<html><body><div style="font-family: arial, helvetica, sans-serif; font-size: 12pt; color: #000000"><div>Ran into an issue yesterday that is interesting.</div><div><br data-mce-bogus="1"></div><div>I use a Zimbra provided. Yesterday I lost connection to the the provider from home. I could ping from other networks. To solve, I added a host based route from my desktop to the other networks using VPN. Worked for a while then stopped. I assumed a routing problem at their colo, but they told me I was triggering CVE-2014-6271 in their IPS firewall. How is that even possible? </div><div><br data-mce-bogus="1"></div><div>My provider told me their IPS was triggering on '() {'. Wow.</div><div><br data-mce-bogus="1"></div><div>1. I had forgotten to use https instead of http when using the Zimbra mail web interface.</div><div>2. Last night and today I was discussing some Java Script code for Service Now with a customer.</div><div>3. This problem occurred when my email was saved in 'Drafts' as I was typing.</div><div>4. Since this was JS there was '() {' syntax!</div><div><br data-mce-bogus="1"></div><div>Wow.</div><div><br data-mce-bogus="1"></div><div>They removed the block, I switched to https, and the problem is gone.</div><div><br data-mce-bogus="1"></div><div>This seemed like a sporadic routing issues because it would come and go. I imagine the IPC firewall would block for a while. When I routed that IP over a VPN the problem would follow the route!</div><div><br data-mce-bogus="1"></div><div><br data-mce-bogus="1"></div></div></body></html>