cancel
Showing results for 
Search instead for 
Did you mean: 

Pulse vWAF Updates

Top Contributors
Sort by:
I have created this new space to hold baseline updates for the Pulse Virtual Web Application Firewall.   If you have Pulse vWAF installed, then the software will be able to download regular baseline updates automatically. However, some customers prefer to download manually and hold a local copy of the baseline updates: so this space is used to upload occasional baseline updates for offline access.  
View full article
A new policy (baseline version 201709220727) for the Virtual Web Application Firewall is now available. Change log: Added: Remote command execution via java.lang.ProcessBuilder There is a zip archive attached to this message which contains this policy. The archive needs to be extracted before it can be uploaded to the WAF (either via web UI or REST API). The download in the product is available with a short delay.
View full article
A new policy (baseline version 201706081942) for the Virtual Web Application Firewall is now available. Change log: Changed: bash injection CVE-2014-6271 and CVE-2014-7169 - Reason: Refine "protection against bash injection" rule to also match if there is no whitespace. Changed: access UNIX system paths - Reason: Also match on header values Changed: execution of shell commands and script interpreters - Reason: Also match on header values Changed: drop statement - Reason: Also match on header values Changed: remote file inclusion - Reason: Also match on header values There is a zip archive attached to this message which contains this policy. The archive needs to be extracted before it can be uploaded to the WAF (either via web UI or REST API). The download in the product is available with a short delay.
View full article
A new policy (baseline version 201705040916) for the Virtual Web Application Firewall is now available. Change log: Added: PHP code injection The download in the product is available with a short delay.
View full article
A new policy (baseline version 201611100932) for the Virtual Web Application Firewall is now available. Change log: Changed: replace statement - Reason: Tag this rule as MySQL extension Changed: remote file inclusion - Reason: optimize rule Changed: XSS via CSS expression - Reason: optimize pattern The download in the product is available with a short delay.
View full article
A new policy (baseline version 201608180911) for the Virtual Web Application Firewall is now available. Change log: Changed: XSS via STYLE tag - Reason: normalize rule Changed: HTML tag with href attribute - Reason: enhance rule Changed: XSS via LINK tag - Reason: normalize rule Changed: HTML tag with rel attribute - Reason: enhance rule Changed: XSS via OBJECT tag - Reason: normalize rule Changed: Detects <A HREF Link injection tricks - Reason: normalize rule Changed: Catch IFRAME injections - Reason: normalize rule Changed: XSS via BODY tag - Reason: fix rule Changed: XSS via TABLE tag - Reason: normalize rule Changed: XSS via DIV tag - Reason: normalize rule Changed: XSS via META tag - Reason: normalize rule The download in the product is available with a short delay.
View full article
A new policy (baseline version 201607280841) for the Virtual Web Application Firewall is now available. Change log: Added: HTTP Proxy Header attack The download in the product is available with a short delay.
View full article