Signature Detail

This site is deprecated. Please CLICK HERE for latest updates

Short Name	SHELLCODE:X86:X90-NOOP-HTTP-HDR
Severity	Critical
Recommended	No
Recommended Action	Drop
Category	SHELLCODE
Keywords	x86 Intel Architecture Instruction Set NOOP Slide In HTTP Header
Release Date	2004/04/28
Update Number	1213
Supported Platforms	di-5.3+, idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+

SHELLCODE: x86 Intel Architecture Instruction Set NOOP Slide In HTTP Header

This signature detects attempts to exploit a known vulnerability against Web servers on Intel x86 platforms. Attackers can use the "No-Op Slide" attack to pad the stack with "No Operation" x86 CPU instructions and overwrite the return address.

Extended Description

Large amounts of values that represent No-Ops in a data stream may represent a buffer overflow attempt.

References

URL: http://www.sans.org/resources/idfaq/polymorphic_shell.php
URL: http://www.securityfocus.com/infocus/1577

Signature Detail

This site is deprecated. Please CLICK HERE for latest updates

Short Name

Severity

Recommended

Recommended Action

Category

Keywords

Release Date

Update Number

Supported Platforms

SHELLCODE: x86 Intel Architecture Instruction Set NOOP Slide In HTTP Header

Extended Description

References