Signature Detail

Short Name	SHELLCODE:MSF:DCX86-CTS
Severity	Critical
Recommended	Yes
Recommended Action	Drop
Category	SHELLCODE
Keywords	Metasploit Decoder Routine for x86 (TCP-CTS1)
Release Date	2011/05/19
Update Number	1923
Supported Platforms	idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

SHELLCODE: Metasploit Decoder Routine for x86 (TCP-CTS1)

This signature detect the transfer of a Metasploit x86 payload decoding loop. This could be an indication that the session is an attack coming from a Metasploit attacker.

Extended Description

HP OpenView Network Node Manager is prone to a remote code-execution vulnerability because the 'webappmon.exe' CGI application fails to adequately validate user-supplied input. Successful exploits can allow an attacker to execute arbitrary code with the privileges of the user running the webserver. Failed exploit attempts will likely result in denial-of-service conditions. OpenView Network Node Manager 7.51 and 7.53 are vulnerable.

Affected Products

HP OpenView Network Node Manager 7.51
HP OpenView Network Node Manager 7.53

References

BugTraq: 33926
BugTraq: 42154
BugTraq: 43289
BugTraq: 42154
CVE: CVE-2010-2709
URL: http://www.metasploit.org/

Signature Detail

Short Name

Severity

Recommended

Recommended Action

Category

Keywords

Release Date

Update Number

Supported Platforms

SHELLCODE: Metasploit Decoder Routine for x86 (TCP-CTS1)

Extended Description

Affected Products

References