Lucene search
K

316 matches found

seebug.org
seebug.org
added 2007/12/27 12:0 a.m.25 views

Mercury LoadRunner XUpload ActiveX控件缓冲区溢出漏洞

BUGTRAQ ID: CNCAN ID:CNCAN-2007122709 Mercury LoadRunner是一款预测系统行为和性能的负载测试工具。 Mercury LoadRunner包含的XUpload ActiveX控件存在缓冲区溢出,远程攻击者可以利用漏洞以应用程序进程权限执行任意指令。 XUpload ActiveX控件对"AddFolder"方法缺少正确的边界错误,构建恶意的WEB页,诱使用户访问,可触发缓冲区溢出,精心构建提交数据可能以应用程序进程权限执行任意指令。 HP LoadRunner 9.x Mercury LoadRunner 8.x --------...

6.9AI score
Exploits0
Saint
Saint
added 2007/02/16 12:0 a.m.30 views

HP Mercury LoadRunner mchan.dll buffer overflow

Added: 02/16/2007 CVE: CVE-2007-0446 BID: 22487 OSVDB: 33132 Background HP Mercury LoadRunner is a load testing solution. Problem A buffer overflow in the mchan.dll library allows remote attackers to execute arbitrary commands by sending a packet with a long serveripname field to port 54345/TCP...

10CVSS7.8AI score0.44457EPSS
Exploits5
Saint
Saint
added 2007/02/16 12:0 a.m.39 views

HP Mercury LoadRunner mchan.dll buffer overflow

Added: 02/16/2007 CVE: CVE-2007-0446 BID: 22487 OSVDB: 33132 Background HP Mercury LoadRunner is a load testing solution. Problem A buffer overflow in the mchan.dll library allows remote attackers to execute arbitrary commands by sending a packet with a long serveripname field to port 54345/TCP...

10CVSS7.8AI score0.44457EPSS
Exploits5
Saint
Saint
added 2007/02/16 12:0 a.m.22 views

HP Mercury LoadRunner mchan.dll buffer overflow

Added: 02/16/2007 CVE: CVE-2007-0446 BID: 22487 OSVDB: 33132 Background HP Mercury LoadRunner is a load testing solution. Problem A buffer overflow in the mchan.dll library allows remote attackers to execute arbitrary commands by sending a packet with a long serveripname field to port 54345/TCP...

10CVSS7.8AI score0.44457EPSS
Exploits5
Saint
Saint
added 2007/02/16 12:0 a.m.26 views

HP Mercury LoadRunner mchan.dll buffer overflow

Added: 02/16/2007 CVE: CVE-2007-0446 BID: 22487 OSVDB: 33132 Background HP Mercury LoadRunner is a load testing solution. Problem A buffer overflow in the mchan.dll library allows remote attackers to execute arbitrary commands by sending a packet with a long serveripname field to port 54345/TCP...

10CVSS7.8AI score0.44457EPSS
Exploits5
Tenable Nessus
Tenable Nessus
added 2007/02/13 12:0 a.m.43 views

Mercury LoadRunner Agent server_ip_name Field Remote Buffer Overflow

The version of the LoadRunner Agent installed on the remote host contains a buffer overflow in 'mchan.dll' that can be exploited by an unauthenticated, remote attacker using a request with a long 'serveripname' field to crash the affected service or execute arbitrary code subject to the permissio...

10CVSS6AI score0.44457EPSS
Exploits5References4
Tenable Nessus
Tenable Nessus
added 2007/02/13 12:0 a.m.71 views

HP LoadRunner Agent Service Detection

An HP LoadRunner Agent is listening on the remote host. This agent enables a LoadRunner Controller to communicate with the LoadRunner Load Generator on the remote host for performance testing. Note that Hewlett-Packard acquired LoadRunner in November 2006 as part of its acquisition of Mercury...

5.7AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2007/02/12 12:0 a.m.12 views

Mercury LoadRunner Detection

Binary data 3911.prm...

7.3AI score
Exploits0References1
securityvulns
securityvulns
added 2007/02/09 12:0 a.m.48 views

[security bulletin] HPSBGN02187 SSRT061280 rev.1 - Mercury LoadRunner, Performance Center, Monitor over Firewall, Remote Unauthenticated Arbitrary Code Execution

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c00854250 Version: 1 HPSBGN02187 SSRT061280 rev.1 - Mercury LoadRunner, Performance Center, Monitor over Firewall, Remote Unauthenticated Arbitrary Code Execution NOTICE: The information in this...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2007/02/09 12:0 a.m.28 views

HP Mercury LoadRunner Agent buffer overflow

magentproc.exe TCP/54345 stack buffer overrun on oversized serveripname paramter...

10CVSS4.1AI score0.44457EPSS
Exploits5References2Affected Software3
securityvulns
securityvulns
added 2007/02/09 12:0 a.m.52 views

ZDI-07-007: HP Mercury LoadRunner Agent Stack Overflow Vulnerability

ZDI-07-007: HP Mercury LoadRunner Agent Stack Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-07-007.html February 8, 2007 -- CVE ID: CVE-2007-0446 -- Affected Vendor: Hewlett-Packard Mercury -- Affected Products: Mercury LoadRunner Agent 8.1 Mercury LoadRunner Agent 8.0...

10CVSS0.3AI score0.44457EPSS
Exploits5
Prion
Prion
added 2007/02/08 11:28 p.m.15 views

Stack overflow

Stack-based buffer overflow in magentproc.exe for Hewlett-Packard Mercury LoadRunner Agent 8.0 and 8.1, Performance Center Agent 8.0 and 8.1, and Monitor over Firewall 8.1 allows remote attackers to execute arbitrary code via a packet with a long serveripname field to TCP port 54345, which trigge...

10CVSS8.3AI score0.44457EPSS
Exploits5References13Affected Software3
d2
d2
added 2007/02/08 11:28 p.m.64 views

DSquare Exploit Pack: D2SEC_MERCURY_LR

Name| d2secmercurylr ---|--- CVE| CVE-2007-0446 Exploit Pack| D2ExploitPack Description| HP Mercury LoadRunner 8.1 - Agent Stack Overflow Notes|...

10CVSS2AI score0.44457EPSS
Exploits5
NVD
NVD
added 2007/02/08 11:28 p.m.27 views

CVE-2007-0446

Stack-based buffer overflow in magentproc.exe for Hewlett-Packard Mercury LoadRunner Agent 8.0 and 8.1, Performance Center Agent 8.0 and 8.1, and Monitor over Firewall 8.1 allows remote attackers to execute arbitrary code via a packet with a long serveripname field to TCP port 54345, which trigge...

10CVSS7.9AI score0.44457EPSS
Exploits5References13
Cvelist
Cvelist
added 2007/02/08 11:0 p.m.25 views

CVE-2007-0446

Stack-based buffer overflow in magentproc.exe for Hewlett-Packard Mercury LoadRunner Agent 8.0 and 8.1, Performance Center Agent 8.0 and 8.1, and Monitor over Firewall 8.1 allows remote attackers to execute arbitrary code via a packet with a long serveripname field to TCP port 54345, which trigge...

7.9AI score0.44457EPSS
Exploits5References13
Zero Day Initiative
Zero Day Initiative
added 2007/02/08 12:0 a.m.32 views

Hewlett-Packard Mercury LoadRunner Agent Stack Overflow Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard Mercury LoadRunner Agent, Mercury Performance Center Agent and Mercury Monitor over Firewall. Authentication is not required to exploit this vulnerability. The specific flaw exists...

10CVSS4.9AI score0.44457EPSS
Exploits5References1
Rows per page
Query Builder