payload (any 4.10.x release including and above 4.10.1) and web application (5.x)
IMPORTANT! Some application protocol, client, and web application detectors are supported in Version 5.x only. This Advisory refers to these as FireSIGHT application detectors.
Download the VDB update and obtain update instructions from the Sourcefire Support Site at https://support.sourcefire.com. Note that the time it takes to update the VDB can vary. For more information, see the online help on your appliance or download the Sourcefire 3D System User Guide from the Support Site.
VDB Changelog:
from version 287 (2:09:21 PM on August 10th, 2017 UTC)
to version 290 (6:33:01 PM on September 20th, 2017 UTC)
Service (4.x) and Application Protocol (5.x) Detectors
Total Added:
1
Total Removed:
1
Total Updated:
0
Client Application (4.x) and Client (5.x) Detectors
Total Added:
1
Total Removed:
0
Total Updated:
0
Payload (4.x) and Web Application (5.x) Detectors
Total Added:
14
Total Removed:
6
Total Updated:
0
FireSIGHT Detector Updates (5.x)
Total Added:
310
Total Removed:
4
Total Modified:
0
Operating System Fingerprint Details
Total Added:
7
Total Removed:
0
Total Updated:
44
Operating System and Hardware Fingerprint Details (5.1.x)
Total Added:
8
Total Removed:
0
Total Updated:
0
Vulnerability References
Total Added:
146
Total Removed:
0
Total Updated:
0
Fingerprint References
Total Added:
13
Total Removed:
0
Total Updated:
16
File Type Detectors (5.2.x)
Total Added:
2
Total Removed:
0
Total Updated:
3
Operating System Fingerprint Details:
Microsoft Windows Server 2016 (ID 30965) added
Microsoft Windows Server 2016 (ID 60205) added
Apple Mac OSX Mac OSX 10.12.5 (ID 130064) added
Apple Mac OSX Mac OSX 10.12.6 (ID 130065) added
FreeBSD FreeBSD FreeBSD 10.3 (ID 130066) added
FreeBSD FreeBSD FreeBSD 11.0 (ID 130067) added
Microsoft Windows Server 2016 (ID 130068) added
NetBSD NetBSD NetBSD 1.5, 1.6 (ID 14) updated
FreeBSD FreeBSD FreeBSD 4.6 (ID 30) updated
Microsoft Windows Vista, 7, 8, 8.1, 10, Server 2012, Server 2012 R2, Server 2016 (ID 53) updated
Apple Mac OSX; iOS Mac_OSX 10.5, 10.6, 10.7, 10.8, 10.9 ; iOS 5.1.1, 6.0, 6.1 (ID 924) updated
Apple Mac OSX Mac_OSX 10.5, 10.6, 10.10, 10.11, 10.12 (ID 925) updated
FreeBSD FreeBSD FreeBSD 9.0, 9.1, 10.3, 11.0 (ID 948) updated
Ubuntu or CentOS Linux Linux 13.10, 14.04, 16.04, 16.10 or CentOS 7.2, 7.3 (ID 952) updated
Linux or Google Linux kernel or Android Linux kernel 2.6 or Android 2.2, 2.3 (ID 30901) updated
Linux or Google Linux kernel or Android Linux kernel 2.6 or Android 2.3 (ID 30902) updated
Linux or Google Linux kernel or Android Linux kernel 2.6 or Android 2.2, 2.3 (ID 30903) updated
Linux or VMware or Google Linux kernel or VMWare ESX or Android Linux kernel 2.6 or ESX 4.0 or Android 2.3 (ID 30904) updated
Linux or Google Linux kernel or Android Linux kernel 2.6 or Android 2.3 (ID 30905) updated
Apple Mac OSX or iOS Mac_OSX 10.5, 10.6, 10.7, 10.8 or iOS 7.0, 7.1, 8.1, 8.4, 9.1 (ID 30923) updated
Apple Mac OSX or iOS Mac_OSX 10.5, 10.6, 10.8, 10.9 or iOS 5.0, 5.1, 6.0, 6.1, 7.0, 7.1 (ID 30924) updated
Apple Mac OSX or iOS Mac_OSX 10.5,10.6,10.10,10.11,10.12 or iOS 8.0,8.1,8.2,8.3,8.4,9.0,9.1,9.2,9.3,10.0,10.1,10.2,10.3 (ID 30925) updated
Apple Mac OSX or iOS Mac_OSX 10.5, 10.6 or Apple iOS version 11.0 (ID 30926) updated
Google Android Android 3.2 (ID 30940) updated
Google or Ubuntu or CentOS Android or Linux or Linux Android 2.2,2.3,3.2,4.0,4.1,4.2,4.4,5.0,5.1,7.0 or Linux 11.04,12.10,13.04,13.10,14.04,16.04,16.10 or CentOS 6.3,6.4,7.2,7.3 (ID 30941) updated
Google Android Android 2.2 (ID 30942) updated
Linux or VMware or Google or Amazon Linux kernel or VMware ESX or Android or Kindle Linux kernel 2.6 or ESX 4.0 or Android 2.3 or Kindle 3.0 (ID 30943) updated
