[[message.message]]
Volex - Possible CVE-2014-6271 bash Vulnerability Requested (header)
Here you can find all the details about the rule "Volex - Possible CVE-2014-6271 bash Vulnerability Requested (header)". Propose edits, view related rules, and engage with the community through comments.
[[ currentRule.format.toUpperCase()
]]
[[ currentRule.title ]]
[[ currentRule.editor[0].toUpperCase() ]]
[[ currentRule.author[0].toUpperCase() ]]
[[ currentRule.editor ]]
[[ currentRule.author ]]
|
[[ dayjs.utc(currentRule.last_modif).fromNow() ]]
[[ currentRule.description ]]
Original UUID:
2014092401
UUID:
ce2067a8-17a1-4574-9697-9d4b07021d9d
Created:
13/10/2025
License:
NOASSERTION
Source:
Unknown
Source:
[[ currentRule.source ]]
[[ currentRule.source ]]
Editor:
admin admin
Rule Content
[[ currentRule.to_string ]]{
"id": 40653,
"format": "suricata",
"title": "Volex - Possible CVE-2014-6271 bash Vulnerability Requested (header)",
"license": "NOASSERTION",
"description": "Signatures and IoCs from public Volexity blog posts.",
"uuid": "ce2067a8-17a1-4574-9697-9d4b07021d9d",
"original_uuid": "2014092401",
"source": "https://github.com/volexity/threat-intel",
"author": "volexity",
"creation_date": "2025-10-13 15:25",
"last_modif": "2025-10-13 15:25",
"vote_up": 0,
"vote_down": 0,
"user_id": 1,
"version": "1.0",
"to_string": "alert http $EXTERNAL_NET any -> $HOME_NET any (msg:\"Volex - Possible CVE-2014-6271 bash Vulnerability Requested (header)\"; flow:established,to_server; content:\"() {\"; http_header; threshold:type limit, track by_src, count 1, seconds 120; sid:2014092401;)",
"is_favorited": false,
"cve_id": "{2014,6271}"
}{
"uuid": "9f3ac4d2-7393-4d82-b6c6-edb7c6e75970",
"Object": [
{
"name": "suricata",
"meta-category": "network",
"template_uuid": "3c177337-fb80-405a-a6c1-1b2ddea8684a",
"description": "An object describing one or more Suricata rule(s) along with version and contextual information.",
"template_version": "2",
"uuid": "75112daa-92d3-4375-a9dd-8f2218e5e413",
"Attribute": [
{
"uuid": "18c74c95-f1a8-47d4-ae3d-2f59de8ee124",
"object_relation": "suricata",
"value": "alert http $EXTERNAL_NET any -> $HOME_NET any (msg:\"Volex - Possible CVE-2014-6271 bash Vulnerability Requested (header)\"; flow:established,to_server; content:\"() {\"; http_header; threshold:type limit, track by_src, count 1, seconds 120; sid:2014092401;)",
"type": "snort",
"disable_correlation": false,
"to_ids": true,
"category": "Network activity"
},
{
"uuid": "54372062-7e07-448f-99a4-517aa912f84c",
"object_relation": "suricata-rule-name",
"value": "Volex - Possible CVE-2014-6271 bash Vulnerability Requested (header)",
"type": "text",
"disable_correlation": false,
"to_ids": false,
"category": "Other"
},
{
"uuid": "6a3ee023-fa24-424f-94b5-0de34f1a78a9",
"object_relation": "comment",
"value": "Signatures and IoCs from public Volexity blog posts.",
"type": "comment",
"disable_correlation": false,
"to_ids": false,
"category": "Other"
},
{
"uuid": "5d8a27a0-36a5-4b66-93e0-95f329d8a637",
"object_relation": "version",
"value": "1.0",
"type": "text",
"disable_correlation": false,
"to_ids": false,
"category": "Other"
},
{
"uuid": "a73bfffe-3efe-42a4-9a9d-b7799c2e94e1",
"object_relation": "reference",
"value": "https://github.com/volexity/threat-intel",
"type": "link",
"disable_correlation": false,
"to_ids": false,
"category": "External analysis"
}
],
"distribution": "5",
"sharing_group_id": "0"
}
]
}
Loading...
Related Rules
No similar rules found.
Comments [[ comments_list.length ]]
Please log
in to
post a comment.
[[ comment.user_name ]]
[[ comment.created_at ]]
[[ comment.content ]]
No comments yet. Be the first to comment!
Please log in to propose an edit.
No edit proposals found for this rule.