SHELLCODE: x86 Intel Architecture Instruction Set NOOP Slide (TCP-STC)
This signature detects attempts to exploit a known vulnerability against an x86 system. Attackers can send long strings of NOOPs to overflow the buffer and gain root access. To properly use this signature in your policy, override the default service binding to the services you wish to protect.
Extended Description
Buffer overflow in the DNS resolver code used in libc, glibc, and libbind, as derived from ISC BIND, allows remote malicious DNS servers to cause a denial of service and possibly execute arbitrary code via the stub resolvers.
Affected Products
Isc bind
Short Name
SHELLCODE:X86:X90-NOOP-STC
Severity
Major
Recommended
False
Recommended Action
Drop
Category
SHELLCODE
Keywords
(TCP-STC) Architecture CVE-2002-0651 Instruction Intel NOOP Set Slide bid:5100 x86
Release Date
07/23/2014
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3773
Port
TCP/0-79,81-442,444-3127,3129-7999,8001-8079,8081-65535
False Positive
Unknown
Vendors
Isc
CVSS Score
7.5