WAF 330701
| Rule 330701 | |
|---|---|
| Status | Active |
| Alert Message | Atomicorp.com WAF Rules: Potential CVE-2014-6271 Bash Attack |
Contents |
[edit] Description
This rules detects when a potential attack is made against a web application, such as a CGI application, to take advantage of the bash shell CVE-2014-6271 vulnerability. The vulnerability allows remote command execution against the system. If you are not sure if you have patched bash to prevent this attack, do not disable this rule.
[edit] Troubleshooting
[edit] False Positives
It is not recommended that you disable this rule if you have a false positive. If you believe this is a false positive, please report this to our security team to determine if this is a legitimate case, or if its clever attack on your system. Instructions to report false positives are detailed on the Reporting False Positives wiki page. If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.
[edit] Tuning Guidance
Please see the Tuning the Atomicorp WAF Rules page for basic information if you wish to tune, or disable this rule.
[edit] Additional Information
[edit] Similar Rules
None.
[edit] Knowledge Base Articles
None.
