8 new signatures:
HIGH | APP:MISC:EMC-AS-INSECUREOPS | APP: EMC AutoStart Insecure Operations RCE Attempt |
HIGH | APP:HP-INSIGHT-MANAGER-RCE | APP: Hewlett-Packard Insight Manager JMX Remote Method Invocation Remote Code Execution |
MEDIUM | HTTP:STC:ADOBE:CVE-2015-0302-ID | HTTP: Adobe Flash Player CVE-2015-0302 Information Disclosure |
HIGH | SSL:OPENSSL-DTLS-MEMEXHTN_DOS | SSL: OpenSSL DTLS dtls1_buffer_record Denial of Service |
HIGH | HTTP:DIR:MANAGEENGINE | HTTP: ManageEngine Multiple Products File Attachment Directory Traversal |
HIGH | HTTP:CGI:LANDSK-UPLOAD-RCE | HTTP: LANDesk Management Suite Remote Code Execution |
MEDIUM | APP:VINZANT-ARCHTCTR-AUTHWKNESS | APP: Vinzant Global ECS Architectural Authentication Weakness |
HIGH | HTTP:ORACLE:JNLP-CODE-EXEC | HTTP: Oracle Sun Java JRE Arbitrary Code Execution |
3 updated signatures:
HIGH | HTTP:STC:IE:9-UAF-RCE | HTTP: Microsoft Internet Explorer 9 Use-After-Free Remote Code Execution |
HIGH | HTTP:STC:IE:SELECT-ELEMENT-RCE | HTTP: Microsoft Internet Explorer Select Element Remote Code Execution |
HIGH | HTTP:STC:ADOBE:FLASH-CVE15-0308 | HTTP: Adobe Flash Player CVE-2015-0308 Buffer Overflow |
This signature detects an attempt to exploit a known vulnerability against EMC AutoStart application. Successful exploitation could allow an attacker to execute arbitrary codes through crafting a malicious payload through TCP/8045 which in turn could lead to further attacks.
idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, idp-4.2.0, idp-5.0.0, mx-9.4, isg-3.4.0, isg-3.5.0, srx-9.2, srx-branch-9.4, j-series-9.5, idp-4.2.110100823, srx-10.0, srx-branch-10.0, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, srx-11.4, srx-branch-11.4, idp-4.1.110110719, mx-11.4, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, isg-3.5.140773, idp-5.1.110140626, isg-3.5.140842, idp-5.1.110140822
This signature detects attempts to exploit a known vulnerability against Hewlett-Packard Insight Manager. A successful exploit can lead to the remote code execution.
idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, idp-4.2.0, idp-5.0.0, mx-9.4, isg-3.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, srx-9.2, srx-branch-9.4, j-series-9.5, idp-4.2.110100823, srx-10.0, srx-branch-10.0, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, srx-11.4, srx-branch-11.4, idp-4.1.110110719, mx-11.4, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, isg-3.5.140773, idp-5.1.110140626, isg-3.5.140842, idp-5.1.110140822
This signature detects attempts to exploit a known vulnerability in Adobe Flash Player. A successful attack can lead to unauthorized disclosure of sensitive information.
srx-branch-11.4, mx-11.4, idp-4.1.0, mx-9.4, srx-9.2, srx-branch-9.4, j-series-9.5, srx-12.1, srx-branch-12.1, srx-10.0, srx-branch-10.0, vsrx-12.1, isg-3.5.140773, idp-5.1.110140626, isg-3.5.140842, idp-5.1.110140822, srx-11.4
This signature detects attempts to exploit a known vulnerability against OpenSSL DTLS packets. A successful attack can result in a denial-of-service condition.
idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, idp-4.2.0, idp-5.0.0, mx-9.4, isg-3.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, srx-9.2, srx-branch-9.4, j-series-9.5, idp-4.2.110100823, srx-10.0, srx-branch-10.0, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, srx-11.4, srx-branch-11.4, idp-4.1.110110719, mx-11.4, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, isg-3.5.140773, idp-5.1.110140626, isg-3.5.140842, idp-5.1.110140822
This signature detects directory traversal attack attempts on ManageEngine ServiceDesk Plus, AssetExplorer, SupportCenter and IT360. A successful attack scenario, the attacker can execute arbitrary code with SYSTEM privileges by placing executable files in critical locations.
idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, idp-4.2.0, idp-5.0.0, mx-9.4, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, srx-9.2, srx-branch-9.4, j-series-9.5, idp-4.2.110100823, srx-10.0, srx-branch-10.0, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, srx-11.4, srx-branch-11.4, idp-4.1.110110719, mx-11.4, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, isg-3.5.140773, idp-5.1.110140626, isg-3.5.140842, idp-5.1.110140822
This signature detects attempts to exploit a known flaw in Microsoft Internet Explorer. A successful attack would result in arbitrary code execution.
idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, idp-4.2.0, idp-5.0.0, mx-9.4, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, srx-9.2, srx-branch-9.4, j-series-9.5, idp-4.2.110100823, srx-10.0, srx-branch-10.0, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, srx-11.4, srx-branch-11.4, idp-4.1.110110719, mx-11.4, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, isg-3.5.140773, idp-5.1.110140626, isg-3.5.140842, idp-5.1.110140822
This signature detects an attempt to exploit a remote code execution vulnerability in LANDesk management suite. Successful exploitation could allow an attacker to execute arbitrary codes into the context of the running application.
idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, idp-4.2.0, idp-5.0.0, mx-9.4, isg-3.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, srx-9.2, srx-branch-9.4, j-series-9.5, idp-4.2.110100823, srx-10.0, srx-branch-10.0, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, srx-11.4, srx-branch-11.4, idp-4.1.110110719, mx-11.4, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, isg-3.5.140773, idp-5.1.110140626, isg-3.5.140842, idp-5.1.110140822
This signature detects Architectural Authentication Weakness attempts on Vinzant Global ECS Agent. In a successful attack scenario, the attacker can execute arbitrary code with SYSTEM privileges by placing executable files in critical locations
idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, idp-4.2.0, idp-5.0.0, mx-9.4, isg-3.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, srx-9.2, srx-branch-9.4, j-series-9.5, idp-4.2.110100823, srx-10.0, srx-branch-10.0, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, srx-11.4, srx-branch-11.4, idp-4.1.110110719, mx-11.4, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, isg-3.5.140773, idp-5.1.110140626, isg-3.5.140842, idp-5.1.110140822
This signature detects attempts to exploit a known vulnerability against Microsoft Internet Explorer 9. A successful attack can lead to arbitrary code execution.
idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, idp-4.2.0, idp-5.0.0, mx-9.4, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, srx-9.2, srx-branch-9.4, j-series-9.5, idp-4.2.110100823, srx-10.0, srx-branch-10.0, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, srx-11.4, srx-branch-11.4, idp-4.1.110110719, mx-11.4, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, isg-3.5.140773, idp-5.1.110140626, isg-3.5.140842, idp-5.1.110140822
This signature detects attempts to exploit a known vulnerability in Adobe Flash Player. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the targeted application.
srx-branch-11.4, mx-11.4, idp-4.1.0, mx-9.4, srx-9.2, srx-branch-9.4, j-series-9.5, srx-12.1, srx-branch-12.1, srx-10.0, srx-branch-10.0, vsrx-12.1, isg-3.5.140773, idp-5.1.110140626, isg-3.5.140842, idp-5.1.110140822, srx-11.4
This signature detects an attempt to exploit a security restriction bypass vulnerability against Oracle JRE. Successful exploitation could allow an attacker to execute arbitrary codes through crafting a malicious JNLP file which could lead to further attacks.
idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, idp-4.2.0, idp-5.0.0, mx-9.4, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, srx-9.2, srx-branch-9.4, j-series-9.5, idp-4.2.110100823, srx-10.0, srx-branch-10.0, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, srx-11.4, srx-branch-11.4, idp-4.1.110110719, mx-11.4, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, isg-3.5.140773, idp-5.1.110140626, isg-3.5.140842, idp-5.1.110140822