SHELLCODE: Decoder Loop 1 (TCP-CTS)
This signature detects a known malicious shellcode decoder. Decoders are used to hide malicious shellcode from detection.
Extended Description
The Bopup Communication Server is prone to a stack-based buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data. An attacker can exploit this issue to execute arbitrary code in the context of the affected server. Successful attacks will compromise the server and possibly the underlying computer. Failed attacks will likely cause denial-of-service conditions. Bopup Communication Server 3.2.26.5460 is vulnerable; other versions may also be affected.
Affected Products
B_labs bopup_communication_server
Short Name
SHELLCODE:ACTIVE:DCDR-1-TCP-CTS
Severity
Critical
Recommended
False
Recommended Action
Drop
Category
SHELLCODE
Keywords
(TCP-CTS) 1 CVE-2005-1009 CVE-2005-1018 CVE-2005-3526 CVE-2008-1491 CVE-2009-2227 CVE-2010-3007 Decoder Loop bid:12967 bid:13102 bid:17063 bid:43105 bid:43836
Release Date
10/20/2010
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3709
Port
TCP/1-24,26-79,81-134,136-442,444,446-65535
False Positive
Unknown
Vendors
B_labs
CVSS Score
10.0