We've just released a new version (4.42) of Corsigs for users of Trustwave Web Application Firewall (WAF) version 7.0. These new rules help protect users' web applications against malicious traffic targeting the vulnerabilities listed below.
- Blind SQL Injection WordPress RSS Multi Importer 3.15
This signature covers a severe vulnerability discovered in WordPress's RSS Multi Importer Plugin that lets remote authenticated users the ability to execute arbitrary SQL commands.
- Reflected XSS WordPress RSS Multi Importer 3.15
- Java Key Store Password Disclosure
A vulnerability was found in JVM platforms that could allow an unauthenticated, remote attacker to obtain administrative privileged access to the web interface of the affected device.
- GlassFish Server Local File Inclusion
A vulnerability in Glassfish Server Open Source Edition 3.0.1 (build 22) makes it possible to include arbitrary files on the server.
How to Update
No action is required of customers that run version 7.0 of Trustwave Web Application Firewall and subscribe to the online update feature. Their deployments will receive the update automatically.
Note that even if blocking actions are defined for a protected site, simulation mode for these rules is ON by default so that site managers can inspect the impact of new rules before actually blocking relevant traffic. If you would like to activate blocking actions for this rule, you need to update the Actions for this signature in the Policy Manager.