Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Update Details

Security Intelligence Center
Print

Update #2998 (10/12/2017)

7 new signatures:

HIGHHTTP:STC:IE:MS-CVE-2017-8755-MCHTTP: Microsoft Edge Scripting Engine CVE-2017-8755 Remote Memory Corruption
HIGHHTTP:STC:IE:MS-CVE-2017-8740-MCHTTP: Microsoft Edge Scripting Engine CVE-2017-8740 Remote Memory Corruption
MEDIUMSMB:SAMBA:SAMBA-SMB1-IDSMB: Samba SMB1 Information Disclosure
HIGHAPP:MISC:ELASTICSEARCH-DESERAPP: Elastic Elasticsearch ThrowableObjectInputStream Insecure Deserialization
HIGHHTTP:STC:IE:CVE-2017-8734-OOBHTTP: Microsoft Edge COptionsCollectionCacheItem Out of Bounds Read
MEDIUMHTTP:STC:DL:MS-CVE-2017-8676-IDHTTP: Microsoft Windows Graphics Component CVE-2017-8676 Information Disclosure
HIGHAPP:GAME:HEROS-OF-MAGIC-BOFAPP: Heros Of Might And Magic Buffer Overflow

1 renamed signature:

TFTP:OPEN-TFTP-SERVER-ERROR-PKT-HANDL-BO->TFTP:OPEN-TFTP-SERVER-ERROR-BO


Details of the signatures included within this bulletin:

HTTP:STC:IE:MS-CVE-2017-8755-MC - HTTP: Microsoft Edge Scripting Engine CVE-2017-8755 Remote Memory Corruption

Severity: HIGH

Description:

This signature detects an attempt to exploit a known vulnerability against Microsoft Edge. Successful exploitation of this issue may grant an attacker remote code execution.

Supported On:

isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, idp-5.0.0, isg-3.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, vsrx-15.1, isg-3.5.141597, idp-5.1.110160603

References:

  • bugtraq: 100778
  • cve: CVE-2017-8755

SMB:SAMBA:SAMBA-SMB1-ID - SMB: Samba SMB1 Information Disclosure

Severity: MEDIUM

Description:

This signature detects attempts to exploit a known vulnerability in the SMB1 component of Samba. Successful exploitation results in the disclosure of server memory contents into the file that is being written to.

Supported On:

isg-3.5.141652, idp-5.1.110161014, idp-4.1.110110719, mx-11.4, mx-16.1, srx-17.3, vmx-17.4, isg-3.4.139899, j-series-9.5, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, idp-5.0.110121210, vsrx-15.1, idp-4.1.110110609, isg-3.5.141597, idp-5.1.110160603

References:

  • cve: CVE-2017-12163

HTTP:STC:IE:MS-CVE-2017-8740-MC - HTTP: Microsoft Edge Scripting Engine CVE-2017-8740 Remote Memory Corruption

Severity: HIGH

Description:

This signature detects an attempt to exploit a known vulnerability against Microsoft Edge. Successful exploitation of this issue may grant an attacker remote code execution.

Supported On:

isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, idp-5.0.0, isg-3.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, vsrx-15.1, isg-3.5.141597, idp-5.1.110160603

References:

  • bugtraq: 100763
  • cve: CVE-2017-8740

APP:MISC:ELASTICSEARCH-DESER - APP: Elastic Elasticsearch ThrowableObjectInputStream Insecure Deserialization

Severity: HIGH

Description:

This signature detects attempts to exploit a known vulnerability in Elastic Elasticsearch. Successful exploitation could result in arbitrary code execution with the privileges of the affected java process.

Supported On:

isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, idp-5.0.0, isg-3.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, vsrx-15.1, isg-3.5.141597, idp-5.1.110160603

References:

  • cve: CVE-2015-5377

HTTP:STC:IE:CVE-2017-8734-OOB - HTTP: Microsoft Edge COptionsCollectionCacheItem Out of Bounds Read

Severity: HIGH

Description:

This signature detects attempts to exploit a known vulnerability in Microsoft Edge. Successful exploitation could lead to arbitrary code execution in the security context of the target user.

Supported On:

isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, idp-5.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, vsrx-15.1, isg-3.5.141597, idp-5.1.110160603

References:

  • bugtraq: 100738
  • cve: CVE-2017-8734

HTTP:STC:DL:MS-CVE-2017-8676-ID - HTTP: Microsoft Windows Graphics Component CVE-2017-8676 Information Disclosure

Severity: MEDIUM

Description:

This signature detects attempts to exploit a known vulnerability in the Graphics Device Interface component of Microsoft Windows. Successful exploitation could result in disclosure of information which could be used to further compromise the target system.

Supported On:

isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, idp-5.0.0, isg-3.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, vsrx-15.1, isg-3.5.141597, idp-5.1.110160603

References:

  • bugtraq: 100755
  • cve: CVE-2017-8676

TFTP:OPEN-TFTP-SERVER-ERROR-BO - TFTP: OpenTFTP Server Error Packet Handling Buffer Overflow

Severity: HIGH

Description:

This signature detects attempts to exploit a known vulnerability against the OpenTFTP Server. A successful attack can lead to arbitrary code execution.

Supported On:

isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, idp-5.0.0, isg-3.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, vsrx-15.1, isg-3.5.141597, idp-5.1.110160603

References:

  • cve: CVE-2008-2161
  • bugtraq: 29111

Affected Products:

  • TFTP Server SP 1.4

APP:GAME:HEROS-OF-MAGIC-BOF - APP: Heros Of Might And Magic Buffer Overflow

Severity: HIGH

Description:

This signature attempts to capture buffer overflow vulnerability in Heros of Might and Magic III. Remote attacker can use this to cause remote shellcode execution.

Supported On:

isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, idp-5.0.0, isg-3.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, vsrx-15.1, isg-3.5.141597, idp-5.1.110160603

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out