Volex - Possible CVE-2014-6271 bash Vuln... Volex - Possible CVE-2014-6271 bash Vulnerability Requested (header)
Here you can find all the details about the rule " Volex - Possible CVE-2014-6271 bash Vuln... Volex - Possible CVE-2014-6271 bash Vulnerability Requested (header) ". Propose edits, view related rules, and engage with the community through comments.
[[ currentRule.title ]]
[[ currentRule.description ]]
Rule Content
v 1.0 v [[ currentRule.version ]][[ currentRule.to_string ]]{
"uuid": "9ade0e1f-8ec9-4ebd-a515-f4f0ad328cfa",
"Object": [
{
"name": "suricata",
"meta-category": "network",
"template_uuid": "3c177337-fb80-405a-a6c1-1b2ddea8684a",
"description": "An object describing one or more Suricata rule(s) along with version and contextual information.",
"template_version": "2",
"uuid": "1352f9da-61c0-4386-bf92-1595a1578c32",
"Attribute": [
{
"uuid": "fe7913b2-31ad-492b-8343-fdfcebfd4ee5",
"object_relation": "suricata",
"value": "alert http $EXTERNAL_NET any -> $HOME_NET any (msg:\"Volex - Possible CVE-2014-6271 bash Vulnerability Requested (header)\"; flow:established,to_server; content:\"() {\"; http_header; threshold:type limit, track by_src, count 1, seconds 120; sid:2014092401;)",
"type": "snort",
"disable_correlation": false,
"to_ids": true,
"category": "Network activity"
},
{
"uuid": "7599fb8e-2d74-41b4-b894-fec18d5ec1a0",
"object_relation": "suricata-rule-name",
"value": "Volex - Possible CVE-2014-6271 bash Vulnerability Requested (header)",
"type": "text",
"disable_correlation": false,
"to_ids": false,
"category": "Other"
},
{
"uuid": "7fdb8a6e-a30e-419e-9833-2853837b53dc",
"object_relation": "comment",
"value": "Signatures and IoCs from public Volexity blog posts.",
"type": "comment",
"disable_correlation": false,
"to_ids": false,
"category": "Other"
},
{
"uuid": "2beaf3a7-4caa-4e06-8929-577dd1e802de",
"object_relation": "version",
"value": "1.0",
"type": "text",
"disable_correlation": false,
"to_ids": false,
"category": "Other"
},
{
"uuid": "113e28e2-0bc9-48cd-a740-b910a72410ef",
"object_relation": "reference",
"value": "https://github.com/volexity/threat-intel",
"type": "link",
"disable_correlation": false,
"to_ids": false,
"category": "External analysis"
}
],
"distribution": "5",
"sharing_group_id": "0"
}
]
}Similar Rules
More Rules• A higher score (closer to 1.0) indicates stronger similarity.
• Scores above 0.90 typically indicate a duplicate rule.
The similarity is calculated using the TF-IDF (Term Frequency - Inverse Document Frequency) vectorization of each rule's text, followed by computing the cosine similarity between vectors.
This method compares the textual content of the rules, giving higher weight to distinctive terms and lower weight to common terms. It is robust to small changes in wording.
Learn more on the official scikit-learn documentation: TF-IDF Vectorizer & Cosine Similarity
[[ rule.title ]]
[[ rule.description ]]
Related Bundles
[[ bundleListRule.length ]] TotalNo bundles found for this rule.
Please log in to propose an edit.
No edit proposals found for this rule.
[[ comments_list.length ]] Comments
Join the conversation
Login to replyCommunity Discussion
No comments yet
Be the first to share your thoughts on this rule!