The snort community rules treat all requests that include () { as a "Bash CGI environment variable injection attempt", but this rule catches apparently innocuous code uploads and sends spurious alerts. We may want to drop this rule or only apply it to certain environments.
The snort community rules treat all requests that include
() {
as a "Bash CGI environment variable injection attempt", but this rule catches apparently innocuous code uploads and sends spurious alerts. We may want to drop this rule or only apply it to certain environments.cc @dlapiduz