SHELLCODE: Metasploit Decoder Routine for X86 Over HTTP
This signature detect payloads being transferred over HTTP protocol that have been encoded using Metasploit X86 encoder routine. This could be an indication that the session is an attack coming from a Metasploit attacker.
Extended Description
HP OpenView Network Node Manager is prone to a remote code-execution vulnerability because the 'webappmon.exe' CGI application fails to adequately validate user-supplied input. Successful exploits can allow an attacker to execute arbitrary code with the privileges of the user running the webserver. Failed exploit attempts will likely result in denial-of-service conditions. OpenView Network Node Manager 7.51 and 7.53 are vulnerable.
Affected Products
Hp openview_network_node_manager
Short Name
SHELLCODE:MSF:DCX86-80C
Severity
Critical
Recommended
False
Recommended Action
Drop
Category
SHELLCODE
Keywords
CVE-2010-2709 Decoder HTTP Metasploit Over Routine X86 bid:33926 bid:42154 bid:43289 for
Release Date
08/07/2013
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Hp
CVSS Score
9.3