GEN:SID 1:1424
Message SHELLCODE x86 0xEB0C NOOP
Summary This event is generated when suspicious shell code is detected in
network traffic.
Impact Denial of Service (DoS) possible execution of arbitrary code.
Detailed Information This event is generated when suspicious shell code is detected. Many
buffer overflow attacks contain large numbers of NOOP instrucions to pad
out the request. Other attacks contain specific shell code sequences
directed at certain applications or services.

The shellcode in question may also use Unicode encoding.
Affected Systems Any software running on x86 architecture.
Attack Scenarios An attacker may exploit a DCERPC service by sending shellcode in the RPC
data stream. Sending large amounts of data to the Microsoft Workstation
service can cause a buffer overflow condition in the logging function
thus presenting an attacker with the opportunity to issue a DoS attack
or in some cases, to execute code of their choosing.
Ease of Attack Simple. Many exploits exist.
Corrective Action Make sure the target host has all current patches applied and has the
latest software versions installed.
Additional References