Google Android Android 2.2, 4.0 (ID 30944) updated
RIM Blackberry 7.1 (ID 30946) updated
FreeBSD FreeBSD FreeBSD 9.0, 9.1, 10.3, 11.0 (ID 30947) updated
Google Android Android 2.3, 4.0 (ID 30951) updated
Google Android Android 2.3 (ID 30952) updated
Google Android Android 4.0 (ID 30953) updated
Google Android Android 4.0 (ID 30954) updated
Google Android Android 4.1 (ID 30955) updated
RIM Blackberry 7.1 (ID 30956) updated
Google or Ubuntu or CentOS Android; CrOS or Linux or Linux Android 2.3, 4.0, 4.1, 4.2, 4.3, 4.4 ; CrOS 3701.81.2 or Linux 11.04, 12.10, 13.04 or Linux 6.3, 6.4 (ID 30959) updated
Google Android Android 6, 6.0, 7.0, 7.1 (ID 30962) updated
RIM Blackberry 5.0 (ID 30964) updated
Apple Mac OSX or iOS Mac OSX 10.7, 10.8, 10.9, 10.10 ; iOS 7.1 (ID 60191) updated
Apple iOS iOS 3.1, 4.2, 5.0, 5.1, 6.0, 6.1, 7.0, 7.1, 8.0,8.1, 8.2, 8.3, 8.4 (ID 60192) updated
Google Android Android 2.2, 2.3 (ID 60193) updated
Google Android Android 2.3 (ID 60194) updated
Google Android Android 3.2 (ID 60195) updated
Google Android Android 4.0, 4.1, 4.2 (ID 60196) updated
CentOS Linux CentOS 6.3, 6.4, 7.2, 7.3 (ID 60198) updated
Google Android Android 4.4 (ID 60202) updated
Apple iOS iOS 9.0,9.1, 9.2,9.3, 10.0, 10.2 (ID 60203) updated
Apple Mac OSX Mac OSX 10.11, 10.12 (ID 60204) updated
Apple Mac OSX 10.8 (ID 110003) updated
Apple Mac OSX 10.8 (ID 120003) updated
Operating System and Hardware Fingerprint Details (5.1.x)::
Google Android Android 7.1.2 (ID 70215) added
Apple iOS iOS 10.3.2 (ID 70216) added
Apple iOS iOS 10.3.2 (ID 70217) added
Apple iOS iOS 10.3.1 (ID 70218) added
Apple iOS iOS 11.0 (ID 70219) added
Apple iOS iOS 11.0 (ID 70220) added
Apple iOS iOS 10.3.3 (ID 70221) added
Apple iOS iOS 10.3.3 (ID 70222) added
Service (4.x) and Application Protocol (5.x) Detectors:
DTLS: Datagram Transport Layer Security, essentially TLS over UDP. added
Applejuice: Obsolete in all product versions removed
Client Application (4.x) and Client (5.x) Detectors:
Applejuice: Peer-to-peer file sharing. added
Payload (4.x) and Web Application (5.x) Detectors:
App.net: A site with many apps for various platforms. removed
BitTorrent Sync: To sync files and folders across devices. removed
For a complete list of new and modified information use this link.
For Assistance:
For information on obtaining documentation, using the Cisco Bug Search Tool (BST), submitting a service request, and gathering additional information about Cisco ASA devices, see What's New in Cisco Product Documentation.
Subscribe to What's New in Cisco Product Documentation, which lists all new and revised Cisco technical documentation, as an RSS feed and deliver content directly to your desktop using a reader application. The RSS feeds are a free service. If you have any questions or require assistance with Cisco ASA devices, please contact Cisco Support:
Note: To open a TAC request, you must first register for a Cisco.com user ID
Once you have a Cisco.com user ID, you may initiate or check on the status of a service request online or contacting the TAC by phone:
For additional information on obtaining technical support through the TAC, please consult the Technical Support Reference Guide (PDF - 1 MB)
About Talos:
The Talos Security Intelligence and Research Group (Talos) is made up of leading threat researchers supported by sophisticated systems to create threat intelligence for Cisco products that detects, analyzes and protects against both known and emerging threats. Talos maintains the official rule sets of Snort.org, ClamAV, SenderBase.org and SpamCop. The team's expertise spans software development, reverse engineering, vulnerability triage, malware investigation and intelligence gathering.