首页-> 服务与支持-> 客户支持-> 售后服务

服务与支持

网络入侵防护系统(IPS)引擎5.6.7 升级包列表

名称: eoi.agentpatch.5.6.7.112.bin 版本:5.6.7.112
MD5:c8b945fc686186d682cc17fb624a9d6f 大小:38.84M
描述:

本升级包为引擎升级包,支持在固件版本为5.6.7.56及以后,引擎版本为5.6.7.56及以后的所有标准版本(非定制版本)基础上进行升级。本升级包为全量升级包,升级后固件版本不变,引擎版本变更为5.6.7.112。

本升级包新增/改进功能:
完善系统功能

注意事项:
1、本升级包升级过程不会影响设备当前配置。
2、本升级包升级完成后会自动重启引擎,请选择合适的时间进行设备升级。
3、如果是从低于5.6.7.107的版本进行升级或升级5.6.7.107后未手动重启设备,需要手动重启。
4、本升级包升级完成后需要手动刷新WEB页面。

This is an engine upgrade package, which can be used to perform upgrade based on standard (non-customized) devices with the firmware version of 5.6.7.56 and later and the engine version of 5.6.7.56 and later. This upgrade package covers previously released patches. After upgrade, the firmware version remains unchanged, but the engine version is updated to 5.6.7.112.

New or Improved Functions in This Upgrade Package:
Improving the function of the system

Notes:
1.When this upgrade package is applied to a device, the upgrade process does not affect configurations existing on the device.
2.When the upgrade is completed, the engine automatically restarts. Please perform the upgrade at a appropriate time.
3.If version is less than 5.6.7.107 and not restarted when upgrated to 5.6.7.107,manual restart is needed.
4.After the upgrade is completed, you need to manually refresh the web page of the web-based manager.

发布时间:2018-05-25 09:24:28
名称: eoi.agentpatch.5.6.7.111.bin 版本:5.6.7.111
MD5:7f89d79f9bd6918648aac4a1adebfc8e 大小:38.84M
描述:

本升级包为引擎升级包,支持在固件版本为5.6.7.56及以后,引擎版本为5.6.7.56及以后的所有标准版本(非定制版本)基础上进行升级。本升级包为全量升级包,升级后固件版本不变,引擎版本变更为5.6.7.111。

本升级包新增/改进功能:
1.安全性问题修复
2.稳定性问题修复

注意事项:
1、本升级包升级过程不会影响设备当前配置。
2、本升级包升级完成后会自动重启引擎,会导致通过设备的会话中断,请选择合适的时间进行设备升级。
3、如果是从低于5.6.7.107的版本进行升级或升级5.6.7.107后未手动重启设备,需要手动重启。
4、本升级包升级完成后需要手动刷新WEB页面。

This is an engine upgrade package, which can be used to perform upgrade based on standard (non-customized) devices with the firmware version of 5.6.7.56 and later and the engine version of 5.6.7.56 and later. This upgrade package covers previously released patches. After upgrade, the firmware version remains unchanged, but the engine version is updated to 5.6.7.111.

New or Improved Functions in This Upgrade Package:
1.Security bug fixes
2.Stability bug fixes

Notes:
1.When this upgrade package is applied to a device, the upgrade process does not affect configurations existing on the device.
2.When the upgrade is completed, the engine automatically restarts, which will interrupt sessions going through the device. Please perform the upgrade at a appropriate time.
3.If version is less than 5.6.7.107 and not restarted when upgrated to 5.6.7.107,manual restart is needed.
4.After the upgrade is completed, you need to manually refresh the web page of the web-based manager.

发布时间:2016-11-03 18:14:10
名称: eoi.agentpatch.5.6.7.110.bin 版本:5.6.7.110
MD5:cf84b359681027379d52d7e5ca2f5738 大小:38.84M
描述:

本升级包为引擎升级包,支持在固件版本为5.6.7.56及以后,引擎版本为5.6.7.56及以后的所有标准版本(非定制版本)基础上进行升级。本升级包为全量升级包,升级后固件版本不变,引擎版本变更为5.6.7.110。

本升级包新增/改进功能:
Openssl版本升级到1.0.1u,修复以下漏洞:
1.CVE-2016-6304
2.CVE-2016-6305
3.CVE-2016-2183
4.CVE-2016-6303
5.CVE-2016-6302
6.CVE-2016-2182
7.CVE-2016-2180
8.CVE-2016-2177
9.CVE-2016-2178
10.CVE-2016-2179
11.CVE-2016-2181
12.CVE-2016-6306
13.CVE-2016-6307
14.CVE-2016-6308

注意事项:
1、本升级包升级过程不会影响设备当前配置。
2、本升级包升级完成后会自动重启引擎,会导致通过设备的会话中断,请选择合适的时间进行设备升级。
3、如果是从低于5.6.7.107的版本进行升级或升级5.6.7.107后未手动重启设备,需要手动重启。
4、本升级包升级完成后需要手动刷新WEB页面。

This is an engine upgrade package, which can be used to perform upgrade based on standard (non-customized) devices with the firmware version of 5.6.7.56 and later and the engine version of 5.6.7.56 and later. This upgrade package covers previously released patches. After upgrade, the firmware version remains unchanged, but the engine version is updated to 5.6.7.110.

