From ab24a20faf28156f0495b0c07f2ff37860a3defe Mon Sep 17 00:00:00 2001 From: Chaim Sanders Date: Sun, 11 Nov 2018 19:26:13 -0800 Subject: [PATCH] v3.1-rc2 changes --- CHANGES | 12 +++++++++++- rules/REQUEST-901-INITIALIZATION.conf | 2 +- rules/REQUEST-903.9001-DRUPAL-EXCLUSION-RULES.conf | 2 +- .../REQUEST-903.9002-WORDPRESS-EXCLUSION-RULES.conf | 2 +- rules/REQUEST-905-COMMON-EXCEPTIONS.conf | 2 +- rules/REQUEST-910-IP-REPUTATION.conf | 2 +- rules/REQUEST-911-METHOD-ENFORCEMENT.conf | 2 +- rules/REQUEST-912-DOS-PROTECTION.conf | 2 +- rules/REQUEST-913-SCANNER-DETECTION.conf | 2 +- rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf | 2 +- rules/REQUEST-921-PROTOCOL-ATTACK.conf | 2 +- rules/REQUEST-930-APPLICATION-ATTACK-LFI.conf | 2 +- rules/REQUEST-931-APPLICATION-ATTACK-RFI.conf | 2 +- rules/REQUEST-932-APPLICATION-ATTACK-RCE.conf | 2 +- rules/REQUEST-933-APPLICATION-ATTACK-PHP.conf | 2 +- rules/REQUEST-941-APPLICATION-ATTACK-XSS.conf | 2 +- rules/REQUEST-942-APPLICATION-ATTACK-SQLI.conf | 2 +- ...UEST-943-APPLICATION-ATTACK-SESSION-FIXATION.conf | 2 +- rules/REQUEST-949-BLOCKING-EVALUATION.conf | 2 +- rules/RESPONSE-950-DATA-LEAKAGES.conf | 2 +- rules/RESPONSE-951-DATA-LEAKAGES-SQL.conf | 2 +- rules/RESPONSE-952-DATA-LEAKAGES-JAVA.conf | 2 +- rules/RESPONSE-953-DATA-LEAKAGES-PHP.conf | 2 +- rules/RESPONSE-954-DATA-LEAKAGES-IIS.conf | 2 +- rules/RESPONSE-959-BLOCKING-EVALUATION.conf | 2 +- rules/RESPONSE-980-CORRELATION.conf | 2 +- 26 files changed, 36 insertions(+), 26 deletions(-) diff --git a/CHANGES b/CHANGES index df9b46466..2d6f0e80b 100644 --- a/CHANGES +++ b/CHANGES @@ -6,10 +6,20 @@ * https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set == Version 3.1.0 - 8/7/2018 == - + * Add Detectify scanner (theMiddle) + * Renaming matched_var/s (Victor Hora) + * Remove lines with bare '#' comment char (Walter Hop) + * Drop the XML variable from rule 932190 (Federico G. Schwindt) + * Update outdated URLs (Walter Hop) + * remove unused rule 901180 (Walter Hop) + * Drop exit from unix and windows RCE (Federico G. Schwindt) + * Fix anomaly_score counters (Federico G. Schwindt) + * Remove mostly redundant 944220 in favor of 944240 (Christian Folini) * Add self[ and document[ to rule 941180 (theMiddle) * Provide proxy support within CRS docker image (Scott O'Neil) * Prevent bypass in rule 930120 PL3 (theMiddle) + * Fix small typo in variable (Felipe Zipitría) + * Fix bug #1166 in Docker image (Franziska Bühler) * Remove revision status from rules (Federico G. Schwindt) * Add template for issues (Federico G. Schwindt) * Correct failing travis tests in merge situations (Federico G. Schwindt) diff --git a/rules/REQUEST-901-INITIALIZATION.conf b/rules/REQUEST-901-INITIALIZATION.conf index 2fa3841c5..94629abe7 100644 --- a/rules/REQUEST-901-INITIALIZATION.conf +++ b/rules/REQUEST-901-INITIALIZATION.conf @@ -1,6 +1,6 @@ # ------------------------------------------------------------------------ # OWASP ModSecurity Core Rule Set ver.3.1.0 -# Copyright (c) 2006-2017 Trustwave and contributors. All