virus logo Intrusion Prevention

HTTP.Unix.Shell.IFS.Remote.Code.Execution

description-logoDescription

This indicates detection of suspicious HTTP requests that use internal field separators.
Internal field separators, $IFS or ${IFS}, are often used in command injection to replace white space.
For many command line interpreters, shells of Unix operating systems, the internal field separator (abbreviated IFS) is a variable which defines the characters used to separate a pattern into tokens for some operations. IFS typically includes the space, tab, and newline.

affected-products-logoAffected Products

Any unprotected HTTP server is vulnerable

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Monitor the traffic from that network for any suspicious activity.

Coverage

IPS (Regular DB)
IPS (Extended DB)

References

https://en.wikipedia.org/wiki/Internal_field_separator
ID 45677
Created Mar 21, 2018
Updated Apr 12, 2018
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
CVE ID
Default Action drop
Active
Affected OS Linux, BSD, Solaris
Affected App Other