New or Improved Functions in This Upgrade Package:
Openssl upgrades to 1.0.1u and several security fixes:
1.CVE-2016-6304
2.CVE-2016-6305
3.CVE-2016-2183
4.CVE-2016-6303
5.CVE-2016-6302
6.CVE-2016-2182
7.CVE-2016-2180
8.CVE-2016-2177
9.CVE-2016-2178
10.CVE-2016-2179
11.CVE-2016-2181
12.CVE-2016-6306
13.CVE-2016-6307
14.CVE-2016-6308

Notes:
1.When this upgrade package is applied to a device, the upgrade process does not affect configurations existing on the device.
2.When the upgrade is completed, the engine automatically restarts, which will interrupt sessions going through the device. Please perform the upgrade at a appropriate time.
3.If version is less than 5.6.7.107 and not restarted when upgrated to 5.6.7.107,manual restart is needed.
4.After the upgrade is completed, you need to manually refresh the web page of the web-based manager.

发布时间:2016-09-23 18:12:21
名称: eoi.agentpatch.5.6.7.109.bin 版本:5.6.7.109
MD5:126ecb7102cb7684e56f6e6370ee4e77 大小:38.82M
描述:

本升级包为引擎升级包,支持在固件版本为5.6.7.56及以后,引擎版本为5.6.7.56及以后的所有标准版本(非定制版本)基础上进行升级。本升级包为全量升级包,升级后固件版本不变,引擎版本变更为5.6.7.109。

本升级包新增/改进功能:
Openssl版本升级到1.0.1t,修复以下漏洞:
1、Memory corruption in the ASN.1 encoder (CVE-2016-2108)
2、Padding oracle in AES-NI CBC MAC check (CVE-2016-2107)
3、EVP_EncodeUpdate overflow (CVE-2016-2105)
4、EVP_EncryptUpdate overflow (CVE-2016-2106)
5、ASN.1 BIO excessive memory allocation (CVE-2016-2109)
6、EBCDIC overread (CVE-2016-2176)

注意事项:
1、本升级包升级过程不会影响设备当前配置。
2、本升级包升级完成后会自动重启引擎,会导致通过设备的会话中断,请选择合适的时间进行设备升级。
3、如果是从低于5.6.7.107的版本进行升级或升级5.6.7.107后未手动重启设备,需要手动重启。
4、本升级包升级完成后需要手动刷新WEB页面。

This is an engine upgrade package, which can be used to perform upgrade based on standard (non-customized) devices with the firmware version of 5.6.7.56 and later and the engine version of 5.6.7.56 and later. This upgrade package covers previously released patches. After upgrade, the firmware version remains unchanged, but the engine version is updated to 5.6.7.109.

New or Improved Functions in This Upgrade Package:
Openssl upgrades to 1.0.1t and several security fixes:
1.Memory corruption in the ASN.1 encoder (CVE-2016-2108)
2.Padding oracle in AES-NI CBC MAC check (CVE-2016-2107)
3.EVP_EncodeUpdate overflow (CVE-2016-2105)
4.EVP_EncryptUpdate overflow (CVE-2016-2106)
5.ASN.1 BIO excessive memory allocation (CVE-2016-2109)
6.EBCDIC overread (CVE-2016-2176)

Notes:
1.When this upgrade package is applied to a device, the upgrade process does not affect configurations existing on the device.
2.When the upgrade is completed, the engine automatically restarts, which will interrupt sessions going through the device. Please perform the upgrade at a appropriate time.
3.If version is less than 5.6.7.107 and not restarted when upgrated to 5.6.7.107,manual restart is needed.
4.After the upgrade is completed, you need to manually refresh the web page of the web-based manager.

发布时间:2016-05-05 19:22:51
名称: eoi.agentpatch.5.6.7.107.bin 版本:5.6.7.107
MD5:e760148e65cd8ce7c420d229aed2cb10 大小:38.83M
描述:

本升级包为引擎升级包,支持在固件版本为5.6.7.56及以后,引擎版本为5.6.7.56及以后的所有标准版本(非定制版本)基础上进行升级。本升级包为全量升级包,升级后固件版本不变,引擎版本变更为5.6.7.107。

本升级包新增/改进功能:
1、新增功能:双内核机制。
2、完善USB升级。
3、完善安全引擎。
4、WEB优化。
5、修复ssl Certificate Signed Using Weak Hashing Algorithm漏洞。
6、优化了部分规则。

注意事项:
1、本升级包升级过程不会影响设备当前配置。
2、本升级包升级完成后会自动重启引擎,会导致通过设备的会话中断,请选择合适的时间进行设备升级。
3、本升级包升级完成后,若要使双内核机制生效,需要手动重启设备。
4、本升级包升级完成后需要手动刷新WEB页面。

This is an engine upgrade package, which can be used to perform upgrade based on standard (non-customized) devices with the firmware version of 5.6.7.56 and later and the engine version of 5.6.7.56 and later. This upgrade package covers previously released patches. After upgrade, the firmware version remains unchanged, but the engine version is updated to 5.6.7.107.

