Vulnerabilities > CVE-2013-4800 - Remote Code Execution vulnerability in HP LoadRunner
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1735.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 8 |
Exploit-Db
description | HP LoadRunner magentproc.exe Overflow. CVE-2013-4800. Remote exploit for windows platform |
id | EDB-ID:28809 |
last seen | 2016-02-03 |
modified | 2013-10-08 |
published | 2013-10-08 |
reporter | metasploit |
source | https://www.exploit-db.com/download/28809/ |
title | HP LoadRunner magentproc.exe Overflow |
Metasploit
description | This module exploits a stack buffer overflow in HP LoadRunner before 11.52. The vulnerability exists on the LoadRunner Agent Process magentproc.exe. By sending a specially crafted packet, an attacker may be able to execute arbitrary code. |
id | MSF:EXPLOIT/WINDOWS/MISC/HP_LOADRUNNER_MAGENTPROC |
last seen | 2020-06-08 |
modified | 2017-07-24 |
published | 2013-10-03 |
references | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4800 |
reporter | Rapid7 |
source | https://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/windows/misc/hp_loadrunner_magentproc.rb |
title | HP LoadRunner magentproc.exe Overflow |
Nessus
NASL family | Gain a shell remotely |
NASL id | LOADRUNNER_AGENT_SERVER_IP_NAME_OVERFLOW.NASL |
description | The version of the LoadRunner Agent installed on the remote host contains a buffer overflow in |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 24327 |
published | 2007-02-13 |
reporter | This script is Copyright (C) 2007-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/24327 |
title | Mercury LoadRunner Agent server_ip_name Field Remote Buffer Overflow |
code |
|
Packetstorm
data source | https://packetstormsecurity.com/files/download/123533/hp_loadrunner_magentproc.rb.txt |
id | PACKETSTORM:123533 |
last seen | 2016-12-05 |
published | 2013-10-07 |
reporter | juan vazquez |
source | https://packetstormsecurity.com/files/123533/HP-LoadRunner-magentproc.exe-Overflow.html |
title | HP LoadRunner magentproc.exe Overflow |
References
- http://osvdb.org/95644
- http://packetstormsecurity.com/files/123533
- http://www.securityfocus.com/bid/61446
- http://www.zerodayinitiative.com/advisories/ZDI-13-169
- https://exchange.xforce.ibmcloud.com/vulnerabilities/85960
- https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03862772