Rule Update
17-050 (October 17, 2017)
DESCRIPTION
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Asterisk Server IAX2
1008467 - Asterisk Skinny Denial Of Service Vulnerability (CVE-2017-9358)
DHCPv6 Server
1008651 - Dnsmasq DHCPv6 Buffer Overflow Vulnerability (CVE-2017-14493)
DNS Client
1008650 - Dnsmasq Heap Buffer Overflow Vulnerability (CVE-2017-14491)
HP Intelligent Management Center IMC Syslog Daemon
1008505* - HPE Intelligent Management Center (iMC) Remote Code Execution Vulnerability (CVE-2017-5815)
Microsoft Office
1008661 - Microsoft Office Memory Corruption Vulnerability (CVE-2017-11826)
1008629 - Microsoft Office Memory Corruption Vulnerability (CVE-2017-8744)
VoIP Smart
1008466 - Asterisk PJSIP Denial Of Service Vulnerability (CVE-2017-9359)
Web Application Common
1008606* - ImageMagick WritePSImage Information Disclosure Vulnerability (CVE-2017-11535) - 1
Web Client Common
1008667 - Adobe Flash Player Type Confusion Vulnerability (CVE-2017-11292)
1008655 - Microsoft JET Database Engine Remote Code Execution Vulnerability (CVE-2017-8717)
1008656 - Microsoft JET Database Engine Remote Code Execution Vulnerability (CVE-2017-8718)
Web Client Internet Explorer/Edge
1008657 - Microsoft Edge Information Disclosure Vulnerability (CVE-2017-11794)
1008153* - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2017-0037)
Web Server Apache
1008127* - Apache Commons File Upload Boundary Denial Of Service Vulnerability (CVE-2016-3092)
Web Server IIS
1004398* - Request Header Buffer Overflow Vulnerability
Web Server Miscellaneous
1008620* - Apache Struts Denial Of Service Vulnerability (CVE-2017-9793)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
Asterisk Server IAX2
1008467 - Asterisk Skinny Denial Of Service Vulnerability (CVE-2017-9358)
DHCPv6 Server
1008651 - Dnsmasq DHCPv6 Buffer Overflow Vulnerability (CVE-2017-14493)
DNS Client
1008650 - Dnsmasq Heap Buffer Overflow Vulnerability (CVE-2017-14491)
HP Intelligent Management Center IMC Syslog Daemon
1008505* - HPE Intelligent Management Center (iMC) Remote Code Execution Vulnerability (CVE-2017-5815)
Microsoft Office
1008661 - Microsoft Office Memory Corruption Vulnerability (CVE-2017-11826)
1008629 - Microsoft Office Memory Corruption Vulnerability (CVE-2017-8744)
VoIP Smart
1008466 - Asterisk PJSIP Denial Of Service Vulnerability (CVE-2017-9359)
Web Application Common
1008606* - ImageMagick WritePSImage Information Disclosure Vulnerability (CVE-2017-11535) - 1
Web Client Common
1008667 - Adobe Flash Player Type Confusion Vulnerability (CVE-2017-11292)
1008655 - Microsoft JET Database Engine Remote Code Execution Vulnerability (CVE-2017-8717)
1008656 - Microsoft JET Database Engine Remote Code Execution Vulnerability (CVE-2017-8718)
Web Client Internet Explorer/Edge
1008657 - Microsoft Edge Information Disclosure Vulnerability (CVE-2017-11794)
1008153* - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2017-0037)
Web Server Apache
1008127* - Apache Commons File Upload Boundary Denial Of Service Vulnerability (CVE-2016-3092)
Web Server IIS
1004398* - Request Header Buffer Overflow Vulnerability
Web Server Miscellaneous
1008620* - Apache Struts Denial Of Service Vulnerability (CVE-2017-9793)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.