New or Improved Functions in This Upgrade Package:
1.new function:two kernel mechanism.
2.enhancement in updating by USB.
3.enhancement in security engine.
4.improvement in Web optimization.
5.fix ssl Certificate Signed Using Weak Hashing Algorithm vulnerability.
6.improve some rules.

Notes:
1.When this upgrade package is applied to a device, the upgrade process does not affect configurations existing on the device.
2.When the upgrade is completed, the engine automatically restarts, which will interrupt sessions going through the device. Please perform the upgrade at a appropriate time.
3.When the upgrade is completed, and you wanted to make two kernel mechanism to take effect, please reboot the device manually.
4. After the upgrade is completed, you need to manually refresh the web page of the web-based manager.

发布时间:2016-01-12 13:02:16
名称: eoi.agentpatch.5.6.7.105.bin 版本:5.6.7.105
MD5:e6ff9892311230ff8c2e9b741a95e940 大小:34.06M
描述:

本升级包为引擎升级包,支持在固件版本为5.6.7.56及以后,引擎版本为5.6.7.56及以后的所有标准版本(非定制版本)基础上进行升级。本升级包为全量升级包,升级后固件版本不变,引擎版本变更为5.6.7.105。
本升级包新增/改进功能:
1.更新了由于修复PHP multipart/form-data头部解析远程拒绝服务漏洞而产生的时区问题
2.优化了部分规则
3.优化了链路状态同步

注意事项:
1.本升级包升级过程不会影响设备当前任何配置;
2.本升级包升级完成后自动重启引擎生效,会导致通过设备的会话中断,请选择合适的时间进行设备升级;
3.本升级包升级完成后需要手动刷新WEB页面。

This is an engine upgrade package, which can be used to perform upgrade based on standard (non-customized) devices with the firmware version of 5.6.7.56 and later and engine version of 5.6.7.56 and later. This upgrade package covers previously released patches. After upgrade, the firmware version remains unchanged, but the engine version is updated to 5.6.7.105.
New or Improved Functions in This Upgrade Package:
1.Fix timezone error because last packet fixed PHP multipart/form-data
2.Improve some rules
3.Improve the function of sync link-status

Notes:
1. When this upgrade package is applied to a device, the upgrade process does not affect any configurations existing on the device.
2. When the upgrade is completed, the engine automatically restarts, which will interrupt sessions going through the device. Please perform the upgrade at a appropriate time.
3. After the upgrade is completed, you need to manually refresh the web page of the web-based manager.

发布时间:2015-06-17 11:03:07
名称: eoi.agentpatch.5.6.7.104.bin 版本:5.6.7.104
MD5:d02fa7d8eeaee8d95d3afd434cbeaf15 大小:8.79M
描述:

本升级包为紧急升级包,支持在固件版本为5.6.7.56及以后,引擎版本在5.6.7.103标准版本(非定制版本)基础上进行升级。本升级包为增量升级包,升级后固件版本不变,引擎版本变更为5.6.7.104。
本升级包新增/改进功能:
1.修复PHP multipart/form-data头部解析远程拒绝服务漏洞。

注意事项:
1.本升级包升级过程不会影响设备当前配置;

This is an emergency upgrade package, which can be used to perform upgrade based on standard (non-customized) devices with the firmware version of 5.6.7.56 and later and engine version of 5.6.7.103. This upgrade package covers previously released patches. After upgrade, the firmware version remains unchanged, but the engine version is updated to 5.6.7.104.

New or Improved Functions in This Upgrade Package:
1. fix PHP multipart/form - data parsing head remote denial of service vulnerability

Notes:
1.When this upgrade package is applied to a device, the upgrade process does not affect configurations existing on the device.

发布时间:2015-05-22 16:33:10
名称: eoi.agentpatch.5.6.7.103.bin 版本:5.6.7.103
MD5:f59b8a3b4618edc00688b60dfdb124c9 大小:24.67M
描述:

本升级包为引擎升级包,支持在固件版本为5.6.7.56及以后,引擎版本为5.6.7.56及以后的所有标准版本(非定制版本)基础上进行升级。本升级包为全量升级包,升级后固件版本不变,引擎版本变更为5.6.7.103。
本升级包新增/改进功能:
1.增强外置bypass功能;
2.完善引擎的稳定性。

注意事项:
1.本升级包升级过程不会影响设备当前配置;
2.本升级包升级完成后会自动重启引擎,会导致通过设备的会话中断,请选择合适的时间进行设备升级。

This is an engine upgrade package, which can be used to perform upgrade based on standard (non-customized) devices with the firmware version of 5.6.7.56 and later and engine version of 5.6.7.56 and later. This upgrade package covers previously released patches. After upgrade, the firmware version remains unchanged, but the engine version is updated to 5.6.7.103.

