Rule Update
17-054 (November 14, 2017)
DESCRIPTION
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Asterisk Server IAX2
1008467* - Asterisk Skinny Denial Of Service Vulnerability (CVE-2017-9358)
DHCPv6 Server
1008651* - Dnsmasq DHCPv6 Buffer Overflow Vulnerability (CVE-2017-14493)
DNS Client
1008650* - Dnsmasq Heap Buffer Overflow Vulnerability (CVE-2017-14491)
HP Intelligent Management Center WSM iNode
1008551* - HPE Intelligent Management Center Multiple Stack Buffer Overflow Vulnerabilities
Microsoft Office
1008695 - Microsoft Word Memory Corruption Vulnerability (CVE-2017-11854)
Remote Desktop Protocol Server
1003716* - Identified Too Many Remote Desktop Protocol (RDP) Connection Request
SSL/TLS Server
1008553* - GnuTLS DN Decoding Double Free Error Denial Of Service Vulnerability (CVE-2015-6251) - Server
Unix Kerberos
1008561 - Kerberos kadmind Policy Null Pointer Dereference Denial Of Service Vulnerability (CVE-2015-8630)
1008473* - MIT Kerberos Recvauth Message Handling Denial Of Service Vulnerability (CVE-2014-5355)
VoIP Smart
1008466* - Asterisk PJSIP Denial Of Service Vulnerability (CVE-2017-9359)
Web Application Common
1008530* - ImageMagick WritePTIFImage Denial Of Service Vulnerability (CVE-2017-11640) - 1
Web Client Common
1008538* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB17-24) - 5
1004133* - Heuristic Detection Of Malicious PDF Documents
1008716 - Microsoft Excel Memory Corruption Vulnerability (CVE-2017-11878)
1008630 - Microsoft Office Memory Corruption Vulnerability (CVE-2017-8631)
1008708 - Microsoft Windows Kernel Elevation Of Privilege Vulnerability (CVE-2017-11847)
Web Client Internet Explorer/Edge
1008710 - Microsoft Edge Memory Corruption Vulnerability (CVE-2017-11845)
1008704 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2017-11840)
1008705 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2017-11841)
1008701 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2017-11861)
1008706 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2017-11873)
1008696 - Microsoft Internet Explorer And Edge Scripting Engine Information Disclosure Vulnerability (CVE-2017-11791)
1008700 - Microsoft Internet Explorer And Edge Scripting Engine Memory Corruption Vulnerability (CVE-2017-11837)
1008707 - Microsoft Internet Explorer And Edge Scripting Engine Memory Corruption Vulnerability (CVE-2017-11843)
1008712 - Microsoft Internet Explorer And Edge Scripting Engine Memory Corruption Vulnerability (CVE-2017-11846)
1008699 - Microsoft Internet Explorer And Edge Scripting Engine Memory Corruption Vulnerability (CVE-2017-11858)
1008697 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2017-11855)
1008698 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2017-11856)
1008703 - Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CVE-2017-11869)
Web Proxy Apache
1006244* - Apache HTTP Server 'mod_cache' Module Remote Denial Of Service Vulnerability
Web Server Apache
1008556* - Apache Continuum Arbitrary Command Execution Vulnerability
1008683 - Apache HTTP Server Memory Corruption Vulnerability (CVE-2017-9788)
Web Server SAP
1008615* - SAP Netweaver Disp Work Request Resource Exhaustion Denial Of Service Vulnerability (CVE-2017-9845)
Integrity Monitoring Rules:
1006683* - TMTR-0016: Suspicious Running Processes Detected
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
Asterisk Server IAX2
1008467* - Asterisk Skinny Denial Of Service Vulnerability (CVE-2017-9358)
DHCPv6 Server
1008651* - Dnsmasq DHCPv6 Buffer Overflow Vulnerability (CVE-2017-14493)
DNS Client
1008650* - Dnsmasq Heap Buffer Overflow Vulnerability (CVE-2017-14491)
HP Intelligent Management Center WSM iNode
1008551* - HPE Intelligent Management Center Multiple Stack Buffer Overflow Vulnerabilities
Microsoft Office
1008695 - Microsoft Word Memory Corruption Vulnerability (CVE-2017-11854)
Remote Desktop Protocol Server
1003716* - Identified Too Many Remote Desktop Protocol (RDP) Connection Request
SSL/TLS Server
1008553* - GnuTLS DN Decoding Double Free Error Denial Of Service Vulnerability (CVE-2015-6251) - Server
Unix Kerberos
1008561 - Kerberos kadmind Policy Null Pointer Dereference Denial Of Service Vulnerability (CVE-2015-8630)
1008473* - MIT Kerberos Recvauth Message Handling Denial Of Service Vulnerability (CVE-2014-5355)
VoIP Smart
1008466* - Asterisk PJSIP Denial Of Service Vulnerability (CVE-2017-9359)
Web Application Common
1008530* - ImageMagick WritePTIFImage Denial Of Service Vulnerability (CVE-2017-11640) - 1
Web Client Common
1008538* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB17-24) - 5
1004133* - Heuristic Detection Of Malicious PDF Documents
1008716 - Microsoft Excel Memory Corruption Vulnerability (CVE-2017-11878)
1008630 - Microsoft Office Memory Corruption Vulnerability (CVE-2017-8631)
1008708 - Microsoft Windows Kernel Elevation Of Privilege Vulnerability (CVE-2017-11847)
Web Client Internet Explorer/Edge
1008710 - Microsoft Edge Memory Corruption Vulnerability (CVE-2017-11845)
1008704 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2017-11840)
1008705 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2017-11841)
1008701 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2017-11861)
1008706 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2017-11873)
1008696 - Microsoft Internet Explorer And Edge Scripting Engine Information Disclosure Vulnerability (CVE-2017-11791)
1008700 - Microsoft Internet Explorer And Edge Scripting Engine Memory Corruption Vulnerability (CVE-2017-11837)
1008707 - Microsoft Internet Explorer And Edge Scripting Engine Memory Corruption Vulnerability (CVE-2017-11843)
1008712 - Microsoft Internet Explorer And Edge Scripting Engine Memory Corruption Vulnerability (CVE-2017-11846)
1008699 - Microsoft Internet Explorer And Edge Scripting Engine Memory Corruption Vulnerability (CVE-2017-11858)
1008697 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2017-11855)
1008698 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2017-11856)
1008703 - Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CVE-2017-11869)
Web Proxy Apache
1006244* - Apache HTTP Server 'mod_cache' Module Remote Denial Of Service Vulnerability
Web Server Apache
1008556* - Apache Continuum Arbitrary Command Execution Vulnerability
1008683 - Apache HTTP Server Memory Corruption Vulnerability (CVE-2017-9788)
Web Server SAP
1008615* - SAP Netweaver Disp Work Request Resource Exhaustion Denial Of Service Vulnerability (CVE-2017-9845)
Integrity Monitoring Rules:
1006683* - TMTR-0016: Suspicious Running Processes Detected
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.