For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Shellshock mitigation with BIG-IP iRules

Yesterday, NIST released information on a new network exploitable vulnerability in the GNU Bash shell as demonstrated by vectors involving parts of OpenSSH sshd, the mod_cgi, and mod_cgid modules in ...

Updated Jun 06, 2023

Version 2.0

Joined September 22, 2004

View Profile

Joe_Pruitt

Sep 26, 2014

@Shibu - you bring up good points. At the time I wrote the article, we couldn't determine that the exploit was limited to a "() {..." pattern so I took the route of making the search broader to make sure all bases were covered. Since then, it has been suggested that some User-Agent strings may lead to false positives. We are investigating this now. As for ASM, if you are using that product, then a custom signature is a great idea. This solution was geared for customers who are not using ASM and have iRules fronting their servers.

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

Shellshock mitigation with BIG-IP iRules

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS