Descripción

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

Arcserve Unified Data Protection
1008711* - Arcserve Unified Data Protection Management Service Information Disclosure Vulnerability (CVE-2015-4069)


DCERPC Services
1008380* - Microsoft Windows Group Policy Preferences Password Elevation Of Privilege Vulnerability (CVE-2014-1812)
1008713* - Microsoft Windows SMB Server SMBv1 Information Disclosure Vulnerability (CVE-2017-11815)
1008560* - Microsoft Windows Search Remote Code Execution Vulnerability (CVE-2017-8620)


Database Microsoft SQL
1008559* - Microsoft SQL Server Buffer Overflow Vulnerability (CVE-2008-0106)


Directory Server LDAP
1008459* - Samba NDR Parsing Remote Code Execution Vulnerability (CVE-2016-2123)


HP Intelligent Management Center (IMC)
1008806* - HPE Intelligent Management Center FileUploadServlet Directory Traversal Vulnerability (CVE-2017-5794)
1008686* - HPE Operations Orchestration Deserialization Remote Code Execution Vulnerability (CVE-2016-8519)


Mail Server Exim
1008758* - Exim Unix Mailer Multiple Security Vulnerabilities


NFS Server
1008802 - Linux Kernel NFSv4 nfsd PNFS Denial Of Service Vulnerability (CVE-2017-8797)


Network Scanner
1008800 - Bypass Network Scanner Traffic


OpenSSL
1008715* - OpenSSL X.509 IPAddressFamily Extension Parsing Out-Of-Bounds Read Vulnerability (CVE-2017-3735) - Server


Oracle Tuxedo JOLT
1008798* - Oracle Tuxedo Jolt Heap Buffer Overflow Vulnerability (CVE-2017-10278)
1008845* - Oracle Tuxedo Remote Security Vulnerability (CVE-2017-10269)


Symantec Messaging Gateway
1008741* - Symantec Messaging Gateway Remote Code Execution Vulnerability (CVE-2017-6326)


Trend Micro Control Manager
1008760* - Trend Micro Control Manager SQL Injection Vulnerability (CVE-2017-11383)
1008589* - Trend Micro Control Manager cmdHandlerLicenseManager SQL Injection Vulnerability (CVE-2017-11384)


Unix Samba
1008644* - Samba Arbitrary File Write Vulnerability (CVE-2017-12163)


Web Server Common
1008724* - Trend Micro SafeSync For Enterprise 'device_id' 'role' Command Injection Vulnerability
1008723* - Trend Micro SafeSync For Enterprise Command Injection Vulnerability


Web Server Miscellaneous
1008747 - Adobe ColdFusion RMI Registry Insecure Deserialization (CVE-2017-11284)
1008673* - IBM Informix Open Admin Tool Heap Buffer Overflow Vulnerability (CVE-2017-1092)
1008674* - IBM Informix Open Admin Tool Remote Code Execution Vulnerability (CVE-2017-1092)


Web Server Oracle
1008808* - Oracle WebLogic WLS Security Component Remote Code Execution Vulnerabilities


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

1002828* - Application - Secure Shell Daemon (SSHD)