Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Update Details

Security Intelligence Center
Print

Update #3117 (11/15/2018)

1 new signature:

MEDIUMHTTP:STC:DL:CVE-2018-8589-EOPHTTP: Microsoft Win32k CVE-2018-8589 Elevation of Privilege

3 new application2 signatures:

Web:OPERA-TURBOOpera turbo is the protocol used for the Opera browser.
Infrastructure:HPE-SIMHPE Insight Manager is an inventory and health monitoring software for HP enterprise class hardware and have basic support for other vendors. This plugin classify flows to the web UI, iLo, Linux servers running WBEM, and Windows servers with WMI.
Web:DATA-SAVERData Saver is an optional feature in Chrome. When activated, HTTP traffic will go through Google's proxy servers that will reduce traffic by compressing and optimizing data. By default, the connection to Google proxy servers is over HTTP/2 and encrypted. If the URL http://check.googlezip.net/connect is blocked, the connection to the proxy servers will be over HTTP/1.1 and unencrypted. HTTPS and traffic generated from Incognito mode won't be proxied. Data Saver can be activated in Chrome's settings on Android or through a Chrome extension on PC. Data Saver is not available on iOS.


Details of the signatures included within this bulletin:

HTTP:STC:DL:CVE-2018-8589-EOP - HTTP: Microsoft Win32k CVE-2018-8589 Elevation of Privilege

Severity: MEDIUM

Description:

This signature detects attempts to exploit a known vulnerability against Windows Win32k. A successful attack can lead to elevation of privileges.

Supported On:

idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, idp-5.0.0, vsrx-17.4, srx-branch-17.4, srx-17.4, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, vsrx3bsd-18.2, isg-3.5.0, srx-19.1, vsrx3bsd-19.1, vsrx-19.1, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, srx-branch-19.1, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, isg-3.5.141818, srx-18.2, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, isg-3.0.0, idp-5.1.110170603, vsrx-15.1

References:

  • cve: CVE-2018-8589

Web:OPERA-TURBO - OPERA-TURBO

Description:

Opera turbo is the protocol used for the Opera browser.

Supported On:

mx-11.4, srx-12.1, srx-branch-12.1, vsrx-15.1

Infrastructure:HPE-SIM - HPE-SIM

Description:

HPE Insight Manager is an inventory and health monitoring software for HP enterprise class hardware and have basic support for other vendors. This plugin classify flows to the web UI, iLo, Linux servers running WBEM, and Windows servers with WMI.

Supported On:

mx-11.4, srx-12.1, srx-branch-12.1, vsrx-15.1

Web:DATA-SAVER - DATA-SAVER

Description:

Data Saver is an optional feature in Chrome. When activated, HTTP traffic will go through Google's proxy servers that will reduce traffic by compressing and optimizing data. By default, the connection to Google proxy servers is over HTTP/2 and encrypted. If the URL http://check.googlezip.net/connect is blocked, the connection to the proxy servers will be over HTTP/1.1 and unencrypted. HTTPS and traffic generated from Incognito mode won't be proxied. Data Saver can be activated in Chrome's settings on Android or through a Chrome extension on PC. Data Saver is not available on iOS.

Supported On:

mx-11.4, srx-12.1, srx-branch-12.1, vsrx-15.1

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out