Update Details
Update #2996 (10/05/2017)
3 new signatures:
| HIGH | NFS:LINUX-NFS-DOS | NFS: Linux Kernel NFSv4 nfsd PNFS Denial of Service |
| HIGH | APP:MISC:ALLMEDIASERVER-BO | APP: ALLMediaServer 0.8 Buffer Overflow |
| HIGH | APP:MSF-KORDIL-EDMS-AFU | APP: Kordil EDMS v2.2.60rc3 Unauthenticated Arbitrary File Upload |
1 updated signature:
| HIGH | HTTP:MISC:TM-TDA-RCE | HTTP: Trend Micro Threat Discovery Appliance Remote Command Execution |
Details of the signatures included within this bulletin:
NFS:LINUX-NFS-DOS - NFS: Linux Kernel NFSv4 nfsd PNFS Denial of Service
Severity: HIGH
Description:
This signature detects attempts to exploit a known vulnerability in the NFSv4 component of the Linux Kernel. Successful exploitation will result in a denial-of-service condition.
Supported On:
isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, idp-5.0.0, isg-3.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, vsrx-15.1, isg-3.5.141597, idp-5.1.110160603
References:
- bugtraq: 99298
- cve: CVE-2017-8797
Affected Products:
- linux linux_kernel 4.11.2
HTTP:MISC:TM-TDA-RCE - HTTP: Trend Micro Threat Discovery Appliance Remote Command Execution
Severity: HIGH
Description:
This signature detects attempts to exploit a known vulnerability against admin_sys_time.cgi script of Trend Micro Threat Discovery Appliancee. A remote authenticated attacker may exploit this vulnerability by sending a crafted request to the vulnerable CGI script. Successful exploitation could lead to arbitrary command injection.
Supported On:
isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, idp-5.0.0, isg-3.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, vsrx-15.1, isg-3.5.141597, idp-5.1.110160603
References:
- bugtraq: 97610
- cve: CVE-2016-7547
- url: https://asciinema.org/a/112480
Affected Products:
- trendmicro threat_discovery_appliance 2.6.1062
APP:MISC:ALLMEDIASERVER-BO - APP: ALLMediaServer 0.8 Buffer Overflow
Severity: HIGH
Description:
This signature attempts to capture a stack buffer overflow in ALLMediaServer. The vulnerability is caused due to a boundary error within the handling request.
Supported On:
isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, idp-5.0.0, isg-3.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, vsrx-15.1, isg-3.5.141597, idp-5.1.110160603
APP:MSF-KORDIL-EDMS-AFU - APP: Kordil EDMS v2.2.60rc3 Unauthenticated Arbitrary File Upload
Severity: HIGH
Description:
This signature detects attempts to exploit a known vulnerability in Kordil EDMS v2.2.60rc3. A successful attack can lead an unauthenticated user to upload arbitrary files to the server
Supported On:
isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, idp-5.0.0, isg-3.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, vsrx-15.1, isg-3.5.141597, idp-5.1.110160603