McAfee Host Intrusion Prevention Content 4865



Similar documents
Client Application Installation Guide

Ten Steps for an Easy Install of the eg Enterprise Suite

MaaS360 Cloud Extender

Deployment Overview (Installation):

Learn More Cloud Extender Requirements Cheat Sheet

Copyright 2013, SafeNet, Inc. All rights reserved. We have attempted to make these documents complete, accurate, and

Readme File. Purpose. Introduction to Data Integration Management. Oracle s Hyperion Data Integration Management Release 9.2.

SBClient and Microsoft Windows Terminal Server (Including Citrix Server)

risk2value System Requirements

Click Studios. Passwordstate. RSA SecurID Configuration

SMART Product Drivers 11.3 for Windows and Mac computers

Installation Guide Marshal Reporting Console

Avatier Identity Management Suite

Fermilab Time & Labor Desktop Computer Requirements

Exercise 5 Server Configuration, Web and FTP Instructions and preparatory questions Administration of Computer Systems, Fall 2008

Installation Guide Marshal Reporting Console

Alexsys Team 2 Service Desk

Release Notes. Intellex 4.3 Patch 7 update Network Client Patch 7 update. Applicable Software

Configuring BMC AREA LDAP Using AD domain credentials for the BMC Windows User Tool

Exercise 5 Server Configuration, Web and FTP Instructions and preparatory questions Administration of Computer Systems, Fall 2008

Mac-Lab/CardioLab Anti-Virus Information Software version 6.9.6

BASIC TECHNICAL FEATURE DESCRIPTION

User s Guide. Moduc Elements MagiCAD plugin

Webalo Pro Appliance Setup

CryptoMate64. USB Cryptographic Token. Technical Specifications V1.03. Subject to change without prior notice.

ISAM TO SQL MIGRATION IN SYSPRO

Getting started with Android

STIOffice Integration Installation, FAQ and Troubleshooting

Planning, Implementing, Managing and Maintaining a Microsoft Windows Server 2003 Environment for an MCSE on Windows 2000 Course No.

Diagnosis and Troubleshooting

Readme File. Purpose. What is Translation Manager 9.3.1? Hyperion Translation Manager Release Readme

o How AD Query Works o Installation Requirements o Inserting your License Key o Selecting and Changing your Search Domain

Introduction Getting help Getting started Prerequisites 5 Installation 6 Entering License Key 8 Checking Current License

E-Biz Web Hosting Control Panel

AvePoint High Speed Migration Supplementary Tools

Citrix XenApp 6.5 Basic Administration

SMART Meeting Pro PE. software SYSTEM ADMINISTRATOR S GUIDE

A Beginner s Guide to Building Virtual Web Servers

COURSE DETAILS. Introduction to Ethical Hacking. FootPrinting. What is Hacking. Who is a Hacker. Skills of a Hacker.

Best Practice - Pentaho BA for High Availability

McAfee Enterprise Security Manager. Data Source Configuration Guide. Infoblox NIOS. Data Source: September 2, Infoblox NIOS Page 1 of 8

Aras Innovator Internet Explorer Client Configuration

Citizen Service Management

NASDAQ BookViewer 2.0 User Guide

WatchDox for Windows User Guide

CMT for Coexistence Release Notes

Preparing to Deploy Reflection : A Guide for System Administrators. Version 14.1

Helpdesk Support Tickets & Knowledgebase

User Guide. Excel Data Management Pack (EDM-Pack) OnCommand Workflow Automation (WFA) Abstract PROFESSIONAL SERVICES. Date: December 2015

Software Distribution

FusionReactor Nagios Plugin

Creating automated reports using VBS AN 44

Release Notes. Dell SonicWALL Security firmware is supported on the following appliances: Dell SonicWALL Security 200

EWS Calendar List Web Part Sharepoint 2010 Installation Instructions

ca Securecenter Federation Runbook for Pivotal Cloud Foundry

Extending Microsoft Dynamics CRM 2013 Online Training

Fixes for CrossTec Enterprise Management System

Welcome to Remote Access Services (RAS)

How To Upgrade A Crptocard To A 6.4 Migratin Tl (Cpl) For A 6Th Generation Of A Crntl (Cypercoder) On A Crperd (Cptl) 6.