New or Improved Functions in This Upgrade Package:
1. Enhance extern bypass function;
2. Improve engine stability.

Notes:
1.When this upgrade package is applied to a device, the upgrade process does not affect configurations existing on the device.
2.When the upgrade is completed, the engine automatically restarts, which will interrupt sessions going through the device. Please perform the upgrade at a appropriate time.

发布时间:2015-04-08 11:33:35
名称: eoi.agentpatch.5.6.7.101.bin 版本:5.6.7.101
MD5:2c9ddf94648ac4eb20b36eae5f8d2d20 大小:24.67M
描述:

本升级包为引擎升级包,支持在固件版本为5.6.7.56及以后,引擎版本为5.6.7.56及以后的所有标准版本(非定制版本)基础上进行升级。本升级包为全量升级包,升级后固件版本不变,引擎版本变更为5.6.7.101。
本升级包新增/改进功能:
1.更新对接口收发包,接口连接状态异常检测功能;
2.新增外置bypass自动回切功能。此功能生效需在界面配置外置bypass接口对,详见相关文档。

注意事项:
1.本升级包升级过程不会影响设备当前配置;
2.本升级包升级完成后会自动重启引擎,会导致通过设备的会话中断,请选择合适的时间进行设备升级。

This is an engine upgrade package, which can be used to perform upgrade based on standard (non-customized) devices with the firmware version of 5.6.7.56 and later and engine version of 5.6.7.56 and later. This upgrade package covers previously released patches. After upgrade, the firmware version remains unchanged, but the engine version is updated to 5.6.7.101.

New or Improved Functions in This Upgrade Package:
1. Implement interface packets sending/receving detection and external bypass switch feature.
2.Add extern bypass switch back to normal automatically.

Notes:
1.When this upgrade package is applied to a device, the upgrade process does not affect configurations existing on the device.
2.When the upgrade is completed, the engine automatically restarts, which will interrupt sessions going through the device. Please perform the upgrade at a appropriate time.

发布时间:2015-02-12 18:48:04
名称: eoi.agentpatch.5.6.7.98.bin 版本:5.6.7.98
MD5:8fa9a864ff7c082a9a61fcd0007538db 大小:24.66M
描述:

5.6.7.98引擎升级包

本升级包为引擎升级包,支持在固件版本为5.6.7.56及以后,引擎版本为5.6.7.56及以后的所有标准版本(非定制版本)基础上进行升级。本升级包为全量升级包,升级后固件版本不变,引擎版本变更为5.6.7.98。

本升级包新增/改进功能:
1.新增接口收发包检测和切换外置bypass功能:引擎升级成功后,如想此功能生效,需要手动配置与外置bypass交换机联动的接口对,并点击“应用”按钮生效,详见相关文档说明。
2.新增syslog安全日志开关
3.完善暴力猜测功能
4.修复如下Openssl漏洞:
- Openssl dtls1_get_record函数拒绝服务(CVE-2014-3571)
- Openssl DTLS内存泄漏漏洞(CVE-2015-0206)
- No-SSL3配置集方法空指针(CVE-2014-3569)
- ECDHE客户端协商降级ECDH (CVE-2014-3572)
- RSA客户端协商降级EXPORT_RSA(CVE-2015-0204)
- 服务器验证客户DH信息不全(CVE-2015-0205)
- 证书指纹可以被修改(CVE-2014-8275)
- BIGNUM平方可能会产生不正确的结果(CVE-2014-3570)

注意事项:
1.本升级包升级过程不会影响设备当前配置;
2.本升级包升级完成后会自动重启引擎,会导致通过设备的会话中断,请选择合适的时间进行设备升级;
3.本升级包升级完成后Apache进程会自动重启,需要手动刷新网页。

This is an engine upgrade package, which can be used to perform upgrade based on standard (non-customized) devices with the firmware version of 5.6.7.56 and later and engine version of 5.6.7.56 and later. This upgrade package covers previously released patches. After upgrade, the firmware version remains unchanged, but the engine version is updated to 5.6.7.98.

New or Improved Functions in This Upgrade Package:
1. Implement interface packets sending/receving detection and external bypass switch feature : To make this feature work after engine update, the user should configure the interface pair link to external bypass switch manually, then click the "Apply" button to take effect. Please refer to the documents for more information.
2. Implement security syslog switch
3. Improve the brute guess feature
4. Fixed following Openssl vulnerabilities:
- CVE-2014-3571:DTLS segmentation fault in dtls1_get_record
- CVE-2015-0206:DTLS memory leak in dtls1_buffer_record
- CVE-2014-3569:no-ssl3 configuration sets method to NULL
- CVE-2014-3572:ECDHE silently downgrades to ECDH [Client]
- CVE-2015-0204:RSA silently downgrades to EXPORT_RSA [Client]
- CVE-2015-0205:DH client certificates accepted without verification [Server]
- CVE-2014-8275:Certificate fingerprints can be modified
- CVE-2014-3570:Bignum squaring may produce incorrect results

Notes:
1. When this upgrade package is applied to a device, the upgrade process does not affect configurations existing on the device.
2. When the upgrade is completed, the engine automatically restarts, which will interrupt sessions going through the device. Please perform the upgrade at a appropriate time.
3. After the upgrade is completed, you need to manually refresh the webpage as Apache would restart automatically.

