Update Details
Update #3092 (08/17/2018)
10 deprecated signatures:
| HIGH | DOS:WINDOWS:WINNUKE-NETBIOS | DOS: WinNuke (netbios) | Removal Date: 08/23/2018 | Reason For Deprecation: Very old cve sig for EOS products. |
| LOW | SCAN:CYBERCOP:FINGER-QUERY | SCAN: Cybercop Finger Query | Removal Date: 08/23/2018 | Reason For Deprecation: This signature is for End of support products. |
| HIGH | IP:SRC-ROUTE-OF | IGMP: Source Route Overflow | Removal Date: 08/23/2018 | Reason For Deprecation: This signature is for End of support products. |
| HIGH | DOS:IP:IGMP-OVERSIZE | DOS: IGMP Oversize | Removal Date: 08/23/2018 | Reason For Deprecation: This signature is for End of support products. |
| HIGH | NETBIOS:DOS:RFPOISON | NETBIOS RFPoision DOS Attack | Removal Date: 08/23/2018 | Reason For Deprecation: Very old cve sig for EOS products. |
| MEDIUM | FINGER:USER:ROOT | FINGER: User "root" | Removal Date: 08/23/2018 | Reason For Deprecation: Very old cve sig for EOS products. |
| MEDIUM | HTTP:STC:CLSID:ACTIVEX:WH32-OF | HTTP: WinHelp32.exe Remote Buffer Overrun | Removal Date: 08/23/2018 | Reason For Deprecation: Very old cve sig for EOS products. |
| MEDIUM | SMB:MS-WIN-2000-LANMAN-UDP-DOS | SMB: Microsoft Windows 2000 Lanman UDP Denial of Service | Removal Date: 08/23/2018 | Reason For Deprecation: Very old cve sig for EOS products. |
| MEDIUM | FINGER:USER:SLASH-FILE | FINGER: / File Query | Removal Date: 08/23/2018 | Reason For Deprecation: This signature is for End of support products. |
| INFO | SCAN:MISC:HTTP:FINGER-PROBE | SCAN: Finger Probe | Removal Date: 08/23/2018 | Reason For Deprecation: This signature is for End of support products. |
Customers are suggested to remove the deprecated signatures from the IDP policy, if they are explicitly configured, other than Dynamic groups
1 new signature:
| HIGH | HTTP:STC:IE:CVE-2018-8371-MC | HTTP: Microsoft Scripting Engine CVE-2018-8371 Memory Corruption |
Details of the signatures included within this bulletin:
HTTP:STC:IE:CVE-2018-8371-MC - HTTP: Microsoft Scripting Engine CVE-2018-8371 Memory Corruption
Severity: HIGH
Description:
This signature detects an attempt to exploit a known vulnerability against Microsoft Scripting Engine. Successful exploitation could allow an attacker to execute arbitrary code.
Supported On:
idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, srx-17.4, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, vsrx3bsd-18.2, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, idp-5.0.0, srx-18.2, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, idp-5.1.110170603, vsrx-15.1
References:
- cve: CVE-2018-8371