Client: Cisco Software VPN Client Version: or higher Platform: Windows 2000/XP & VISTA-32bit( )

E2E Express 3.0. Requirements

SpiraPlan & SpiraTeam Version Control Integration User Guide Inflectra Corporation

1) Update the AccuBuild Program to the latest version Version or later.

Blue Link Solutions Terminal Server Configuration How to Install Blue Link Solutions in a Terminal Server Environment

User Guide. Sysgem SysMan Remote Control. By Sysgem AG

State of Wisconsin Division of Enterprise Technology (DET) Distributed Database Hosting Service Offering Definition (SOD)

.Net Strong Authentication API

990 e-postcard FAQ. Is there a charge to file form 990-N (e-postcard)? No, the e-postcard system is completely free.

ABELMed Platform Setup Conventions

ATL: Atlas Transformation Language. ATL Installation Guide

GUARD1 /plus. PIPE Utility. User's Manual. Version 2.0

Picture Menu Web Part. AMREIN ENGINEERING AG Version 1.0

Traffic monitoring on ProCurve switches with sflow and InMon Traffic Sentinel

Aras Innovator Internet Explorer Client Configuration

Server 2008 R2 - Generic - Case

Intelligent Monitoring Configuration Tool

Instant Chime for IBM Sametime Quick Start Guide

Restricted Document. Pulsant Technical Specification

Polymorphic Shellcodes vs. Application IDSs

AvePoint Perimeter 1.6. Administrator Guide

KronoDesk Migration and Integration Guide Inflectra Corporation

Release Notes. Dell SonicWALL Security 8.0 firmware is supported on the following appliances: Dell SonicWALL Security 200

METU. Computer Engineering

Telelink 6. Installation Manual

Zscaler Cloud Update NEW FEATURES

Click here to open the library

Transcription:

McAfee Hst Intrusin Preventin Cntent 4865 Release Ntes 2013-04-09 Belw is the updated signature infrmatin fr the McAfee Hst Intrusin Preventin 7.0/8.0 cntent (versin 4865) New Windws Signatures Signature 2834: Java - Creatin f suspicius files in Temp flder Descriptin: - This event indicates an attempt by Java t create suspicius files in temp flder - This signature is set t level Medium by default. Signature 2836: Remte Desktp Client Mstscax Remte Cde Executin Vulnerability Descriptin: - This event indicates an attempt t explit a vulnerability in Micrsft Remte Desktp Client Mstscax that culd allw attackers t execute cde remtely (CVE-2013-1296). - This signature is set t level Lw by default. Signature 2837: Micrsft Antimalware Client Privilege Escalatin Vulnerability Descriptin: - This event indicates an attempt t explit a vulnerability in Micrsft Antimalware Client Mstscax that culd allw attackers t escalate their privileges n the machine (CVE-2013-0078). - This signature is set t level Lw by default. Updated Windws Signatures [BugFix] Signature 2229: Vulnerabilities in Remte Desktp Client Culd Allw Remte Cde Executin Descriptin: - The signature descriptin has been updated with the CVE reference. [BugFix] Signature 2802: Java Envelpe - Creatin f suspicius files in Temp flder Descriptin: - The signature has been mdified t enhance prtectin.