发布时间:2015-02-04 14:17:19
名称: eoi.agentpatch.5.6.7.93.bin 版本:5.6.7.93
MD5:e69dfbaa50f33a09f7d536eb3dd04d14 大小:24.57M
描述:

本升级包为引擎升级包,支持在固件版本为5.6.7.56及以后,引擎版本为5.6.7.56及以后的所有标准版本(非定制版本)基础上进行升级。本升级包为全量升级包,升级后固件版本不变,引擎版本变更为5.6.7.93。

本升级包新增/改进功能:
1.完善数通引擎在个别情况下不稳定问题
2.完善synflood、udpflood相关功能
3.完善对IE浏览器兼容性的支持
4.更新应用规则[50152]SOCKS代理访问操作

注意事项:
1.本升级包升级过程不会影响设备当前配置;
2.本升级包升级完成后会自动重启引擎,会导致通过设备的会话中断,请选择合适的时间进行设备升级;
3.本升级包升级完成后需要手动重启系统生效。

This is an engine upgrade package, which can be used to perform upgrade based on standard (non-customized) devices with the firmware version of 5.6.7.56 and later and engine version of 5.6.7.56 and later. This upgrade package covers previously released patches. After upgrade, the firmware version remains unchanged, but the engine version is updated to 5.6.7.93.

New or Improved Functions in This Upgrade Package:
1.Improve Datacom engine instability in individual cases;
2.Improve synflood, udpflood related functions
3.Improve the support for IE browser compatibility
4.Update application rules [50152] SOCKS proxy access operations

Notes:
1. When this upgrade package is applied to a device, the upgrade process does not affect configurations existing on the device.
2. When the upgrade is completed, the engine automatically restarts, which will interrupt sessions going through the device. Please perform the upgrade at a appropriate time.
3. After the upgrade is completed, you need to manually reboot the system to take effect.

发布时间:2014-10-27 17:24:36
名称: eoi.agentpatch.5.6.7.91.bin 版本:5.6.7.91
MD5:0f69983847b3bf2b4661a987065b2a26 大小:20.90M
描述:

本升级包为引擎升级包,支持在固件版本为5.6.7.56及以后,引擎版本为5.6.7.56及以后的所有标准版本(非定制版本)基础上进行升级。本升级包为全量升级包,升级后固件版本不变,引擎版本变更为5.6.7.91。

本升级包新增/改进功能:
1.修复bash环境变量远程命令执行漏洞(CVE-2014-7169)
2.修复bash环境变量远程命令执行漏洞(CVE-2014-6271)
3.修复SSL 3.0 POODLE攻击信息泄露漏洞(CVE-2014-3566)

注意事项:
1.本升级包升级过程不会影响设备当前任何配置;
2.本升级包升级完成后自动重启引擎生效,会导致通过设备的会话中断,请选择合适的时间进行设备升级;
3.本升级包升级完成后需要手动刷新WEB页面。

This is an engine upgrade package, which can be used to perform upgrade based on standard (non-customized) devices with the firmware version of 5.6.7.56 and
later and engine version of 5.6.7.56 and later. This upgrade package covers previously released patches. After upgrade, the firmware version remains unchanged, but the engine version is updated to 5.6.7.91.

New or Improved Functions in This Upgrade Package:
1.Fix of "remote code execution through bash(CVE-2014-6271)"
2.Fix of "remote code execution through bash(CVE-2014-7169)"
3.Fix of "POODLE attacks on SSLv3(CVE-2014-3566 )"

Notes:
1. When this upgrade package is applied to a device, the upgrade process does not affect any configurations existing on the device.
2. When the upgrade is completed, the engine automatically restarts, which will interrupt sessions going through the device. Please perform the upgrade at a appropriate time.
3. After the upgrade is completed, you need to manually refresh the web page of the web-based manager.

发布时间:2014-10-18 14:32:25
名称: eoi.agentpatch.5.6.7.85.bin 版本:5.6.7.85
MD5:f7047187f7fdcabf36bd023f2fec77a2 大小:19.88M
描述:

本升级包为引擎升级包,支持在固件版本为5.6.7.56及以后,引擎版本为5.6.7.56及以后的所有标准版本(非定制版本)基础上进行升级。本升级包为全量升级包,升级后固件版本不变,引擎版本变更为5.6.7.85。

该升级包新增/改进的功能有:
1.更新规则[20384]windows SMB暴力猜测用户口令;
2.更新规则[29001]web服务远程SQL注入攻击可疑行为;
3.更新规则[50048]IMAP服务用户弱口令认证;
4.更新规则[20207]Microsoft SQL Server xp_cmdshell存储过程执行命令攻击;
5.更新数通引擎。

注意事项:
1.本升级包升级过程不会影响设备当前任何配置;
2.本升级包升级完成后自动重启引擎生效,会导致通过设备的会话中断,请选择合适的时间进行设备升级;
3.本升级包升级完成后需要手动刷新WEB页面。



This is an engine upgrade package, which can be used to perform upgrade based on standard (non-customized) devices with the firmware version of 5.6.7.56 and
later and engine version of 5.6.7.56 and later. This upgrade package covers previously released patches. After upgrade, the firmware version remains unchanged, but the engine version is updated to 5.6.7.85.

