDF Parsing Multiple Out Of Bounds Read Information Disclosure Vulnerabilities

1008410* - Microsoft .NET Framework Pointer Verification Vulnerability (CVE-2009-0090)

1008903 - Microsoft Windows EOT Font Engine Information Disclosure Vulnerability (CVE-2018-0761)

1008172* - Microsoft Windows Kernel Elevation Of Privilege Vulnerability (CVE-2017-0050)

1001248* - Microsoft Windows Media Format ASF Parsing Remote Code Execution

1008448* - Microsoft Windows Multiple Elevation Of Privilege Vulnerabilities (June-2017)

1008341* - Microsoft Windows Multiple Security Vulnerabilities (May-2017)

1008521* - Microsoft Windows PDF Remote Code Execution Vulnerability (CVE-2017-0291)

1008892 - PHP ZIP Signature Verification Out Of Bound Memory Access Vulnerability (CVE-2016-7414) - 1

Web Client Internet Explorer/Edge

1004986* - Dell Webcam Central CrazyTalk4 ActiveX Control Buffer Overflow Vulnerability

1007470* - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-0105)

1005784* - Microsoft Internet Explorer Information Disclosure Vulnerability (CVE-2013-3908)

1006749* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1732)

1006750* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1733)

1006751* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1735)

1008881* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2018-0866)

1008796* - Microsoft Internet Explorer Scripting Engine Information Disclosure Vulnerability (CVE-2017-11906)

Web Client Mozilla Firefox

1008579* - Mozilla Firefox Use-After-Free Vulnerability (CVE-2016-1960)

Web Client SSL

1008528 - Squid Proxy Incorrect X509 Server Certificate Validation Vulnerability (CVE-2015-3455)

Web Server Common

1005434* - Disallow Upload Of A PHP File

1007185* - Java Unserialize Remote Code Execution Vulnerability

Web Server Miscellaneous

1008840* - Apache CouchDB '_config' Command Execution Vulnerability (CVE-2017-12636)

1008751* - Apache CouchDB Remote Code Execution Vulnerabilities (CVE-2017-12635)

1008843* - FasterXML Jackson JSON Library Deserializer Multiple Remote Code Execution Vulnerabilities

1007522* - JBoss Seam Parameterized EL Expressions Remote Code Execution Vulnerability

1002947* - Mambo CMS File Inclusion Vulnerability Scan (CVE-2005-3738)

1008527* - Nginx ngx_http_range_filter_module Integer Overflow Vulnerability (CVE-2017-7529)

1007060* - Red Hat JBoss RichFaces Remote Code Execution Vulnerability (CVE-2015-0279)

Windows Media Service

1004097* - Media Services Stack-based Buffer Overflow Vulnerability

Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.

Log Inspection Rules:

1003802* - Directory Server – Microsoft Windows Active Directory