Intrusion Prevention

HTTP.Unix.Shell.IFS.Remote.Code.Execution

Description

This indicates detection of suspicious HTTP requests that use internal field separators.
Internal field separators, $IFS or ${IFS}, are often used in command injection to replace white space.
For many command line interpreters, shells of Unix operating systems, the internal field separator (abbreviated IFS) is a variable which defines the characters used to separate a pattern into tokens for some operations. IFS typically includes the space, tab, and newline.

Affected Products

Any unprotected HTTP server is vulnerable

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Monitor the traffic from that network for any suspicious activity.