Shellshock mitigation with BIG-IP iRules

Yesterday, NIST released information on a new network exploitable vulnerability in the GNU Bash shell as demonstrated by vectors involving parts of OpenSSH sshd, the mod_cgi, and mod_cgid modules in ...
Updated Jun 06, 2023
Version 2.0
application delivery
devops
iRules
security
shellshock
Joe_Pruitt's avatar
Joe_Pruitt
Sep 29, 2014
---UPDATE--- After receiving feedback and finding more details on the vulnerability, we've restricted the search pattern to search for containing the string "() {". This should greatly reduce the minimal amount of false positives that were found by custom applications but keep in mind that if you are doing something custom, that this pattern may still match so we suggest you use the longer iRule for initial analysis and auditing. The shorter iRule can be then run if/when performance is something you are concerned about.