2 new signatures:
HIGH | HTTP:FREERADIUS-DATAVP-WIMAX-BO | HTTP: FreeRADIUS data2vp_wimax Heap Buffer Overflow |
HIGH | SSL:CISCO-PRIME-PROVISIONING-DT | SSL: Cisco Prime Collaboration Provisioning logconfigtracer.jsp Directory Traversal |
3 updated signatures:
HIGH | HTTP:STC:STREAM:DIRECTX-MJPEG | HTTP: Microsoft DirectX Crafted MJPEG Stream Handling Code Execution |
HIGH | HTTP:STC:DL:REAL-3GP-FILE-MC | HTTP: RealPlayer 3GP File Handling Memory Corruption |
HIGH | HTTP:STC:IE:CVE-2016-7202-RCE | HTTP: Microsoft Internet Explorer CVE-2016-7202 Remote Code Execution |
1 renamed signature:
HTTP:MISC:HTTP-EMPTY-HDR-DOS | -> | HTTP:MISC:EMPTY-HDR-DOS |
This signature detects attempts to exploit a known vulnerability against RealPlayer. A successful attack can result in a server denial of service or arbitrary code execution.
isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, idp-5.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, vsrx-15.1, isg-3.5.141597, idp-5.1.110160603
This signature detects attempts to exploit a known vulnerability against Microsoft Internet Explorer. A successful attack can lead to arbitrary code execution.
isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, idp-5.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, vsrx-15.1, isg-3.5.141597, idp-5.1.110160603
This signature detects attempts to exploit a known vulerability against HTTP header for known web servers. Using a malicious HTTP client, attackers can send a maliciously crafted request that contains an empty Range or Connection header field to a Web server to crash the Web server daemon; the system must be manually restarted to restore service.
isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, idp-5.0.0, isg-3.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, vsrx-15.1, isg-3.5.141597, idp-5.1.110160603
This signature detects attempts to exploit a known vulnerability against Microsoft DirectX. A successful attack can lead to arbitrary code execution.
isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, idp-5.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, vsrx-15.1, isg-3.5.141597, idp-5.1.110160603
A heap-based buffer overflow vulnerability has been reported in FreeRADIUS. A remote attacker can exploit the vulnerability by sending a crafted RADIUS packet with a malformed WiMAX attribute with the continuation flag set. Successful exploitation could result in arbitrary code execution in the security context of the FreeRADIUS server.
isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, idp-5.0.0, isg-3.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, vsrx-15.1, isg-3.5.141597, idp-5.1.110160603
An information disclosure vulnerability has been reported in Cisco Prime Collaboration Provisioning. A remote, unauthenticated attacker can exploit this vulnerability by sending a crafted request to the target system. Successful exploitation results in the disclosure of the contents of arbitrary files from the target system.
isg-3.5.141652, idp-5.1.110161014, idp-4.1.110110719, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, idp-5.0.0, isg-3.4.0, isg-3.5.0, isg-3.4.139899, j-series-9.5, srx-12.1, srx-branch-12.1, idp-4.2.110100823, idp-5.0.110130325, mx-11.4, isg-3.4.140032, idp-4.2.110101203, vsrx-12.1, idp-5.1.0, idp-5.0.110121210, vsrx-15.1, idp-4.1.110110609, isg-3.5.141597, idp-5.1.110160603