Are both if these true? Modsecurity is an Application layer firewall, and bash (any shell) is Link Layer?
Maybe an iptables ruleset? John Crout - via phone On Sep 26, 2014 5:16 PM, "Joshua Roback" <jrob...@gmail.com> wrote: > http://seclists.org/oss-sec/2014/q3/650 > > https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/ > > http://www.csoonline.com/article/2687265/application-security/remote-exploit-in-bash-cve-2014-6271.html > > Has anyone come across a ModSec rule for this new CVE? > > -- > Joshua Roback > > _______________________________________________ > Owasp-modsecurity-core-rule-set mailing list > Owasp-modsecurity-core-rule-set@lists.owasp.org > https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set > >
_______________________________________________ Owasp-modsecurity-core-rule-set mailing list Owasp-modsecurity-core-rule-set@lists.owasp.org https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
