Signature Detail
Short Name |
SHELLCODE:MSF:DCX86-80C |
|---|---|
Severity |
Critical |
Recommended |
Yes |
Recommended Action |
Drop |
Category |
SHELLCODE |
Keywords |
Metasploit Decoder Routine for X86 Over HTTP |
Release Date |
2013/08/07 |
Update Number |
2288 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
SHELLCODE: Metasploit Decoder Routine for X86 Over HTTP
This signature detect payloads being transferred over HTTP protocol that have been encoded using Metasploit X86 encoder routine. This could be an indication that the session is an attack coming from a Metasploit attacker.
Extended Description
HP OpenView Network Node Manager is prone to a remote code-execution vulnerability because the 'webappmon.exe' CGI application fails to adequately validate user-supplied input. Successful exploits can allow an attacker to execute arbitrary code with the privileges of the user running the webserver. Failed exploit attempts will likely result in denial-of-service conditions. OpenView Network Node Manager 7.51 and 7.53 are vulnerable.
Affected Products
- HP OpenView Network Node Manager 7.51
- HP OpenView Network Node Manager 7.53
References
- BugTraq: 42154
- BugTraq: 43289
- BugTraq: 42154
- BugTraq: 33926
- CVE: CVE-2010-2709