IPS Signature

Database
Version:
IPS Signature
Database Release
Notes5.11.66
Version 5.11.66
------------------------------------------------------------------------------------------------------------------------------------------Release Notes
Date: 25th May,
2014

Release Information
Upgrade Applicable on
IPS Signature Release

Version 5.11.65

Cyberoam Appliance Models

CR15iNG, CR15wiNG

Upgrade Information
Upgrade type: Automatic

Compatibility Annotations: None

Introduction
The Release Note document for IPS Signature Database Version 5.11.66 includes support for the new
signatures. The following section(s) describe the release in detail.

New IPS Signatures

The Cyberoam Intrusion Prevention System shields the network from known attacks by matching the
network traffic against the signatures in the IPS Signature Database. These signatures are developed
to significantly increase detection performance and reduce the false alarms.

Report false positives at support@cyberoam.com along with the application details.

This IPS Release includes forty one (41) signatures to address twenty one (21) vulnerabilities.

Page 1 of 5

Document Version 1.0-25/5/2014

IPS Signature Database Release Notes Version 5.11.66

----------------------------------------------------------------------------------------------------------------------------- --------------New signatures are added for the following Vulnerabilities:

Name

CVEID

Rev No.

Category

Severity

Applicable from
Version

Adobe
Flash
Player
Shader Memory Corruption
(Published Exploit)

2014-0515

1.0

Exploit

10.04.5 Build 007

Apache Struts ActionForm

ClassLoader
Security
Bypass

2014-0114

1.0

Exploit

10.04.5 Build 007

Apache
Struts
CookieInterceptor
ClassLoader
Security
Bypass

2014-0113

1.0

Exploit

10.04.5 Build 007

Asus RT Series Password

Disclosure Vulnerability

2014-2719

1.0

Exploit

10.04.5 Build 007

Asus RT Series Remote

Code
Execution
Vulnerability

2013-5948

1.0

Exploit

10.04.5 Build 007

Asus RT SWeb Interface

Cross
Site
Scripting
Vulnerability

2014-2925

1.0

Exploit

10.04.5 Build 007

CA ERwin Web Portal

ConfigServiceProvider
Information Disclosure

2014-2210

1.0

Exploit

10.04.5 Build 007

CA ERwin Web Portal

FileAccessServiceProvider
Denial of Service

2014-2210

1.0

Exploit

10.04.5 Build 007

Malware
Backdoor.MSIL.Nikastick.A
Runtime Detection

NA

1.0

Spyware

10.04.5 Build 007

Malware
Backdoor.MSIL.Nuckam.A
Runtime Detection

NA

1.0

Spyware

10.04.5 Build 007

Malware
Backdoor.MSIL.Vonriamt.A
Runtime Detection

NA

1.0

Spyware

10.04.5 Build 007

Malware
Backdoor.Win32.Httneilc.A
Runtime Detection

NA

1.0

Spyware

10.04.5 Build 007

Malware
Backdoor.Win32.Hurix.A
Runtime Detection

NA

1.0

Spyware

10.04.5 Build 007

Malware
Backdoor.Win32.Teabevil.
A Runtime Detection

NA

1.0

Spyware

10.04.5 Build 007

Malware

NA

1.0

Spyware

10.04.5 Build 007

Page 2 of 5

Document Version 1.0-25/5/2014

IPS Signature Database Release Notes Version 5.11.66

----------------------------------------------------------------------------------------------------------------------------- --------------Trojan.Linux.Chikdos.B
Runtime Detection
Malware
Trojan.MSIL.Deedevil.A
Runtime Detection

NA

1.0

Spyware

10.04.5 Build 007

Microsoft Office Chinese

Grammar
Checker
Insecure Library Loading

2014-1756

1.0

Exploit

10.04.5 Build 007

Microsoft
SharePoint
Server Cross-Site Scripting

2014-1754

1.0

Exploit

10.04.5 Build 007

Mozilla Firefox TypeObject

Use
After
Free
Vulnerability

2014-1512

1.0

Exploit

10.04.5 Build 007

Oracle
Java
System.arraycopy
Race
Condition Vulnerability

2014-0456

1.0

Exploit

10.04.5 Build 007

Oracle MySQL Server

XPath Denial Of Service

2014-0384

1.0

Exploit

10.04.5 Build 007

Page 3 of 5

Document Version 1.0-25/5/2014

IPS Signature Database Release Notes Version 5.11.66

----------------------------------------------------------------------------------------------------------------------------- --------------

Name: Name of the Signature

CVEID: CVE Identification Number - Common Vulnerabilities and Exposures (CVE) provides
reference of CVE Identifiers for publicly known information security vulnerabilities.

Rev No.: Threat signature revision number

Category: Class type according to threat

Severity: Degree of severity - The levels of severity are described in the table below:

Severity Level

Severity Criteria

Low

Moderate

High

Critical

Applicable from Version: Threat Signatures are available in a specified Cyberoam Firmware
Version and above.

Page 4 of 5

Document Version 1.0-25/5/2014

IPS Signature Database Release Notes Version 5.11.66

----------------------------------------------------------------------------------------------------------------------------- ---------------

Important Notice
Cyberoam Technologies Pvt. Ltd. has supplied this Information believing it to be accurate and reliable at the time of printing, but is
presented without warranty of any kind, expressed or implied. Users must take full responsibility for their application of any products.
Cyberoam Technologies Pvt. Ltd. assumes no responsibility for any errors that may appear in this document. Cyberoam
Technologies Pvt. Ltd. reserves the right, without notice to make changes in product design or specifications. Information is subject
to change without notice.

USERS LICENSE
Use of this product and document is subject to acceptance of the terms and conditions of Cyberoam End User License Agreement
(EULA) and Warranty Policy for Cyberoam UTM Appliances.
You will find the copy of the EULA at http://www.cyberoam.com/documents/EULA.html and the Warranty Policy for Cyberoam UTM
Appliances at http://kb.cyberoam.com.

RESTRICTED RIGHTS
Copyright 1999 - 2014 Cyberoam Technologies Pvt. Ltd. All rights reserved. Cyberoam, Cyberoam logo are trademark of Cyberoam
Technologies Pvt. Ltd.

Corporate Headquarters
Cyberoam Technologies Pvt. Ltd.
901, Silicon Tower, Off. C.G. Road,
Ahmedabad 380006, INDIA
Phone: +91-79-66065606
Fax: +91-79-26407640
Web site: www.cyberoam.com

Page 5 of 5

Document Version 1.0-25/5/2014