New or Improved Functions in This Upgrade Package:
1.Update rule[20384]Windows SMB User Password Brute Force;
2.Update rule[29001]Web Service Remote SQL Injection Suspicious Behavior;
3.Update rule[50048]IMAP Service Weak User Password Authentication;
4.Update rule[20207]Microsoft SQL Server xp_cmdshell Stored Procedure Command Execution;
5.Update the datacom engine.

Notes:
1. When this upgrade package is applied to a device, the upgrade process does not affect any configurations existing on the device.
2. When the upgrade is completed, the engine automatically restarts, which will interrupt sessions going through the device. Please perform the upgrade at a appropriate time.
3. After the upgrade is completed, you need to manually refresh the web page of the web-based manager.

发布时间:2014-07-01 13:15:51
名称: eoi.agentpatch.5.6.7.84.bin 版本:5.6.7.84
MD5:ad0d238b633e183dc7f2fd784eb1ae20 大小:19.84M
描述:

本升级包为引擎升级包,支持在固件版本为5.6.7.56及以后,引擎版本为5.6.7.56及其以后的所有标准版本(非定制版本)基础上进行升级。本升级包为全量升级包,升级后固件版本不变,引擎版本变更为5.6.7.84。

本升级包新增/改进功能:
--修复OpenSSL SSL/TLS MITM 漏洞 (CVE-2014-0224)
--修复OpenSSL dtls1_get_message_fragment函数拒绝服务漏洞 (CVE-2014-0221)
--修复OpenSSL DTLS无效片段漏洞 (CVE-2014-0195)
--修复OpenSSL 'so_ssl3_write()'函数空指针间接引用拒绝服务漏洞(CVE-2014-0198)
--修复SSL_MODE_RELEASE_BUFFERS会话注入或拒绝服务漏洞(CVE-2010-5298)
--修复OpenSSL匿名ECDH拒绝服务漏洞 (CVE-2014-3470)

注意事项:
1.本升级包升级过程不会影响设备当前任何配置;
2.本升级包升级完成后自动重启引擎生效,会导致通过设备的会话中断,请选择合适的时间进行设备升级;
3.本升级包升级完成后需要手动刷新WEB页面。

This is an engine upgrade package, which can be used to perform upgrade based on standard (non-customized) devices with the firmware version of 5.6.7.56 and later and engine version of 5.6.7.56 and later. This upgrade package covers previously released patches. After upgrade, the firmware version remains unchanged, but the engine version is updated to 5.6.7.84.

New or Improved Functions in This Upgrade Package:
--Fix of "OpenSSL SSL/TLS MITM Vulnerability (CVE-2014-0224)"
--Fix of "OpenSSL dtls1_get_message_fragment Function Denial-of-Service Vulnerability (CVE-2014-0221)"
--Fix of "OpenSSL DTLS Invalid Fragment Vulnerability (CVE-2014-0224)"
--Fix of "OpenSSL 'so_ssl3_write()' Function NULL Pointer Indirect Dereference Denial-of-Service Vulnerability (CVE-2014-0198)"
--Fix of "SSL_MODE_RELEASE_BUFFERS Session Injection or Denial-of-Service Vulnerability (CVE-2010-5298)"
--Fix of "OpenSSL Anonymous ECDH Denial-of-Service Vulnerability (CVE-2014-3470)"

Notes:
1. When this upgrade package is applied to a device, the upgrade process does not affect any configurations existing on the device.
2. When the upgrade is completed, the engine automatically restarts, which will interrupt sessions going through the device. Please perform the upgrade at a appropriate time.
3. After the upgrade is completed, you need to manually refresh the web page of the web-based manager.

发布时间:2014-06-12 14:54:01
名称: eoi.agentpatch.5.6.7.79.bin 版本:5.6.7.79
MD5:f5c975aa905d358e4d48a2525f2bd63d 大小:18.79M
描述:

固件依赖:5.6.7.56或以上
完善数通引擎;
完善首页时区显示。


Firmware dependence:5.6.7.56 or above
Enhancement in datacom engine;
Improvement of time zone display on the Home Page.

