Trustwave Web Application Firewall Signature Update 4.39 Now Available

We've just released a new version (4.39) of Corsigs for users of Trustwave Web Application Firewall (WAF) version 7.0. These new rules help protect customer applications against malicious traffic targeting the vulnerabilities listed below.

Release Summary

  • Joomla SQL Injection (CVE-2015-7857)

    This vulnerability can be exploited on Joomla, versions 3.2 through version 3.4.4. An unfiltered input parameter of user in Joomla can cause execution of arbitrary SQL statements, supplied by the attacker.

  • Improvements to 4 rules in earlier versions of CorSigs

How to Update

No action is required of customers that run version 7.0 of Trustwave Web Application Firewall and subscribe to the online update feature. Their deployments will receive the update automatically.

Note that even if blocking actions are defined for a protected site, simulation mode for these rules is ON by default so that site managers can inspect the impact of new rules before actually blocking relevant traffic. If you would like to activate blocking actions for this rule, you need to update the Actions for this signature in the Policy Manager.

Trustwave reserves the right to review all comments in the discussion below. Please note that for security and other reasons, we may not approve comments containing links.