[BugFix] Signature 6013: Suspicius Functin Invcatin - CALL Nt Fund Descriptin: - The signature has been mdified t reduce false psitives. [BugFix] Signature 6015: Suspicius Functin Invcatin - Target Address Mismatch Descriptin: - The signature has been mdified t reduce false psitives. [BugFix]: Cmpatibility issue with ep5.0 has been fixed. [BugFix]: HIP cntent has been mdified t reduce false psitives in Bt time prtectin. [Imprvement]: Supprt fr Windws 8 and Windws 2012 Server Descriptin: - Windws 8 and Windws 2012 Server platfrm supprt has been added. - This requires Hst Intrusin Preventin client Versin 8.0 Patch 3 and abve. [Imprvement]: HIP Cntent prject- Cmpiler migratin t a newer versin Descriptin: - The cmpiler has been migrated t a newer versin making use f the security features available with the new cmpiler versin. - The fllwing signatures have been affected Signature 2201: Vulnerabilities in Windws Search Culd Allw Remte Cde Executin (CVE-2008-4269) Signature 2202: Vulnerabilities in GDI Culd Allw Remte Cde Executin (CVE-2008-2249) Signature 2207: WMP Vulnerability Culd Allw an Authenticatin Reflectin Attack by WMS Signature 2212: Vulnerabilities in Windws Win32k Kernel Culd Allw Remte Cde Executin Signature 2213: Vulnerability in Micrsft Exchange EMSMDB32 Culd Allw Denial f Service Signature 2222: Print Spler Lad Library Vulnerability Signature 2228: Vulnerability in Wrkstatin Service Culd Allw Elevatin f Privilege Signature 2239: Vulnerability in License Lgging Server Culd Allw Remte Cde Executin Signature 2251: Vulnerability in Windws Shell Handler Culd Allw Remte Cde Executin Signature 2272: Pssible Print Spler Service Impersnatin Attempt Detected Signature 2280: Vulnerability in Netlgn RPC Service Culd Allw Denial f Service Signature 2285: Active Directry SPN Validatin Vulnerability

Signature 2779: TDSS Rtkit Infectin Signature 2819: Windws Enumerate File Vulnerability Signature 2830: Blck User Creatin This signature is nt supprted n Windws 2000 Server and 64 bit platfrms Signature 3727: IE drag and drp file installatin Signature 3728: MSRPC LLSSRV Buffer Overflw Signature 3730: Windws Explrer MSHTA Script Executin Signature 3731: URL Decding Zne Spfing Vulnerability Signature 3733: Windws Messenger Service Buffer Overflw Signature 3734: Print Spler Service Buffer Overflw Signature 3735: Plug and Play Buffer Overflw (Ztb) Signature 3736: Telephny Service Buffer Overflw Signature 3738: MSDTC RPC Vulnerability Signature 3739: Windws Plug-and-Play Buffer Overflw Vulnerability 2 Signature 3740: Client Services Fr Netware Vulnerability Signature 3741: Windws Metafile Heap Overflw Vulnerability Signature 3742: Windws Enhanced Metafile Heap Overflw Vulnerability Signature 3744: Graphics Rendering Engine Vulnerability Signature 3749: Internet Explrer HTA Executin Vulnerability Signature 3750: Remte COM Activatin by Desktp.ini Vulnerability Signature 3752: MSDTC RPC DS Vulnerability Signature 3757: MSHTA Directry Traversal Vulnerability Signature 3758: Management Cnsle Vulnerability Signature 3759: MHTML Parsing Vulnerability Signature 3760: Internet Explrer FTP Cmmand Injectin Vulnerability Signature 3761: Winsck Hstname Vulnerability Signature 3762: IE SurceURL NULL Dereference Vulnerability Signature 3763: Windws Kernel Elevatin f Privilege Vulnerability Signature 3767: Windws Server Service Buffer Overflw Vulnerability (2) Signature 3768: Windws Server Service Buffer Overflw Vulnerability (Tighter Security) Signature 3769: Windws Metafile Denial f Service Vulnerability Signature 3771: Vulnerability in Indexing Service Culd Allw Crss-Site Scripting Signature 3772: Client Services fr Netware BO Vulnerability Signature 3775: Windws Shell Vulnerability in WebViewFlderIcn Signature 3777: Windws ASN.1 Heap Overflw Vulnerability Signature 3778: Internet Explrer 7 Address Bar Spfing Vulnerability Signature 3780: IPNATHLP.DLL Malfrmed DNS Denial f Service Signature 3781: Netware Driver Denial f Service Vulnerability Signature 3782: Vulnerability in Wrkstatin Service Culd Allw Remte Cde Executin