发布时间:2014-04-16 16:46:06
名称: eoi.agentpatch.5.6.7.78.bin 版本:5.6.7.78
MD5:6e30f5f5a516581791f363aceeb5ed0b 大小:18.78M
描述:

固件依赖:5.6.7.56或以上

增强应用识别功能;
增强URL过滤功能;
增强WEB信誉功能;
增强日志功能;
增强自动升级功能;
增强TDS协议解码;
WEB优化。



Firmware dependence:5.6.7.56 or above
Enhancement in application identification;
Refinement in URL filtering;
Promotion in Web reputation;
Enrichment in the log system;
Improving the ability of updating automatically;
Improvement of TDS protocol decoding;
Improvement in Web optimization.

发布时间:2013-12-10 17:27:50
名称: eoi.agentpatch.5.6.7.74.bin 版本:5.6.7.74
MD5:436dccf4c71847f51151c781c3b5fb07 大小:19.70M
描述:

固件依赖:5.6.7.56或以上
完善ip协议解码
完善udp协议解码
完善Bypass功能(需要掉电重启生效)。



Firmware dependence:5.6.7.56 or above
Improvement of IP protocol decoding
Improvement of UDP protocol decoding
Improve the performance of Bypass(taking effect by power-outage restart)

发布时间:2013-07-08 13:18:32
名称: eoi.agentpatch.5.6.7.67.bin 版本:5.6.7.67
MD5:dd4b7c298920c3e656b07e3b8cb727d1 大小:24.03M
描述:

固件依赖:5.6.7.56
新增规则[22501]Webmin /file/show.cgi远程命令执行漏洞;
新增规则[22592]Apache Tomcat FORM身份验证安全绕过漏洞;
新增规则[22599]OracleMySQL/MariaDB acl_get()和check_grant_db_routine()函数缓冲区溢出漏洞;
完善在线升级功能;
完善ddos日志传输功能;
完善FTP告警功能;
完善Bypass功能(更换证书后需要掉电重启, bypass才能生效)。

Firmware dependence:5.6.7.56
Add rule[22501]The Webmin /file/show.cgi Remote Command Execution Vulnerability;
Add rule[22501]Apache Tomcat FORM Security Bypass;
Add rule[22599]OracleMySQL/MariaDB acl_get() and check_grant_db_routine() function buffer overflow vulnerability;
Improve the online upgrade function;
Improve the DDOS log transmission function;
Improve the FTP alarm function;
Improve the performance of Bypass(Cut off the power and reboot if the certificate is replaced).

发布时间:2013-04-18 17:07:27
名称: eoi.agentpatch.5.6.7.62.bin 版本:5.6.7.62
MD5:ecd4c56710a78a3de8d2f7b1c1317459 大小:18.50M
描述:

新增 [22525] Microsoft MPEG Layer-3 Audio Stack Based溢出漏洞
新增 [22526] NetSupport Manager Agent远程缓冲区溢出漏洞
新增 [30582] H3C及Huawei SNMP访问控制信息泄露漏洞
新增 [30581] Apache HTTP Expect头选项跨站脚本执行漏洞
新增 [22586] CA ARCserve Backup RPC Services RPC 服务崩溃漏洞
新增 [22587] CA ARCserve Backup RPC Services RPC请求任意代码执行漏洞
更新 [29001] WEB服务远程SQL注入攻击可疑行为
更新 [21125] Microsoft Word RTF文件解析栈溢出漏洞
更新 [20651] Microsoft Windows Server服务远程缓冲区溢出攻击
更新 [20903] 雅虎通Webcam Upload ActiveX控件远程栈溢出攻击
更新 [50212] FLV视频文件在线流媒体播放
更新 [20608] Barracuda img.pl远程命令执行攻击
更新 [20593] MySQL MaxDB HTTP GET请求远程缓冲区溢出攻击
更新 [20596] ISS RealSecure/BlackICE协议分析模块ICQ应答处理缓冲区攻击
更新 [21620] Microsoft Word畸形对象指针内存破坏漏洞(MS06-027)
更新 [20925] Asterisk SIP T.38 SDP解析远程栈溢出攻击
更新 [20913] Apple QuickTime RTSP响应头远程栈溢出攻击
更新 [20564] Veritas NetBackup卷管理器守护程序溢出攻击
更新 [20624] Novell ZENworks Desktop/Server管理远程缓冲区溢出攻击
更新 [20553] Microsoft Windows MSDTC写任意内存地址攻击
更新 [20552] MailEnable IMAPD W3C Logging缓冲区溢出漏洞
更新 [20316] FTP服务器长路径名缓冲区溢出攻击
更新 [40800] WinZip FileView ActiveX控件远程栈溢出攻击
更新 [20636] Veritas Backup Exec Remote Agent for Windows CONNECT_CLIENT_AUTH远程缓冲区溢出攻击
更新 [50175] 股票行情分析操作软件龙卷风用户登录
更新 [20948] McAfee E-Business Server预认证远程代码执行攻击
更新 [20941] IBM Lotus Domino Web Access上传模块ActiveX控件栈溢出攻击
更新 [20546] XML-RPC for PHP远程代码注入漏洞
更新 [30234] Traceroute ICMP/IPOPT探测网络拓扑操作
更新 [20801] CA Brightstor Backup Mediasvr.exe远程指令执行攻击
更新 [20974] Microsoft IE对象处理内存破坏攻击
更新 [30040] 端口扫描器Nmap PING操作
更新 [10108] Microsoft Windows 2000 RPC DCOM接口拒绝服务攻击
更新 [20680] Ipswitch IMail SMTP Server畸形参数缓冲区溢出攻击
更新 [30448] Cisco IOS ILMI SNMP共同体串访问
更新 [50104] 网络游戏大话西游客户端连接服务器
更新 [40297] 通过Web服务利用"../"串遍历目录攻击
更新 [20538] RSA SecurID Web Agent for IIS ISAPI远程缓冲区溢出攻击
更新 [22519] Quick FTP Pro 2.1 Transfer-Mode溢出漏洞
更新 [50454] ptunnel连接
增强IPv6支持
增强低端平台的日志传输性能

