* Talos combines our security experts from TRAC, SecApps, and VRT teams.
This SRU number: 2018-01-31-002
Previous SRU number: 2018-01-29-001
Applies to:
This SEU number: 1791
Previous SEU: 1789
Applies to:
This is the complete list of rules added in SRU 2018-01-31-002 and SEU 1791.
The format of the file is:
GID - SID - Rule Group - Rule Message - Policy State
The Policy State refers to each default Sourcefire policy, Connectivity, Balanced and Security.
The default passive policy state is the same as the Balanced policy state with the exception of alert being used instead of drop.
Note: Unless stated explicitly, the rules are for the series of products listed above.
| GID | SID | Rule Group | Rule Message | Policy State | ||
|---|---|---|---|---|---|---|
| Con. | Bal. | Sec. | ||||
| 1 | 17663 | SERVER-OTHER | Apple CUPS SGI image decoding buffer overflow attempt | off | off | off |
| 1 | 45571 | SERVER-OTHER | Commvault Communications Service command injection attempt | off | off | off |
| 1 | 45574 | MALWARE-CNC | Win.Trojan.xxmm second stage configuration download attempt | off | drop | drop |
| 3 | 45575 | SERVER-OTHER | Cisco ASA VPN aggregateAuthDataHandler double free attempt | off | drop | drop |
| 1 | 45576 | BROWSER-FIREFOX | Mozilla Firefox Javascript Function focus overflow attempt | off | off | off |
| 1 | 45585 | SERVER-WEBAPP | PMSotware Simple Web Server connection header buffer overflow attempt | off | off | off |
| 1 | 45591 | PROTOCOL-FTP | LabF nfsAxe FTP Client buffer overflow attempt | off | off | off |
| GID | SID | Rule Group | Rule Message | Policy State | ||
|---|---|---|---|---|---|---|
| Con. | Bal. | Sec. | ||||
| 1 | 45577 | PROTOCOL-VOIP | Mr.SIP invite request denial of service attempt | off | off | off |
| 1 | 45578 | PROTOCOL-VOIP | Mr.SIP options request denial of service attempt | off | off | off |
| 1 | 45579 | PROTOCOL-VOIP | Mr.SIP subscribe request denial of service attempt | off | off | off |
| 1 | 45580 | PROTOCOL-VOIP | Mr.SIP invite request denial of service attempt | off | off | off |
| 1 | 45581 | PROTOCOL-VOIP | Mr.SIP options request denial of service attempt | off | off | off |
| 1 | 45582 | PROTOCOL-VOIP | Mr.SIP subscribe request denial of service attempt | off | off | off |
| 1 | 45583 | PROTOCOL-VOIP | Mr.SIP SIP servers discovery attempt | off | off | off |
| 1 | 45584 | PROTOCOL-VOIP | Mr.SIP SIP servers discovery attempt | off | off | off |
| 1 | 45586 | FILE-MULTIMEDIA | Microsoft Windows Media Player or Explorer Malformed MIDI File DOS attempt | off | off | off |
| 1 | 45587 | SERVER-OTHER | Firefly Media Server malformed HTTP request denial of service attempt | off | off | off |
| 1 | 45588 | SERVER-OTHER | Firefly Media Server malformed HTTP request denial of service attempt | off | off | off |
| 1 | 45589 | SERVER-OTHER | Firefly Media Server malformed HTTP request denial of service attempt | off | off | off |
| 1 | 45590 | SERVER-OTHER | Firefly Media Server malformed HTTP request denial of service attempt | off | off | off |