Signature 3783: Vulnerability in Visual Studi 2005 Culd Allw Remte Cde Executin Signature 3791: Vulnerability in Micrsft Rich Edit and Micrsft MFC Signature 3792: Vulnerability in Windws Media Player Culd Allw Remte Cde Executin Signature 3797: Micrsft Windws Message Queuing Buffer Overflw Vulnerability Signature 3799: Vulnerability in Windws Media Player ASX PlayList File Signature 3805: Adbe Dwnlad Manager Stack Overflw Vulnerability Signature 3812: Adbe Reader Plug-in Crss-Site Scripting Vulnerability (2) Signature 3815: Vulnerability in Windws Image Acquisitin Service Culd Allw Elevatin f Privilege Signature 3822: Vulnerability in Windws Shell Culd Allw Elevatin f Privilege Signature 3825: CAPICOM.DLL Imprper Arguments Vulnerability Signature 3830: Internet Explrer 7 'navcancl' Address Bar Spfing Vulnerability Signature 3832: EMF Elevatin f Privilege Vulnerability Signature 3836: GDI Incrrect Parameter Elevatin f Privilege Vulnerability Signature 3838: Windws Animated Cursr Handling vulnerability Signature 3839: Micrsft Agent URL Parsing Vulnerability Signature 3840: Vulnerability in RPC n Windws DNS Server Culd Allw Remte Cde Executin Signature 3847: Vulnerability in Win32 API Culd Allw Remte Cde Executin Signature 3849: URL Redirect Vulnerability in MHTML Prtcl Handler via Internet Explrer Signature 3850: IE and OE Crss Dmain Security Bypass Vulnerability Signature 3853: Cmmand Injectin flaw in IE/Firefx Signature 3855: Firefx Illegal URL Qutes Vulnerability Signature 3858: Vulnerability in OLE Autmatin Culd Allw Remte Cde Executin Signature 3864: MS Agent Buffer Overflw Vulnerability Signature 3865: Vulnerability in Windws UNIX Services culd allw elevatin f privilege Signature 3866: Vulnerability in Apple QuickTime 'qtnext' attribute culd allw remte cde executin Signature 3868: Vulnerability in ShellExecute Culd Allw Remte Cde Executin Signature 3918: Outlk mailt URI Handling Vulnerability Signature 3924: Vulnerability in Windws GDI32 Culd Allw Remte Cde Executin Signature 3926: IBM Ltus Expeditr cai: URI handling Vulnerability

Signature 3939: Vulnerability in Micrsft Windws Image Clr Management System Culd Allw Remte Cde Executin Signature 3947: OneNte URI Validatin Errr Vulnerability Signature 3948: Windws Metafile Remte Cde Executin Vulnerability Signature 3958: Vulnerability in Message Queuing Culd Allw Remte Cde Executin Signature 3961: Vulnerability in Server Service Culd Allw Remte Cde Executin Signature 3965: Adbe Acrbat util.printf Buffer Overflw Signature 6001: Suspicius Data Sequence in Javascript Signature 6026: Vulnerability in Event System culd allw Remte Cde Executin Signature 6027: Vulnerability in GDI culd allw Remte Cde Executin Signature 6028: Vulnerability in Windws Shell Handler URL Validatin Culd Allw Remte Cde Executin Signature 6033: Shrtcut Icn Lading Vulnerability Signature 6034: IE createtextrange Vulnerability Signature 6039: Vulnerability in Windws Culd Allw Remte Cde Executin using maliciusly crafted DVR-MS file Hw t Update Yu need t check in the update package t the epo Repsitry, and then send the updated infrmatin t the agents. Please refer t Updating in Chapter 8 f Hst Intrusin Preventin Prduct Guide

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information