HP LoadRunner Web Tours DoS

No description provided...

[security bulletin] HPSBMA02533 SSRT080049 rev.1 - HP LoadRunner Web Tours 9.10 Remote Denial of Service

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02165172 Version: 1 HPSBMA02533 SSRT080049 rev.1 - HP LoadRunner Web Tours 9.10 Remote Denial of Service NOTICE: The information in this Security Bulletin should be acted upon as soon as possible...

CVE-2010-4028

Unspecified vulnerability in LoadRunner Web Tours 9.10 in HP LoadRunner 9.1 and earlier allows remote attackers to cause a denial of service, and possibly obtain sensitive information or modify data, via unknown vectors...

Code injection

Unspecified vulnerability in LoadRunner Web Tours 9.10 in HP LoadRunner 9.1 and earlier allows remote attackers to cause a denial of service, and possibly obtain sensitive information or modify data, via unknown vectors...

CVE-2010-4028

Unspecified vulnerability in LoadRunner Web Tours 9.10 in HP LoadRunner 9.1 and earlier allows remote attackers to cause a denial of service, and possibly obtain sensitive information or modify data, via unknown vectors...

CVE-2010-4028

Vulnerability CVE-2010-4028 affects HP LoadRunner Web Tours 9.10 and LoadRunner 9.1 and earlier. The issue is described as an unspecified vulnerability allowing remote denial of service, with potential for information disclosure or data modification via unknown vectors. HP’s Security Bulletin HPS...

ZDI-10-080: HP Mercury LoadRunner Agent Trusted Input Remote Code Execution Vulnerability

ZDI-10-080: HP Mercury LoadRunner Agent Trusted Input Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-080 May 6, 2010 -- CVE ID: CVE-2010-1549 -- Affected Vendors: Hewlett-Packard -- Affected Products: Hewlett-Packard LoadRunner -- TippingPointTM IPS Custome...

[security bulletin] HPSBMA02201 SSRT071328 rev.1 - HP LoadRunner Agent on Windows, Remote Unauthenticated Arbitrary Code Execution

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c00912968 Version: 1 HPSBMA02201 SSRT071328 rev.1 - HP LoadRunner Agent on Windows, Remote Unauthenticated Arbitrary Code Execution NOTICE: The information in this Security Bulletin should be acte...

HP LoadRunner 9.0 - ActiveX AddFolder Buffer Overflow (Metasploit)

$Id: hploadrunneraddfolder.rb 9262 2010-05-09 17:45:00Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

CVE-2010-1549

Unspecified vulnerability in the Agent in HP LoadRunner before 9.50 and HP Performance Center before 9.50 allows remote attackers to execute arbitrary code via unknown vectors...

DSquare Exploit Pack: D2SEC_HPLR

Name| d2sechplr ---|--- CVE| CVE-2010-1549 Exploit Pack| D2ExploitPack Description| HP Mercury LoadRunner Agent Remote Code Execution Vulnerability Notes|...

CVE-2010-1549

CVE-2010-1549 affects HP LoadRunner Agent (Windows) prior to v9.50 and HP Performance Center prior to v9.50. The vulnerability lies in the magentproc.exe TCP service (port 54345) where a crafted, unauthenticated packet can trigger remote code execution (context: SYSTEM). Publicly documented explo...

CVE-2010-1549

Unspecified vulnerability in the Agent in HP LoadRunner before 9.50 and HP Performance Center before 9.50 allows remote attackers to execute arbitrary code via unknown vectors...

HP Mercury LoadRunner Agent Remote Command Execution

The version of the LoadRunner Agent installed on the remote host allows an unauthorized attacker to execute arbitrary commands on the remote system provided 'Secure Channel' is disabled which is disabled by default. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

HP Mercury LoadRunner Agent Trusted Input Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Mercury LoadRunner. Authentication is not required to exploit this vulnerability. The specific flaw exists within the process magentproc.exe that binds to TCP port 54345. A specially crafted...

Persits XUpload ActiveX MakeHttpRequest Directory Traversal

$Id: persitsxuploadtraversal.rb 7760 2009-12-08 21:24:45Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

HP LoadRunner 9.0 ActiveX AddFolder Buffer Overflow

$Id: hploadrunneraddfolder.rb 7724 2009-12-06 05:50:37Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

Persits XUpload ActiveX AddFile Buffer Overflow

$Id: hploadrunneraddfile.rb 7724 2009-12-06 05:50:37Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

HP LoadRunner XUpload.ocx ActiveX Control Arbitrary File Download

An arbitrary file download vulnerability exists in an HP LoadRunner ActiveX control. The vulnerability is due to a design flaw in a certain method. The method can be leveraged by attackers to execute arbitrary programs on the vulnerable host...

Persits XUpload ActiveX MakeHttpRequest Directory Traversal

This module exploits a directory traversal in Persits Software Inc's XUpload ActiveX controlversion 3.0.0.3 that's included in HP LoadRunner 9.5. By passing a string containing ".." sequences to the MakeHttpRequest method, an attacker is able to write arbitrary files to arbitrary locations on...