本升级包为引擎升级包，支持在固件版本为5.6.6.85，引擎版本为5.6.6.85及其以后的所有标准版本（非定制版本）基础上进行升级。本升级包为全量升级包，升级后固件版本不变，引擎版本变更为5.6.6.183。

本升级包新增/改进功能：
1.安全性问题修复
2.稳定性问题修复

注意事项：
1.本升级包升级过程不会影响设备当前任何配置；
2.本升级包升级完成后自动重启引擎生效，会导致通过设备的会话中断，请选择合适的时间进行设备升级；
3.本升级包升级完成后需要手动刷新WEB页面。

This is an engine upgrade package, which can be used to perform upgrade based on standard (non-customized) devices with the firmware version of 5.6.6.85 and engine version of 5.6.6.85 and later. This upgrade package covers previously released patches. After upgrade, the firmware version remains unchanged, but the engine version is updated to 5.6.6.183.

New or Improved Functions in This Upgrade Package:
1.Security bug fixes
2.Stability bug fixes

Notes:
1. When this upgrade package is applied to a device, the upgrade process does not affect any configurations existing on the device.
2. When the upgrade is completed, the engine automatically restarts, which will interrupt sessions going through the device. Please perform the upgrade at a appropriate time.
3. After the upgrade is completed, you need to manually refresh the web page of the web-based manager.

本升级包为引擎升级包，支持在固件版本5.6.6.85，引擎版本为5.6.6.180上进行升级。本升级包为增量升级包，升级后固件版本不变，引擎版本变更为5.6.6.182。

本升级包新增/改进功能：
1.修复PHP multipart/form-data头部解析远程拒绝服务漏洞。

注意事项：
1.本升级包升级过程不会影响设备当前任何配置；
2.本升级包升级完成后需要手动刷新WEB页面；
3.本升级包升级完成后自动重启引擎生效，会导致通过设备的会话中断，请选择合适的时间进行设备升级；
4.本升级包不能回退至5.6.6.182以前版本；

This is an engine upgrade package, which can be used to perform upgrade based on standard devices with the firmware version of 5.6.6.85 and engine version of5.6.6.180.This upgrade package is an incremental upgrade package.After upgrade, the firmware version remains unchanged, but the engine version is updated to 5.6.6.182.
New or Improved Functions in This Upgrade Package:
1.Fix PHP multipart/form - data parsing head remote denial of service vulnerability

Notes:
1. When this upgrade package is applied to a device, the upgrade process does not affect any configurations existing on the device.
2. After the upgrade is completed, you need to manually refresh the web page of the web-based manager.
3. When the upgrade is completed, the engine automatically restarts, which will interrupt sessions going through the device. Please perform the upgrade at a appropriate time.
4.The upgrade package can not fall back to the previous version below the 5.6.6.182 .

本升级包为引擎升级包，支持在固件版本为5.6.6.85，引擎版本为5.6.6.85及其以后的所有标准版本（非定制版本）基础上进行升级。本升级包为全量升级包，升级后固件版本不变，引擎版本变更为5.6.6.180。

本升级包新增/改进功能：
1.优化对DNS报文的检测
2.优化日志上传功能
3.优化支持中文安全区名称
4.优化Snmp Agent功能
5.修复DTLS segmentation fault in dtls1_get_record漏洞(CVE-2014-3571)
6.修复no-ssl3 configuration sets method to NULL漏洞 (CVE-2014-3569)
7.修复ECDHE silently downgrades to ECDH [Client]漏洞 (CVE-2014-3572)
8.修复RSA silently downgrades to EXPORT_RSA [Client]漏洞 (CVE-2015-0204)
9.修复Certificate fingerprints can be modified漏洞 (CVE-2014-8275)
10.修复Bignum squaring may produce incorrect results漏洞 (CVE-2014-3570)

注意事项：
1.本升级包升级过程不会影响设备当前任何配置；
2.本升级包升级完成后自动重启引擎生效，会导致通过设备的会话中断，请选择合适的时间进行设备升级；
3.本升级包升级完成后需要手动刷新WEB页面。

This is an engine upgrade package, which can be used to perform upgrade based on standard (non-customized) devices with the firmware version of 5.6.6.85 and engine version of 5.6.6.85 and later. This upgrade package covers previously released patches. After upgrade, the firmware version remains unchanged, but the engine version is updated to 5.6.6.180.

