HP Security Bulletin HPSBMU02785 SSRT100526 2 - A potential security vulnerability has been identified with HP LoadRunner running on Windows. The vulnerability can be exploited remotely to execute arbitrary code or cause a Denial of Service (DoS). Revision 2 of this advisory.
f130f923dd784102922bffc000c85f47f31bc6b498859349a7d691f349df8431HP Security Bulletin HPSBMU02785 SSRT100526 - A potential security vulnerability has been identified with HP LoadRunner running on Windows. The vulnerability can be exploited remotely to execute arbitrary code. Revision 1 of this advisory.
5e611f74ef678506b1803d17a9fc1d90fe088854bdaeeab6f5877a1028eed5a3This Metasploit module exploits a stack buffer overflow in HP Diagnostics Server magentservice.exe service. By sending a specially crafted packet, an attacker may be able to execute arbitrary code. Originally found and posted by AbdulAziz Harir via ZDI.
c6a14560edab2b9d9defb11e36b12526fd6aaa6d5fa8fa8faa2534b45739ade1Zero Day Initiative Advisory 12-016 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Diagnostics server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the way the HP Diagnostics server handles incoming packets with 0x00000000 as the first 32-bit value. The magentservice.exe process listens on port 23472 by default. It will eventually take that first dword, decrease it by one and use it as a size value to copy data into a stack buffer. The resulting stack-based buffer overflow can result in remote code execution under the system user.
f89cf1cca7956e3476a79653108a775954c6207b163d593dad96b7179e74c5f5
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed