Versions (4)
Version DetailsCurrent
Rev: 5 • Dec 10, 2014, 12:00 PMET EXPLOIT QNAP Shellshock CVE-2014-6271
alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET EXPLOIT QNAP Shellshock CVE-2014-6271"; flow:established,to_server; http.uri; content:"authLogin.cgi"; http.header; content:"|28 29 20 7b|"; fast_pattern; reference:url,www.fireeye.com/blog/threat-research/2014/10/the-shellshock-aftershock-for-nas-administrators.html; reference:url,blogs.akamai.com/2014/09/environment-bashing.html; reference:cve,2014-6271; classtype:attempted-admin; sid:2019904; rev:5; metadata:created_at 2014_12_10, cve CVE_2014_6271, signature_severity Major, tag CISA_KEV, updated_at 2020_10_13;)
Dec 10, 2014, 12:00 PM
Oct 13, 2020, 12:00 PM
Sep 21, 2024, 3:00 AM
May 30, 2025, 12:04 AM
rules/emerging-exploit.rules