New or Improved Functions in This Upgrade Package:
1.Improve the function about detection of DNS packet.
2.Improve the function of log uploading.
3.Improve modify security zone use Chinese name.
4.Improve Snmp Agent.
5.Fix of "DTLS segmentation fault in dtls1_get_record(CVE-2014-3571)"
6.Fix of "no-ssl3 configuration sets method to NULL(CVE-2014-3569)"
7.Fix of "ECDHE silently downgrades to ECDH [Client](CVE-2014-3572)"
8.Fix of "RSA silently downgrades to EXPORT_RSA [Client](CVE-2015-0204)"
9.Fix of "Certificate fingerprints can be modified(CVE-2014-8275)"
10.Fix of "Bignum squaring may produce incorrect results(CVE-2014-3570)"

Notes:
1. When this upgrade package is applied to a device, the upgrade process does not affect any configurations existing on the device.
2. When the upgrade is completed, the engine automatically restarts, which will interrupt sessions going through the device. Please perform the upgrade at a appropriate time.
3. After the upgrade is completed, you need to manually refresh the web page of the web-based manager.

本升级包为引擎升级包，支持在固件版本为5.6.6.85，引擎版本为5.6.6.85及以后的所有版本的基础上升级（定制的除外）。
本升级包为全量升级包，升级后，固件版本不变，引擎版本变更为5.6.6.179。
本版本主要做了如下修改：
1.更新web
2.更新在线升级功能
3.更新规则[30647]GNU Bash 环境变量远程命令执行漏洞(CVE-2014-6271)
4.更新sql注入白名单功能
5.更新Ackflood功能

注意：
1.本升级包升级过程不会影响设备当前任何配置；
2.本升级包升级完成后自动重启引擎生效，会导致通过设备的会话中断，请选择合适的时间进行设备升级；
3.本升级包升级完成后也会重启Apache，请手动刷新页面

This is an engine upgrade package, which can be used to perform upgrade based on standard (non-customized) devices with the firmware version of 5.6.6.85 and engine version of 5.6.6.85 and later. This upgrade package covers previously released patches. After upgrade, the firmware version remains unchanged, but the engine version is updated to 5.6.6.179.
1.update web
2.update online-upgrade
3.modify rule[30647],CVE-2014-6271
4.update the fuction of sql-inject white list
5.update AckFlood

Notes:
1. When this upgrade package is applied to a device, the upgrade process does not affect any configurations existing on the device.
2. When the upgrade is completed, the engine automatically restarts, which will interrupt sessions going through the device. Please perform the upgrade at a appropriate time.
3. After the upgrade is completed,the Apache also be restarted， you need to manually refresh the web page of the web-based manager.

本升级包为引擎升级包，支持在固件版本为5.6.6.85，引擎版本为5.6.6.85及其以后的所有标准版本（非定制版本）基础上进行升级。本升级包为全量升级包，升级后固件版本不变，引擎版本变更为5.6.6.178。

本升级包新增/改进功能：
1.修复bash环境变量远程命令执行漏洞(CVE-2014-7169）
2.修复bash环境变量远程命令执行漏洞（CVE-2014-6271）
3.修复SSL 3.0 POODLE攻击信息泄露漏洞(CVE-2014-3566)

注意事项：
1.本升级包升级过程不会影响设备当前任何配置；
2.本升级包升级完成后自动重启引擎生效，会导致通过设备的会话中断，请选择合适的时间进行设备升级；
3.本升级包升级完成后需要手动刷新WEB页面。

This is an engine upgrade package, which can be used to perform upgrade based on standard (non-customized) devices with the firmware version of 5.6.6.85 and engine version of 5.6.6.85 and later. This upgrade package covers previously released patches. After upgrade, the firmware version remains unchanged, but the engine version is updated to 5.6.6.178.

