A new policy (baseline version 201911051452) for Pulse vWAF is now available. In this baseline update, we have refined an existing rule to reduce false positives in the Remote File Inclusion handler. Change log: Modified: Refine original rule to permit "Save-Data" headers, while trapping "data:" headers You can download this baseline update direct to Pulse vWAF in the usual way via the portal, or else install this update manually if your Pulse vWAF is isolated from external network connection. ... View more

A new policy (baseline version 201809110525) for Pulse vWAF is now available. In this baseline update, we have updated and extended an existing rule for PHP remote file inclusion. This rule was originally intended to validate both headers and parameters of HTTP traffic, but in some circumstances, it might trap permitted HTTP headers. Change log: Modified: Change original rule to apply only to validate HTTP traffic Added: Create a new rule to check HTTP headers for PHP remote file inclusion attacks. This rule protects against PHP remote file inclusion and allows well-formed URLs. You can download this baseline update direct to Pulse vWAF in the usual way via the portal, or else install this update manually if your Pulse vWAF is isolated from external network connection.   ... View more

  A new policy (baseline version 201805080540) for the Virtual Web Application Firewall is now available. Change log:   Added: Java Remote Code Execution using remote classloading   This is a new rule added in this baseline update: there are a number of ways in which attackers can execute malicious code using Java commands including java.lang.ProcessBuilder or java.net.URLClassLoader, resulting in remote code execution.   You can configure your Pulse vWAF to download and update this baseline update automatically, or else there is a zip archive attached to this message which contains this policy. The archive needs to be extracted before it can be uploaded to the WAF (either via web UI or REST API).   For more information: For more information, please refer to the release notes, available on the download portal. A complete set of user documentation is also available on http://pulsesecure.net/techpubs.    ... View more

A new policy (baseline version 201709220727) for the Virtual Web Application Firewall is now available. Change log: Added: Remote command execution via java.lang.ProcessBuilder There is a zip archive attached to this message which contains this policy. The archive needs to be extracted before it can be uploaded to the WAF (either via web UI or REST API). The download in the product is available with a short delay. ... View more

A new policy (baseline version 201706081942) for the Virtual Web Application Firewall is now available. Change log: Changed: bash injection CVE-2014-6271 and CVE-2014-7169 - Reason: Refine "protection against bash injection" rule to also match if there is no whitespace. Changed: access UNIX system paths - Reason: Also match on header values Changed: execution of shell commands and script interpreters - Reason: Also match on header values Changed: drop statement - Reason: Also match on header values Changed: remote file inclusion - Reason: Also match on header values There is a zip archive attached to this message which contains this policy. The archive needs to be extracted before it can be uploaded to the WAF (either via web UI or REST API). The download in the product is available with a short delay. ... View more

A new policy (baseline version 201705040916) for the Virtual Web Application Firewall is now available. Change log: Added: PHP code injection The download in the product is available with a short delay. ... View more

A new policy (baseline version 201611100932) for the Virtual Web Application Firewall is now available. Change log: Changed: replace statement - Reason: Tag this rule as MySQL extension Changed: remote file inclusion - Reason: optimize rule Changed: XSS via CSS expression - Reason: optimize pattern The download in the product is available with a short delay. ... View more

A new policy (baseline version 201608180911) for the Virtual Web Application Firewall is now available. Change log: Changed: XSS via STYLE tag - Reason: normalize rule Changed: HTML tag with href attribute - Reason: enhance rule Changed: XSS via LINK tag - Reason: normalize rule Changed: HTML tag with rel attribute - Reason: enhance rule Changed: XSS via OBJECT tag - Reason: normalize rule Changed: Detects <A HREF Link injection tricks - Reason: normalize rule Changed: Catch IFRAME injections - Reason: normalize rule Changed: XSS via BODY tag - Reason: fix rule Changed: XSS via TABLE tag - Reason: normalize rule Changed: XSS via DIV tag - Reason: normalize rule Changed: XSS via META tag - Reason: normalize rule The download in the product is available with a short delay. ... View more

A new policy (baseline version 201607280841) for the Virtual Web Application Firewall is now available. Change log: Added: HTTP Proxy Header attack The download in the product is available with a short delay. ... View more