HP LoadRunner < 11.52 SSL Connection Handling Stack Buffer Overflow RCE
high Nessus Plugin ID 69424
Language:
New! Vulnerability Priority Rating (VPR)
Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it is different from CVSS.
VPR Score: 7.4
Synopsis
The remote host has a software performance testing application running that is affected by a remote code execution vulnerability.Description
The version of HP LoadRunner running on the remote host is affected by a remote code execution vulnerability due to a failure to validate the length of data before copying it into a fixed-size buffer when handling connections using SSL. A remote, unauthenticated attacker can exploit this, via a specially crafted request, to cause a stack-based buffer overflow, resulting in the execution of arbitrary code with SYSTEM privileges.Solution
Upgrade to HP LoadRunner 11.52 or later.See Also
https://www.tenable.com/security/research/tra-2013-05
Plugin Details
Severity: High
ID: 69424
File Name: hp_loadrunner_cve-2013-4800.nbin
Version: 1.11
Type: remote
Family: Gain a shell remotely
Published: 8/15/2013
Updated: 4/20/2021
Dependencies: loadrunner_agent_detect.nasl
Risk Information
Risk Factor: High
VPR Score: 7.4
CVSS v2.0
Base Score: 9.3
Temporal Score: 7.7
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Temporal Vector: E:F/RL:OF/RC:C
Vulnerability Information
CPE: cpe:/a:hp:loadrunner, cpe:/a:hp:mercury_loadrunner_agent
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 7/24/2013
Vulnerability Publication Date: 7/24/2013
Exploitable With
Metasploit (HP LoadRunner magentproc.exe Overflow)
ExploitHub (EH-13-896)
Reference Information
CVE: CVE-2013-4800
BID: 61446