IPS Signature Database Versi: 5.4.25 Date:6 th November, 207 IPS Signature Database Release Notes Versi 5.4.25 ----------------------------------------------------------------------------------------------------------------------------- Release Notes --------------- Release Informati Upgrade Applicable IPS Signature Release Versi 5.4.24 Cyberoam Appliance Models CR35wi, CR35ia, CR25wi, CR25ia, CR25i, CR5wi, CR5i, isd25 Upgrade Informati Upgrade type: Automatic Compatibility Annotatis: Ne Introducti The Release Note document for IPS Signature Database Versi 5.4.25 includes support for the new signatures. The following sectis describe the release in detail. New IPS Signatures The Cyberoam Intrusi Preventi System shields the network from known attacks by matching the network traffic against the signatures in the IPS Signature Database. These signatures are developed to significantly increase detecti performance and reduce the false alarms. Report false positives at support@cyberoam.com alg with the applicati details. This IPS Release includes Twenty Two(22) signatures to address Four(4) vulnerabilities. New signature are added for the following Vulnerabilities: Page of 5 Document Versi.0-6//207
IPS Signature Database Release Notes Versi 5.4.25 Name CVE ID Rev No. Category Severity Applicable from Versi Edge 79 array use after free Edge 837 postmessage use after free Edge 840 scripting engine type cfusi Edge 84 Chakra Closure use after free Edge 845 custom property memory corrupti Edge 846 heap overflow Edge 855 memory corrupti exploitati Edge 858 scripting engine memory corrupti Internet Explorer 856 array memory corrupti FILE-IMAGE Adobe Acrobat 640 Pro malformed CommentExtensi FILE-PDF Adobe Acrobat Reader 6393 XI JavaScript annotati use after free IoT Reaper botnet 79 837 840 84 845 846 855 858 856 640 6393 Applicati and Software Applicati and Software Page 2 of 5 Document Versi.0-6//207
IPS Signature Database Release Notes Versi 5.4.25 IoT Reaper botnet outbound communicati new bot registered post compromise download post compromise download post compromise echo loader OS-WINDOWS Microsoft Windows 847 win32k.sys use after free 847 Operating System and Services Page 3 of 5 Document Versi.0-6//207
IPS Signature Database Release Notes Versi 5.4.25 Name: Name of the Signature. CVE ID: CVE Identificati Number. Comm Vulnerabilities and Exposures (CVE) provides reference of CVE Identifiers for publicly known informati security vulnerabilities. Rev No.: Threat signature revisi number. Category: Class type according to threat. Severity: Degree of severity. The levels of severity are described in the table below: Severity Level Severity Criteria Low 2 Moderate 3 High 4 Critical Applicable from Versi: Threat Signatures are available in a specified Cyberoam Firmware Versi and above. Page 4 of 5 Document Versi.0-6//207
IPS Signature Database Release Notes Versi 5.4.25 Important Notice Cyberoam Technologies Pvt. Ltd. has supplied this Informati believing it to be accurate and reliable at the time of printing, but is presented without warranty of any kind, expressed or implied. Users must take full respsibility for their applicati of any products. Cyberoam Technologies Pvt. Ltd. assumes no respsibility for any errors that may appear in this document. Cyberoam Technologies Pvt. Ltd. reserves the right, without notice to make changes in product design or specificatis. Informati is subject to change without notice. USER S LICENSE Use of this product and document is subject to acceptance of the terms and cditis of Cyberoam End User License Agreement (EULA) and Warranty Policy for Cyberoam UTM Appliances. You will find the copy of the EULA at http://www.cyberoam.com/documents/eula.html and the Warranty Policy for Cyberoam UTM Appliances at http://kb.cyberoam.com. RESTRICTED RIGHTS Copyright 999-205 Cyberoam Technologies Pvt. Ltd. All rights reserved. Cyberoam, Cyberoam logo are trademark of Cyberoam Technologies Pvt. Ltd. Corporate Headquarters Cyberoam Technologies Pvt. Ltd. 90, Silic Tower, Off. C.G. Road, Ahmedabad 380006, INDIA Phe: +9-79-66065606 Fax: +9-79-26407640 Web site: www.cyberoam.com Page 5 of 5 Document Versi.0-6//207