rights reserved. +# Copyright (c) 2006-2018 Trustwave and contributors. All rights reserved. # # The OWASP ModSecurity Core Rule Set is distributed under # Apache Software License (ASL) version 2 diff --git a/rules/REQUEST-903.9001-DRUPAL-EXCLUSION-RULES.conf b/rules/REQUEST-903.9001-DRUPAL-EXCLUSION-RULES.conf index f44c90ee2..f478ed7d4 100644 --- a/rules/REQUEST-903.9001-DRUPAL-EXCLUSION-RULES.conf +++ b/rules/REQUEST-903.9001-DRUPAL-EXCLUSION-RULES.conf @@ -1,6 +1,6 @@ # ------------------------------------------------------------------------ # OWASP ModSecurity Core Rule Set ver.3.1.0 -# Copyright (c) 2006-2017 Trustwave and contributors. All rights reserved. +# Copyright (c) 2006-2018 Trustwave and contributors. All rights reserved. # # The OWASP ModSecurity Core Rule Set is distributed under # Apache Software License (ASL) version 2 diff --git a/rules/REQUEST-903.9002-WORDPRESS-EXCLUSION-RULES.conf b/rules/REQUEST-903.9002-WORDPRESS-EXCLUSION-RULES.conf index 2f42b7e85..5e3934af6 100644 --- a/rules/REQUEST-903.9002-WORDPRESS-EXCLUSION-RULES.conf +++ b/rules/REQUEST-903.9002-WORDPRESS-EXCLUSION-RULES.conf @@ -1,6 +1,6 @@ # ------------------------------------------------------------------------ # OWASP ModSecurity Core Rule Set ver.3.1.0 -# Copyright (c) 2006-2017 Trustwave and contributors. All rights reserved. +# Copyright (c) 2006-2018 Trustwave and contributors. All rights reserved. # # The OWASP ModSecurity Core Rule Set is distributed under # Apache Software License (ASL) version 2 diff --git a/rules/REQUEST-905-COMMON-EXCEPTIONS.conf b/rules/REQUEST-905-COMMON-EXCEPTIONS.conf index f5def5e38..04ab90101 100644 --- a/rules/REQUEST-905-COMMON-EXCEPTIONS.conf +++ b/rules/REQUEST-905-COMMON-EXCEPTIONS.conf @@ -1,6 +1,6 @@ # ------------------------------------------------------------------------ # OWASP ModSecurity Core Rule Set ver.3.1.0 -# Copyright (c) 2006-2017 Trustwave and contributors. All rights reserved. +# Copyright (c) 2006-2018 Trustwave and contributors. All rights reserved. # # The OWASP ModSecurity Core Rule Set is distributed under # Apache Software License (ASL) version 2 diff --git a/rules/REQUEST-910-IP-REPUTATION.conf b/rules/REQUEST-910-IP-REPUTATION.conf index 044d0ca93..917b7ae23 100644 --- a/rules/REQUEST-910-IP-REPUTATION.conf +++ b/rules/REQUEST-910-IP-REPUTATION.conf @@ -1,6 +1,6 @@ # ------------------------------------------------------------------------ # OWASP ModSecurity Core Rule Set ver.3.1.0 -# Copyright (c) 2006-2017 Trustwave and contributors. All rights reserved. +# Copyright (c) 2006-2018 Trustwave and contributors. All rights reserved. # # The OWASP ModSecurity Core Rule Set is distributed under # Apache Software License (ASL) version 2 diff --git a/rules/REQUEST-911-METHOD-ENFORCEMENT.conf b/rules/REQUEST-911-METHOD-ENFORCEMENT.conf index 8d7570d3c..d90f50af4 100644 --- a/rules/REQUEST-911-METHOD-ENFORCEMENT.conf +++ b/rules/REQUEST-911-METHOD-ENFORCEMENT.conf @@ -1,6 +1,6 @@ # ------------------------------------------------------------------------ # OWASP