[Emerging-Sigs] Signature for Bash Exploit?
wkitty42 at windstream.net
Fri Sep 26 14:11:47 EDT 2014
On 9/25/2014 7:56 PM, Francis Trudeau wrote:
> There was a lot of them created over the past couple days. They are
> all in OPEN so they should be widespread.
> 37 in total went out, with 30 of them being generic url-encode rules
> that are disabled by default.
are these disabled by default because they may appear in legitimate web pages or
because they may FP a lot?
NOTE: No off-list assistance is given without prior approval.
Please *keep mailing list traffic on the list* unless
private contact is specifically requested and granted.
More information about the Emerging-sigs