New or Improved Functions in This Upgrade Package:
1.Fix of "remote code execution through bash(CVE-2014-6271)"
2.Fix of "remote code execution through bash(CVE-2014-7169)"
3.Fix of "POODLE attacks on SSLv3(CVE-2014-3566 )"

Notes:
1. When this upgrade package is applied to a device, the upgrade process does not affect any configurations existing on the device.
2. When the upgrade is completed, the engine automatically restarts, which will interrupt sessions going through the device. Please perform the upgrade at a appropriate time.
3. After the upgrade is completed, you need to manually refresh the web page of the web-based manager.

本升级包为引擎升级包，支持在固件版本为5.6.6.85，引擎版本为5.6.6.85及其以后的所有标准版本（非定制版本）基础上进行升级。本升级包为全量升级包，升级后固件版本不变，引擎版本变更为5.6.6.176。

本升级包新增/改进功能：
1.更新规则[50376]HTTP协议Content Length头选项字段超长；
2.更新规则[50141]在线流媒体PPStream网络电视连接；
3.更新规则[50102]即时通信软件QQ访问游戏平台；
4.更新防病毒模块中白名单功能；
5.完善邮件附件扫描功能；
6.完善Snmp Agent功能；
7.增加Ack Flood检测功能；
8.更新WEB。

注意事项：
1.本升级包升级过程不会影响设备当前任何配置；
2.本升级包升级完成后自动重启引擎生效，会导致通过设备的会话中断，请选择合适的时间进行设备升级；
3.本升级包升级完成后需要手动刷新WEB页面。

This is an engine upgrade package, which can be used to perform upgrade based on standard (non-customized) devices with the firmware version of 5.6.6.85 and engine version of 5.6.6.85 and later. This upgrade package covers previously released patches. After upgrade, the firmware version remains unchanged, but the engine version is updated to 5.6.6.176.

New or Improved Functions in This Upgrade Package:
1.Update rule[50376]Http Content Length Too Long;
2.Update rule[50141]Online Streaming Media PPStream Network TV Connect;
3.Update rule[50102]Instant Messaging Software QQ Game Access Platform;
4.Update whitelist function in AntiVirus module;
5.Improve the scan of e-mail attachments;
6.Improve Snmp Agent;
7.Increase Ack Flood detection;
8.Update WEB.
Notes:
1. When this upgrade package is applied to a device, the upgrade process does not affect any configurations existing on the device.
2. When the upgrade is completed, the engine automatically restarts, which will interrupt sessions going through the device. Please perform the upgrade at a appropriate time.
3. After the upgrade is completed, you need to manually refresh the web page of the web-based manager.

本升级包为引擎升级包，支持在固件版本为5.6.6.85，引擎版本为5.6.6.85及其以后的所有标准版本（非定制版本）基础上进行升级。本升级包为全量升级包，升级后固件版本不变，引擎版本变更为5.6.6.170。

本升级包新增/改进功能：
--修复OpenSSL SSL/TLS MITM 漏洞 (CVE-2014-0224)
--修复OpenSSL dtls1_get_message_fragment函数拒绝服务漏洞 (CVE-2014-0221)
--修复OpenSSL DTLS无效片段漏洞 (CVE-2014-0195)
--修复OpenSSL 'so_ssl3_write()'函数空指针间接引用拒绝服务漏洞（CVE-2014-0198）
--修复SSL_MODE_RELEASE_BUFFERS会话注入或拒绝服务漏洞（CVE-2010-5298）
--修复OpenSSL 匿名ECDH拒绝服务漏洞 (CVE-2014-3470)
--修复日志记录时间误差问题

注意事项：
1.本升级包升级过程不会影响设备当前任何配置；
2.本升级包升级完成后自动重启引擎生效，会导致通过设备的会话中断，请选择合适的时间进行设备升级；
3.本升级包升级完成后需要手动刷新WEB页面。

This is an engine upgrade package, which can be used to perform upgrade based on standard (non-customized) devices with the firmware version of 5.6.6.85 and engine version of 5.6.6.85 and later. This upgrade package covers previously released patches. After upgrade, the firmware version remains unchanged, but the engine version is updated to 5.6.6.170.