ModSecurity Core Rule Set ver.3.1.0 -# Copyright (c) 2006-2017 Trustwave and contributors. All rights reserved. +# Copyright (c) 2006-2018 Trustwave and contributors. All rights reserved. # # The OWASP ModSecurity Core Rule Set is distributed under # Apache Software License (ASL) version 2 diff --git a/rules/REQUEST-912-DOS-PROTECTION.conf b/rules/REQUEST-912-DOS-PROTECTION.conf index b4b35bfd3..cdbbfe4a4 100644 --- a/rules/REQUEST-912-DOS-PROTECTION.conf +++ b/rules/REQUEST-912-DOS-PROTECTION.conf @@ -1,6 +1,6 @@ # ------------------------------------------------------------------------ # OWASP ModSecurity Core Rule Set ver.3.1.0 -# Copyright (c) 2006-2017 Trustwave and contributors. All rights reserved. +# Copyright (c) 2006-2018 Trustwave and contributors. All rights reserved. # # The OWASP ModSecurity Core Rule Set is distributed under # Apache Software License (ASL) version 2 diff --git a/rules/REQUEST-913-SCANNER-DETECTION.conf b/rules/REQUEST-913-SCANNER-DETECTION.conf index 5930916da..a33761a56 100644 --- a/rules/REQUEST-913-SCANNER-DETECTION.conf +++ b/rules/REQUEST-913-SCANNER-DETECTION.conf @@ -1,6 +1,6 @@ # ------------------------------------------------------------------------ # OWASP ModSecurity Core Rule Set ver.3.1.0 -# Copyright (c) 2006-2017 Trustwave and contributors. All rights reserved. +# Copyright (c) 2006-2018 Trustwave and contributors. All rights reserved. # # The OWASP ModSecurity Core Rule Set is distributed under # Apache Software License (ASL) version 2 diff --git a/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf b/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf index 3f4f65491..ce56d2b97 100644 --- a/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf +++ b/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf @@ -1,6 +1,6 @@ # ------------------------------------------------------------------------ # OWASP ModSecurity Core Rule Set ver.3.1.0 -# Copyright (c) 2006-2017 Trustwave and contributors. All rights reserved. +# Copyright (c) 2006-2018 Trustwave and contributors. All rights reserved. # # The OWASP ModSecurity Core Rule Set is distributed under # Apache Software License (ASL) version 2 diff --git a/rules/REQUEST-921-PROTOCOL-ATTACK.conf b/rules/REQUEST-921-PROTOCOL-ATTACK.conf index 7c1eed9de..015f06b9a 100644 --- a/rules/REQUEST-921-PROTOCOL-ATTACK.conf +++ b/rules/REQUEST-921-PROTOCOL-ATTACK.conf @@ -1,6 +1,6 @@ # ------------------------------------------------------------------------ # OWASP ModSecurity Core Rule Set ver.3.1.0 -# Copyright (c) 2006-2017 Trustwave and contributors. All rights reserved. +# Copyright (c) 2006-2018 Trustwave and contributors. All rights reserved. # # The OWASP ModSecurity Core Rule Set is distributed under # Apache Software License (ASL) version 2 diff --git a/rules/REQUEST-930-APPLICATION-ATTACK-LFI.conf b/rules/REQUEST-930-APPLICATION-ATTACK-LFI.conf index 41b5d6797..c5a4dade5 100644 --- a/rules/REQUEST-930-APPLICATION-ATTACK-LFI.conf +++ b/rules/REQUEST-930-APPLICATION-ATTACK-LFI.conf @@ -1,6 +1,6 @@ # ------------------------------------------------------------------------ # OWASP ModSecurity Core Rule Set ver.3.1.0 -# Copyright (c) 2006-2017 Trustwave and contributors. All rights reserved. +# Copyright (c) 2006-2018 Trustwave and contributors. All rights reserved. # # The OWASP ModSecurity Core Rule Set is distributed under # Apache Software License (ASL) version 2 diff --git a/rules/REQUEST-931-APPLICATION-ATTACK-RFI.conf b/rules/REQUEST-931-APPLICATION-ATTACK-RFI.conf index 44c62190e..1137394b2 100644 --- a/rules/REQUEST-931-APPLICATION-ATTACK-RFI.conf +++ b/rules/REQUEST-931-APPLICATION-ATTACK-RFI.conf @@ -1,6 +1,6 @@ # ------------------------------------------------------------------------ # OWASP ModSecurity Core Rule Set ver.3.1.0 -# Copyright (c) 2006-2017 Trustwave and contributors. All rights reserved. +# Copyright (c) 2006-2018 Trustwave and contributors. All rights reserved. # # The OWASP ModSecurity Core Rule Set is distributed under # Apache Software License (ASL) version 2 diff --git a/rules/REQUEST-932-APPLICATION-ATTACK-RCE.conf b/rules/REQUEST-932-APPLICATION-ATTACK-RCE.conf index bf337fc58..7f4375db0 100644 --- a/rules/REQUEST-932-APPLICATION-ATTACK-RCE.conf +++ b/rules/REQUEST-932-APPLICATION-ATTACK-RCE.conf @@ -1,6 +1,6 @@ # ------------------------------------------------------------------------ # OWASP ModSecurity Core Rule Set ver.3.1.0 -# Copyright (c) 2006-2017 Trustwave and contributors. All rights reserved. +# Copyright (c) 2006-2018 Trustwave and contributors. All rights reserved. # # The OWASP ModSecurity Core Rule Set is distributed under # Apache Software License (ASL) version 2 diff --git a/rules/REQUEST-933-APPLICATION-ATTACK-PHP.conf b/rules/REQUEST-933-APPLICATION-ATTACK-PHP.conf index 11fcef585..14648acd0 100644 --- a/rules/REQUEST-933-APPLICATION-ATTACK-PHP.conf +++ b/rules/REQUEST-933-APPLICATION-ATTACK-PHP.conf @@ -1,6 +1,6 @@ # ------------------------------------------------------------------------ # OWASP ModSecurity Core Rule Set ver.3.1.0 -# Copyright (c) 2006-2017 Trustwave and contributors. All rights reserved. +# Copyright (c) 2006-2018 Trustwave and contributors. All rights reserved. # # The OWASP ModSecurity Core Rule Set is distributed under # Apache Software License (ASL) version 2 diff --git a/rules/REQUEST-941-APPLICATION-ATTACK-XSS.conf b/rules/REQUEST-941-APPLICATION-ATTACK-XSS.conf index 4fb33f072..2976f019a 100644 --- a/rules/REQUEST-941-APPLICATION-ATTACK-XSS.conf +++ b/rules/REQUEST-941-APPLICATION-ATTACK-XSS.conf @@ -1,6 +1,6 @@ # ------------------------------------------------------------------------ # OWASP ModSecurity Core Rule Set ver.3.1.0 -# Copyright (c) 2006-2017 Trustwave and contributors. All rights reserved. +# Copyright (c) 2006-2018 Trustwave and contributors. All rights reserved. # # The OWASP ModSecurity Core Rule Set is distributed under # Apache Software License (ASL) version 2 diff --git a/rules/REQUEST-942-APPLICATION-ATTACK-SQLI.conf b/rules/REQUEST-942-APPLICATION-ATTACK-SQLI.conf index 4e8be129d..3c154e225 100644 --- a/rules/REQUEST-942-APPLICATION-ATTACK-SQLI.conf +++ b/rules/REQUEST-942-APPLICATION-ATTACK-SQLI.conf @@ -1,6 +1,6 @@ # ------------------------------------------------------------------------ # OWASP ModSecurity Core Rule Set ver.3.1.0 -# Copyright (c) 2006-2017 Trustwave and contributors. All rights reserved. +# Copyright (c) 2006-2018 Trustwave and contributors. All rights reserved. # # The OWASP ModSecurity Core Rule Set is distributed under # Apache Software License (ASL) version 2 diff --git a/rules/REQUEST-943-APPLICATION-ATTACK-SESSION-FIXATION.conf b/rules/REQUEST-943-APPLICATION-ATTACK-SESSION-FIXATION.conf index 5cdf9da4f..31b870c5b 100644 --- a/rules/REQUEST-943-APPLICATION-ATTACK-SESSION-FIXATION.conf +++ b/rules/REQUEST-943-APPLICATION-ATTACK-SESSION-FIXATION.conf @@ -1,6 +1,6 @@ # ------------------------------------------------------------------------ # OWASP ModSecurity Core Rule Set ver.3.1.0 -# Copyright (c) 2006-2017 Trustwave and contributors. All rights reserved. +# Copyright (c) 2006-2018 Trustwave and contributors. All rights reserved. # # The OWASP ModSecurity Core Rule Set is distributed under # Apache Software License (ASL) version 2 diff --git a/rules/REQUEST-949-BLOCKING-EVALUATION.conf b/rules/REQUEST-949-BLOCKING-EVALUATION.conf index 3d1134684..24fc1f57b 100644 --- a/rules/REQUEST-949-BLOCKING-EVALUATION.conf +++ b/rules/REQUEST-949-BLOCKING-EVALUATION.conf @@ -1,6 +1,6 @@ # ------------------------------------------------------------------------ # OWASP ModSecurity Core Rule Set ver.3.1.0 -# Copyright (c) 2006-2017 Trustwave and contributors. All rights reserved. +# Copyright (c) 2006-2018 Trustwave and contributors. All rights reserved. # # The OWASP ModSecurity Core Rule Set is distributed under # Apache Software License (ASL) version 2 diff --git a/rules/RESPONSE-950-DATA-LEAKAGES.conf b/rules/RESPONSE-950-DATA-LEAKAGES.conf index 2a528fa50..369cc20b1 100644 --- a/rules/RESPONSE-950-DATA-LEAKAGES.conf +++ b/rules/RESPONSE-950-DATA-LEAKAGES.conf @@ -1,6 +1,6 @@ # ------------------------------------------------------------------------ # OWASP ModSecurity Core Rule Set ver.3.1.0 -# Copyright (c) 2006-2017 Trustwave and contributors. All rights reserved. +# Copyright (c) 2006-2018 Trustwave and contributors. All rights reserved. # # The OWASP ModSecurity Core Rule Set is distributed under # Apache Software License (ASL) version 2 diff --git a/rules/RESPONSE-951-DATA-LEAKAGES-SQL.conf b/rules/RESPONSE-951-DATA-LEAKAGES-SQL.conf index 30017064f..ff5b043a2 100644 --- a/rules/RESPONSE-951-DATA-LEAKAGES-SQL.conf +++ b/rules/RESPONSE-951-DATA-LEAKAGES-SQL.conf @@ -1,6 +1,6 @@ # ------------------------------------------------------------------------ # OWASP ModSecurity Core Rule Set ver.3.1.0 -# Copyright (c) 2006-2017 Trustwave and contributors. All rights reserved. +# Copyright (c) 2006-2018 Trustwave and contributors. All rights reserved. # # The OWASP ModSecurity Core Rule Set is distributed under # Apache Software License (ASL) version 2 diff --git