HPE LoadRunner Shared Memory Name Construction RCE
High Nessus Plugin ID 91972
SynopsisA software performance testing application running on the remote host is affected by a remote code execution vulnerability.
DescriptionThe Hewlett Packard Enterprise (HPE) LoadRunner application running on the remote host is affected by a stack-based buffer overflow condition in mchan.dll, when constructing a shared memory file name, due to improper validation of the size of a user-supplied string. An unauthenticated, remote attacker can exploit this, via a long '-server_name' value, to execute arbitrary code with the privileges of the user running the application.
Note that LoadRunner reportedly is affected by other vulnerabilities, which can result in a denial of service; however, Nessus has not tested for these.
SolutionApply the appropriate patch or upgrade according to the vendor advisory.