Add [22525] Microsoft MPEG Layer-3 Audio Stack Based Overflow Vulnerability
Add [22526] NetSupport Manager Agent Remote Buffer Overflow Vulnerability
Add [22586] CA ARCserve Backup RPC Services RPC service crash vulnerability
Add [30582] HP/H3C and Huawei SNMP Weak Access to Critical Data
Add [30581] Apache httpd Expect header Cross-Site Scripting Vulnerabilitie
Add [22586] CA ARCserve Backup RPC Services RPC service crash vulnerability
Add [22587] CA ARCserve Backup RPC Services RPC arbitrary code execution vulnerability
Update [29001] WEB Service Remote SQL Injection Suspicious Behavior
Update [21125] Microsoft Word RTF File Parsing Stack Buffer Overflow Vulnerability
Update [20651] Microsoft Windows Server Service Remote Buffer Overflow
Update [20903] Yahoo! Messenger Webcam Upload ActiveX Control Remote Stack Overflow
Update [50212] FLV Video File Online Streaming Media Playing
Update [20608] Barracuda img.pl Remote Code Execution
Update [20593] MySQL MaxDB HTTP GET Request Remote Buffer Overflow
Update [20596] ISS RealSecure/BlackICE Protocol Analysis Module ICQ Response Handling Buffer Overflow
Update [21620] Microsoft Word malformed object pointer memory corruption vulnerability(MS06-027)
Update [20925] Asterisk SIP T.38 SDP Remote Stack Overflow Attack
Update [20913] Apple QuickTime RTSP Response Header Remote Stack Overflow
Update [20564] Veritas NetBackup Volume Manager Daemon Buffer Overflow
Update [20624] Novell ZENworks Desktop/Server Management Remote Buffer Overflow
Update [20553] Microsoft Windows MSDTC Arbitrary Memory Address Overwriting
Update [20552] MailEnable IMAPD W3C Logging Buffer Overflow Vulnerability
Update [20316] FTP Server Long Path Name Buffer Overflow
Update [40800] WinZip FileView ActiveX Control Remote Stack Overflow
Update [20636] Veritas Backup Exec Remote Agent for Windows CONNECT_CLIENT_AUTH Remote Buffer Overflow
Update [50175] Stock Market Analysis Software Tornado User Login
Update [20948] McAfee E-Business Server Pre-authentication Remote Code Execution
Update [20941] IBM Lotus Domino Web Access ActiveX Control Stack Overflow Attack
Update [20546] XML-RPC for PHP Remote Code Injection Vulnerability
Update [30234] Traceroute ICMP/IPOPT Network Topology Detection
Update [20801] CA Brightstor Backup Mediasvr.exe Remote Code Execution
Update [20974] Microsoft Internet Explorer XML Handling Remote Code Execution Attack
Update [30040] Port Scanner Nmap PING Operation
Update [10108] Microsoft Windows 2000 RPC DCOM Interface Denial of Service
Update [20680] Ipswitch IMail SMTP Server Malformed Parameter Buffer Overflow
Update [30448] Cisco IOS ILMI SNMP Community String
Update [50104] Connection from Client to Server of Online Game "Dahuaxiyou"
Update [40297] "../" String Directory Traversal via Web Service
Update [20538] RSA SecurID Web Agent for IIS ISAPI Remote Buffer Overflow
Update [22519] Quick FTP Pro 2.1 Transfer-Mode Overflow Vulnerability
Update [50454] ptunnel Connect
Improve IPv6 support
Improve the performance of log transmission in N300 platform

发布时间:2012-12-20 17:42:44
名称: eoi.agentpatch.5.6.7.39.bin 版本:5.6.7.39
MD5:ca25999dbb84d0f10610aa6dc3396117 大小:23.95M
描述:

修复特定情况下稳定性问题
修复设备系统指示灯显示问题
修复恶意站点库自动升级异常问题
修复规则升级包自动升级异常问题
界面显示加入新的诊断信息

Fix stability problems in certain circumstances
Fix the display problem of device status indicator
Fix the problems of malicious site library automatically upgrades
Fix the problems of rules automatically upgrades
Add a new diagnostic information

发布时间:2012-08-30 17:34:03