Lucene search
SAINT CorporationSAINT:A08F1221F5F9809F54ACEF82DA0F20BCHistoryFeb 16, 2007 - 12:00 a.m.
HP Mercury LoadRunner mchan.dll buffer overflow
2007-02-1600:00:00
SAINT Corporation
www.saintcorporation.com
21
EPSS
0.774
Percentile
98.2%
Added: 02/16/2007
CVE: CVE-2007-0446
BID: 22487
OSVDB: 33132
Background
HP Mercury LoadRunner is a load testing solution.
Problem
A buffer overflow in the **mchan.dll** library allows remote attackers to execute arbitrary commands by sending a packet with a long **server_ip_name** field to port 54345/TCP.
Resolution
Apply the fix referenced in the HP Security Bulletin.
References
<http://www.securityfocus.com/archive/1/459505>
Limitations
Exploit works on HP Mercury LoadRunner 8.1.
Platforms
Windows
Related
zdi
zdi
Hewlett-Packard Mercury LoadRunner Agent Stack Overflow Vulnerability
2007-02-08 00:00:00
saint
saint
HP Mercury LoadRunner mchan.dll buffer overflow
2007-02-16 00:00:00
HP Mercury LoadRunner mchan.dll buffer overflow
2007-02-16 00:00:00
HP Mercury LoadRunner mchan.dll buffer overflow
2007-02-16 00:00:00
cert
cert
HP Mercury products vulnerable to buffer overflow
2007-02-26 00:00:00
prion
prion
Stack overflow
2007-02-08 23:28:00
cve
cve
CVE-2007-0446
2007-02-08 23:28:00
d2
d2
DSquare Exploit Pack: D2SEC_MERCURY_LR
2007-02-08 23:28:00
checkpoint_advisories
checkpoint_advisories
securityvulns
securityvulns
HP Mercury LoadRunner Agent buffer overflow
2007-02-09 00:00:00
ZDI-07-007: HP Mercury LoadRunner Agent Stack Overflow Vulnerability
2007-02-09 00:00:00
cvelist
cvelist
CVE-2007-0446
2007-02-08 23:00:00
nvd
nvd
CVE-2007-0446
2007-02-08 23:28:00
nessus
nessus
Mercury LoadRunner Agent server_ip_name Field Remote Buffer Overflow
2007-02-13 00:00:00