""ET EXPLOIT QNAP Shellshock script retrieval""
SID: 2019905
Revision: 2
Class Type: attempted-admin
Metadata: created_at 2014_12_10, cve CVE_2014_6271, updated_at 2019_08_15
Reference:
-
cve
-
2014-6271
Protocol: tcp
Source Network: $EXTERNAL_NET
Source Port: $HTTP_PORTS
Destination Network: $HOME_NET
Destination Port: any
Flow: established,from_server
Contents:
-
Value: "|2f|share|2f|MD0_DATA|2f|optware|2f|.xpl|2f|"
-
Value: "unset HISTFIE"
Within:
PCRE:
Special Options:
- file_data