a/rules/RESPONSE-952-DATA-LEAKAGES-JAVA.conf b/rules/RESPONSE-952-DATA-LEAKAGES-JAVA.conf index bbadf5fb1..9499ba86c 100644 --- a/rules/RESPONSE-952-DATA-LEAKAGES-JAVA.conf +++ b/rules/RESPONSE-952-DATA-LEAKAGES-JAVA.conf @@ -1,6 +1,6 @@ # ------------------------------------------------------------------------ # OWASP ModSecurity Core Rule Set ver.3.1.0 -# Copyright (c) 2006-2017 Trustwave and contributors. All rights reserved. +# Copyright (c) 2006-2018 Trustwave and contributors. All rights reserved. # # The OWASP ModSecurity Core Rule Set is distributed under # Apache Software License (ASL) version 2 diff --git a/rules/RESPONSE-953-DATA-LEAKAGES-PHP.conf b/rules/RESPONSE-953-DATA-LEAKAGES-PHP.conf index 7d22bc784..f97932cbb 100644 --- a/rules/RESPONSE-953-DATA-LEAKAGES-PHP.conf +++ b/rules/RESPONSE-953-DATA-LEAKAGES-PHP.conf @@ -1,6 +1,6 @@ # ------------------------------------------------------------------------ # OWASP ModSecurity Core Rule Set ver.3.1.0 -# Copyright (c) 2006-2017 Trustwave and contributors. All rights reserved. +# Copyright (c) 2006-2018 Trustwave and contributors. All rights reserved. # # The OWASP ModSecurity Core Rule Set is distributed under # Apache Software License (ASL) version 2 diff --git a/rules/RESPONSE-954-DATA-LEAKAGES-IIS.conf b/rules/RESPONSE-954-DATA-LEAKAGES-IIS.conf index 8af33c23c..9539b6bbf 100644 --- a/rules/RESPONSE-954-DATA-LEAKAGES-IIS.conf +++ b/rules/RESPONSE-954-DATA-LEAKAGES-IIS.conf @@ -1,6 +1,6 @@ # ------------------------------------------------------------------------ # OWASP ModSecurity Core Rule Set ver.3.1.0 -# Copyright (c) 2006-2017 Trustwave and contributors. All rights reserved. +# Copyright (c) 2006-2018 Trustwave and contributors. All rights reserved. # # The OWASP ModSecurity Core Rule Set is distributed under # Apache Software License (ASL) version 2 diff --git a/rules/RESPONSE-959-BLOCKING-EVALUATION.conf b/rules/RESPONSE-959-BLOCKING-EVALUATION.conf index 3d9ed1970..7243931e1 100644 --- a/rules/RESPONSE-959-BLOCKING-EVALUATION.conf +++ b/rules/RESPONSE-959-BLOCKING-EVALUATION.conf @@ -1,6 +1,6 @@ # ------------------------------------------------------------------------ # OWASP ModSecurity Core Rule Set ver.3.1.0 -# Copyright (c) 2006-2017 Trustwave and contributors. All rights reserved. +# Copyright (c) 2006-2018 Trustwave and contributors. All rights reserved. # # The OWASP ModSecurity Core Rule Set is distributed under # Apache Software License (ASL) version 2 diff --git a/rules/RESPONSE-980-CORRELATION.conf b/rules/RESPONSE-980-CORRELATION.conf index 41c503699..44bee64d2 100644 --- a/rules/RESPONSE-980-CORRELATION.conf +++ b/rules/RESPONSE-980-CORRELATION.conf @@ -1,6 +1,6 @@ # ------------------------------------------------------------------------ # OWASP ModSecurity Core Rule Set ver.3.1.0 -# Copyright (c) 2006-2017 Trustwave and contributors. All rights reserved. +# Copyright (c) 2006-2018 Trustwave and contributors. All rights reserved. # # The OWASP ModSecurity Core Rule Set is distributed under # Apache Software License (ASL) version 2