Rule Update
17-045 (September 12, 2017)
DESCRIPTION
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
SSH Client
1008580 - OpenSSH Forward Option Handler Buffer Overflow Vulnerability (CVE-2016-0778)
Web Application Common
1005402* - Identified Suspicious User Agent In HTTP Request
1008512 - ImageMagick Denial Of Service Vulnerability (CVE-2017-9261) - 1
1008418* - ImageMagick Memory Corruption Vulnerability (CVE-2016-8862)
1008540 - ImageMagick ReadMATImage Information Disclosure Vulnerability (CVE-2017-11644) - 1
1008542 - ImageMagick ReadMATImage Information Disclosure Vulnerability (CVE-2017-11724) - 1
Web Client Common
1008511 - ImageMagick Denial Of Service Vulnerability (CVE-2017-9261)
1008539 - ImageMagick ReadMATImage Information Disclosure Vulnerability (CVE-2017-11644)
1008541 - ImageMagick ReadMATImage Information Disclosure Vulnerability (CVE-2017-11724)
1008604 - Microsoft Windows .NET Framework Remote Code Execution Vulnerability (CVE-2017-8759)
1008602 - Microsoft Windows PDF Library Multiple Remote Code Execution Vulnerabilities (Sep-2017)
1008592 - Microsoft Windows Win32k Graphics Remote Code Execution Vulnerability (CVE-2017-8682)
Web Client Internet Explorer/Edge
1008594 - Microsoft Edge Memory Corruption Vulnerability (CVE-2017-8731)
1008595 - Microsoft Edge Memory Corruption Vulnerability (CVE-2017-8734)
1008603 - Microsoft Edge Remote Code Execution Vulnerability (CVE-2017-8757)
1008484* - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2017-8601)
1008564 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2017-8634)
1008566 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2017-8640)
1008597 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2017-8738)
1008601 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2017-8753)
1008600 - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2017-8750)
1008598 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2017-8747)
1008599 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2017-8749)
Web Server Common
1008581 - Identified Suspicious IP Addresses In XFF HTTP Header
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
SSH Client
1008580 - OpenSSH Forward Option Handler Buffer Overflow Vulnerability (CVE-2016-0778)
Web Application Common
1005402* - Identified Suspicious User Agent In HTTP Request
1008512 - ImageMagick Denial Of Service Vulnerability (CVE-2017-9261) - 1
1008418* - ImageMagick Memory Corruption Vulnerability (CVE-2016-8862)
1008540 - ImageMagick ReadMATImage Information Disclosure Vulnerability (CVE-2017-11644) - 1
1008542 - ImageMagick ReadMATImage Information Disclosure Vulnerability (CVE-2017-11724) - 1
Web Client Common
1008511 - ImageMagick Denial Of Service Vulnerability (CVE-2017-9261)
1008539 - ImageMagick ReadMATImage Information Disclosure Vulnerability (CVE-2017-11644)
1008541 - ImageMagick ReadMATImage Information Disclosure Vulnerability (CVE-2017-11724)
1008604 - Microsoft Windows .NET Framework Remote Code Execution Vulnerability (CVE-2017-8759)
1008602 - Microsoft Windows PDF Library Multiple Remote Code Execution Vulnerabilities (Sep-2017)
1008592 - Microsoft Windows Win32k Graphics Remote Code Execution Vulnerability (CVE-2017-8682)
Web Client Internet Explorer/Edge
1008594 - Microsoft Edge Memory Corruption Vulnerability (CVE-2017-8731)
1008595 - Microsoft Edge Memory Corruption Vulnerability (CVE-2017-8734)
1008603 - Microsoft Edge Remote Code Execution Vulnerability (CVE-2017-8757)
1008484* - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2017-8601)
1008564 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2017-8634)
1008566 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2017-8640)
1008597 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2017-8738)
1008601 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2017-8753)
1008600 - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2017-8750)
1008598 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2017-8747)
1008599 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2017-8749)
Web Server Common
1008581 - Identified Suspicious IP Addresses In XFF HTTP Header
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.