New or Improved Functions in This Upgrade Package:
--Fix of "OpenSSL SSL/TLS MITM Vulnerability (CVE-2014-0224)"
--Fix of "OpenSSL dtls1_get_message_fragment Function Denial-of-Service Vulnerability (CVE-2014-0221)"
--Fix of "OpenSSL DTLS Invalid Fragment Vulnerability (CVE-2014-0224)"
--Fix of "OpenSSL 'so_ssl3_write()' Function NULL Pointer Indirect Dereference Denial-of-Service Vulnerability (CVE-2014-0198)"
--Fix of "SSL_MODE_RELEASE_BUFFERS Session Injection or Denial-of-Service Vulnerability (CVE-2010-5298)"
--Fix of "OpenSSL Anonymous ECDH Denial-of-Service Vulnerability (CVE-2014-3470)"
--Fix the problem of logging time deviation

Notes:
1. When this upgrade package is applied to a device, the upgrade process does not affect any configurations existing on the device.
2. When the upgrade is completed, the engine automatically restarts, which will interrupt sessions going through the device. Please perform the upgrade at a appropriate time.
3. After the upgrade is completed, you need to manually refresh the web page of the web-based manager.

完善内置Bypass功能；
完善首页接口流量信息；
更新IMAP协议解码器；
更新FTP弱口令解码器；
更新雅虎解码器；
WEB优化。

Improvement of the Built-in Bypass Function;
Improvement of Interface Traffic Data on the Home Page;
Update of the IMAP Decoder;
Update of the FTP Weak Password Decoder;
Update of Yahoo Decoder;
Web Optimization.

增强反病毒功能；
增强URL过滤功能；
增强WEB信誉功能；
增强SQL注入检测；
增强IPS与安全中心连接；
增强FTP解码；
增强流量分析功能；
增强日志系统功能；
WEB优化。

Enhancement in Anti-virus;
Refinement in URL filtering;
Promotion in Web reputation;
Higher-performance in SQL injection detection;
Enhancement in the connection of IPS and security center;
Advancement in FTP decoding;
Major updates to traffic analysis;
Enrichment in the log system;
Improvement in Web optimization;

