WAF 330701

From Atomicorp Wiki
Jump to: navigation, search
Rule 330701
Status Active
Alert Message Atomicorp.com WAF Rules: Potential CVE-2014-6271 Bash Attack


[edit] Description

This rules detects when a potential attack is made against a web application, such as a CGI application, to take advantage of the bash shell CVE-2014-6271 vulnerability. The vulnerability allows remote command execution against the system. If you are not sure if you have patched bash to prevent this attack, do not disable this rule.

[edit] Troubleshooting

[edit] False Positives

It is not recommended that you disable this rule if you have a false positive. If you believe this is a false positive, please report this to our security team to determine if this is a legitimate case, or if its clever attack on your system. Instructions to report false positives are detailed on the Reporting False Positives wiki page. If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

[edit] Tuning Guidance

Please see the Tuning the Atomicorp WAF Rules page for basic information if you wish to tune, or disable this rule.

[edit] Additional Information

[edit] Similar Rules


[edit] Knowledge Base Articles


[edit] Outside References


[edit] Notes

Personal tools