These signatures are generic signatures that will catch common commands
used to exploit form variable vulnerabilities. These signatures should
not false very often.
Please email example PCAP log dumps to snort-sigs@lists.sourceforge.net
if you find one of these signatures to be too false possitive.