更新 SQL注入 检测规则
更新 [30242] 服务器端口扫描－TCP端口扫描
更新 [20911] Microsoft Windows柯达图像查看器远程代码执行攻击(MS07-055)
更新 [21202] Adobe Flash Player "SWF"文件远程内存破坏漏洞
新增 [22487] Oracle Database身份验证协议离线口令破解漏洞
新增 [22499] BigAnt IM服务器USV请求栈溢出漏洞
新增 [21125] Microsoft Word RTF文件解析栈溢出漏洞
新增 [20898] 雅虎通YVerInfo.dll ActiveX控件远程栈缓冲区溢出攻击
新增 [20899] Macrovision InstallShield Update Service ActiveX非授权下载执行任意程序攻击
新增 [20655] NIPrint LPD打印服务程序远程缓冲区溢出攻击
新增 [20957] Symantec Backup Exec调度程序ActiveX栈溢出攻击
新增 [20282] VanDyke SecureCRT SSH1协议处理远程缓冲区溢出攻击
新增 [20706] Intervations FileCopa LIST命令远程缓冲区溢出攻击
新增 [20607] Simple PHP Blog上传脚本文件执行代码攻击
新增 [20592] Epic Games Unreal Engine Secure Query缓冲区溢出攻击
新增 [20611] TFTPD服务超长文件名远程缓冲区溢出攻击
新增 [20619] Apple Mac OS X AppleFileServer预验证远程缓冲区溢出攻击
新增 [22506] Invision Power Board le 3.3.4 unserialize() PHP代码执行漏洞
新增 [22500] Scrutinizer默认密码安全限制绕过漏洞
新增 [20626] SoftCart SoftCart.exe CGI远程缓冲区溢出攻击
新增 [20623] BomberClone错误消息处理远程缓冲区溢出攻击
新增 [20635] CA License Client GETCONFIG请求缓冲区溢出攻击
新增 [30582] H3C及Huawei SNMP访问控制信息泄露漏洞
新增 [20973] Facebook PhotoUploader ActiveX控件超长属性参数栈溢出攻击
新增 [22543] lighttpd畸形HTTP Connection域处理拒绝服务漏洞
新增 [20615] PAJAX pajax_call_dispatcher.php远程执行命令攻击
新增 [20565] Nullsoft SHOUTcast文件请求远程格式串攻击
新增 [20968] Creative软件自动升级引擎ActiveX控件栈溢出攻击
新增 [20901] SonicWALL SSL-VPN ActiveX控件远程缓冲区溢出攻击
新增 [22588] Samsung打印机固件管理账号后门
新增 [22587] CA ARCserve Backup RPC Services RPC请求任意代码执行漏洞
新增 [20534] Mercury/32 IMAP RENAME命令远程缓冲区溢出攻击
增强IPv6支持，新增ping6, tracerout6 等诊断工具的支持
账号管理允许登陆IP可支持多个IP地址

Update SQL injection rules
Update [30242]Server Port Scan - Normal Scan
Update [20911] Microsoft Windows Kodak Image Viewer Remote Code Execution (MS07-055)
Update [21202] Adobe Flash Player "SWF" File Remote Memory Corruption Vulnerability
Add [22487] Oracle Database Authentication ProtocolSecurity Bypass Vulnerability
Add [22499] BigAnt IM server USV requests to stack overflow vulnerability
Add [21125] Microsoft Word RTF File Parsing Stack Buffer Overflow Vulnerability
Add [20898] Yahoo! Messenger YVerInfo.dll ActiveX Control Remote Stack Buffer Overflow
Add [20899] Macrovision InstallShield Update Service ActiveX Unauthorized Arbitrary Program Execution
Add [20655] NIPrint LPD Spooler Remote Buffer Overflow
Add [20957] Symantec Backup Exec Scheduler ActiveX stack overflow
Add [20282] VanDyke SecureCRT SSH1 Protocol Handling Remote Buffer Overflow
Add [20706] Intervations FileCopa LIST Command Remote Buffer Overflow
Add [20607] Simple PHP Blog Upload Script Code Execution
Add [20592] Epic Games Unreal Engine Secure Query Buffer Overflow
Add [20611] TFTPD Service Over-long Filename Remote Buffer Overflow
Add [20619] Apple Mac OS X AppleFileServer Pre-authentication Remote Buffer Overflow
Add [22506] Invision Power Board le 3.3.4 unserialize () PHP Code Execution Vulnerability
Add [22500] Scrutinizer Default Password Security Restriction Bypass Vulnerability
Add [20626] SoftCart SoftCart.exe CGI Remote Buffer Overflow
Add [20623] BomberClone Error Message Handling Remote Buffer Overflow
Add [20635] CA License Client GETCONFIG Request Buffer Overflow
Add [30582] HP/H3C and Huawei SNMP Weak Access to Critical Data
Add [20973] Facebook Photo Uploader ImageUploader FileMask Method ActiveX Buffer Overflow Attack
Add [22543] Encryption detect the lighttpd malformed HTTP Connection Domain Processing Denial of Service Vulnerability
Add [20615] PAJAX pajax_call_dispatcher.php Remote Code Execution
Add [20565] Nullsoft SHOUTcast File Request Remote Format String Vulnerability
Add [20968] Creative Software AutoUpdate Engine ActiveX Control Stack Overflow
Add [20901] SonicWALL SSL-VPN ActiveX Control Remote Buffer Overflow
Add [22588] Samsung printer firmware management account backdoor
Add [22587] CA ARCserve Backup RPC Services RPC arbitrary code execution vulnerability
Add [20534] Mercury/32 IMAP RENAME Command Remote Buffer Overflow
Enhance IPv6 support, add diagnostic tools such as ping6, tracerout6
Account management rule of limiting access support multiple IP addresses

