Difference between revisions of "WAF 330701"
(Created page with "{{Infobox |header1= Rule 330701 |label2 = Status |data2 = Active |label3 = Alert Message |data3 = Atomicorp.com WAF Rules: Potential CVE-2014-6271 Bash Attack }} = Descriptio...") |
Latest revision as of 17:14, 24 September 2014
| Rule 330701 | |
|---|---|
| Status | Active |
| Alert Message | Atomicorp.com WAF Rules: Potential CVE-2014-6271 Bash Attack |
Contents |
[edit] Description
This rules detects when a potential attack is made against a web application, such as a CGI application, to take advantage of the bash shell CVE-2014-6271 vulnerability. The vulnerability allows remote command execution against the system. If you are not sure if you have patched bash to prevent this attack, do not disable this rule.
[edit] Troubleshooting
[edit] False Positives
It is not recommended that you disable this rule if you have a false positive. If you believe this is a false positive, please report this to our security team to determine if this is a legitimate case, or if its clever attack on your system. Instructions to report false positives are detailed on the Reporting False Positives wiki page. If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.
[edit] Tuning Guidance
Please see the Tuning the Atomicorp WAF Rules page for basic information if you wish to tune, or disable this rule.
[edit] Additional Information
[edit] Similar Rules
None.
[edit] Knowledge Base Articles
None.
