Rule Update
17-055 (November 21, 2017)
DESCRIPTION
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
DCERPC Services
1008660 - Microsoft Windows SMB Out-Of-Bounds Read Denial Of Service Vulnerability (CVE-2017-11781)
Microsoft Office
1008746 - Microsoft Office Memory Corruption Vulnerability (CVE-2017-11882)
OpenSSL
1008715 - OpenSSL X.509 IPAddressFamily Extension Parsing Out-Of-Bounds Read Vulnerability (CVE-2017-3735) - Server
OpenSSL Client
1008714 - OpenSSL X.509 IPAddressFamily Extension Parsing Out-Of-Bounds Read Vulnerability (CVE-2017-3735) - Client
Solr Service
1008691 - Apache Solr XML External Entity Expansion Remote Code Execution (CVE-2017-12629)
Web Application PHP Based
1008548 - PHP Session Data Injection Vulnerability (CVE-2016-7125)
Web Client Common
1008739 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB17-36) - 1
1008744 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB17-36) - 2
1008743 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB17-36) - 3
1008745 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB17-36) - 4
1008735 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB17-36) - 5
1008736 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB17-36) - 6
1008740 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB17-36) - 7
1008738 - Adobe Flash Player Multiple Security Vulnerabilities (APSB17-33)
Web Server Miscellaneous
1007532* - JBoss Application Server Unauthenticated Remote Command Execution Vulnerability
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
DCERPC Services
1008660 - Microsoft Windows SMB Out-Of-Bounds Read Denial Of Service Vulnerability (CVE-2017-11781)
Microsoft Office
1008746 - Microsoft Office Memory Corruption Vulnerability (CVE-2017-11882)
OpenSSL
1008715 - OpenSSL X.509 IPAddressFamily Extension Parsing Out-Of-Bounds Read Vulnerability (CVE-2017-3735) - Server
OpenSSL Client
1008714 - OpenSSL X.509 IPAddressFamily Extension Parsing Out-Of-Bounds Read Vulnerability (CVE-2017-3735) - Client
Solr Service
1008691 - Apache Solr XML External Entity Expansion Remote Code Execution (CVE-2017-12629)
Web Application PHP Based
1008548 - PHP Session Data Injection Vulnerability (CVE-2016-7125)
Web Client Common
1008739 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB17-36) - 1
1008744 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB17-36) - 2
1008743 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB17-36) - 3
1008745 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB17-36) - 4
1008735 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB17-36) - 5
1008736 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB17-36) - 6
1008740 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB17-36) - 7
1008738 - Adobe Flash Player Multiple Security Vulnerabilities (APSB17-33)
Web Server Miscellaneous
1007532* - JBoss Application Server Unauthenticated Remote Command Execution Vulnerability
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.