改进规则[21352]WEB服务远程SQL注入查询数据库信息
改进规则[29001]WEB服务远程SQL注入攻击可疑行为
修改日志归并算法

updated rule [21352]WEB Service Remote SQL Injection Query The Database Information
updated rule [29001]WEB Service Remote SQL Injection Suspicious Behavior
modified the merge algorithm of ips log

添加规则[22470] phpMyAdmin server_sync.php 远程后门漏洞


Add rule[22470] phpMyAdmin server_sync.php remote backdoor vulnerability

修改 SNMP MIB
更新规则[22264]Apache Struts2 XWork绕过安全限制执行任意命令攻击
更新规则[10321]SSL重协商及资源消耗非对称性导致的分布式拒绝服务攻击

update SNMP MIB
update rule [22264]Apache Struts2 XWork Bypass Security Restrictions To Execute Arbitrary Commands Attack
update rule [10321]SSL-RENEGOTIATION and Asymmetric Property Ddos

新增规则[22249] PHP-CGI远程源码泄露和任意代码执行漏洞
新增规则[21675] CVE-2012-0158 Microsoft MSCOMCTL.OCX远程代码执行漏洞(MS12-027)
新增规则[21674] CVE-2012-0170 Microsoft Internet Explorer OnReadyStateChange远程代码执行漏洞(MS12-023)
新增规则[21673] CVE-2012-0171 Microsoft Internet Explorer SelectAll远程代码执行漏洞(MS12-023)
新增规则[21672] CVE-2012-0172 Microsoft Internet Explorer VML Style远程代码执行漏洞(MS12-023)
新增规则[21671] CVE-2012-0177 Microsoft Office WPS Converter堆溢出漏洞(MS12-028)
更新规则[50084]即时通信软件MSN用户发送消息
更新规则[50085]即时通信软件MSN用户接收消息
更新规则[50451]网易视频在线流媒体播放
更新ping会话控制功能
首次登陆设备提示更改默认密码

Add rule [22249] PHP-CGI Remote Source Disclosure And Arbitrary Code Execution Vulnerability
Add rule [21675] CVE-2012-0158 Microsoft MSCOMCTL.OCX Remote Code Execution Vulnerability(MS12-027)
Add rule [21674] CVE-2012-0170 Microsoft Internet Explorer OnReadyStateChange Remote Code Execution Vulnerability(MS12-023)
Add rule [21673] CVE-2012-0171 Microsoft Internet Explorer SelectAll Remote Code Execution Vulnerability(MS12-023)
Add rule [21672] CVE-2012-0172 Microsoft Internet Explorer VML Style Remote Code Execution Vulnerability(MS12-023)
Add rule [21671] CVE-2012-0177 Microsoft Office WPS Converter Heap Overflow Vulnerability(MS12-028)
Update rule [50084]Instant Messaging Software MSN User Sending Messages
Update rule [50085]Instant Messaging Software MSN User Receiving Messages
Update rule [50451]NetEase Video Online Streaming Media Playing
Update ping session control19584
Be prompted to change the initial password the first time sign-on to the IPS

新增规则[21458]Remote Desktop Protocol中远程代码执行漏洞(CVE-2012-0002)(MS12-020)
新增SNMP暴力猜测检测规则
本升级包（5.6.6.116）需要在固件版本5.6.6.85的基础上使用

Add [21458]Remote Desktop Protocol Remote Code Execution Vulnerability(CVE-2012-0002)(MS12-020)
add SNMP Brute force attacks rule
This upgrade package(5.6.6.116) requires 5.6.6.85 firmare version