HPE LoadRunner < 12.50 mchan.dll Packet Handling Invalid Memory Access DoS
High Nessus Plugin ID 97552
SynopsisAn application installed on the remote Windows host is affected by a denial of service vulnerability.
DescriptionThe version of HP LoadRunner installed on the remote Windows host is prior to 12.50 patch 3. It is, therefore, affected by a denial of service vulnerability in the mchan.dll library due to improper parsing of malformed packets. An unauthenticated, remote attacker can exploit this, via a specially crafted request, to crash the service.
SolutionUpgrade to HP LoadRunner version 12.50 patch 3 or later.