Uočen je sigurnosni propust u radu programskog paketa HP LoadRunner kojeg lokalni napadači mogu iskoristiti za pokretanje proizvoljnog programskog koda.
Paket:
HP LoadRunner 11.x
Operacijski sustavi:
HP-UX 11.x, Microsoft Windows XP, Microsoft Windows Vista, Microsoft Windows 7
Problem:
pogreška u programskoj komponenti
Iskorištavanje:
lokalno
Posljedica:
proizvoljno izvršavanje programskog koda
Rješenje:
ne postoji zakrpa
Izvorni ID preporuke:
SA50325
Izvor:
Secunia
Problem:
Propust je posljedica pogreške u "magentservice.exe" koja se očituje prilikom analize određenih primljenih paketa na TCP priključku 23472.
Posljedica:
Zlonamjernim korisnicima omogućuje pokretanje proizvoljnog programskog koda sa SYSTEM ovlastima.
HP LoadRunner magentservice.exe Buffer Overflow Vulnerability
Secunia Advisory SA50325
Release Date 2012-08-23
Criticality level Moderately criticalModerately critical
Impact System access
Where From local network
Authentication level Available in Customer Area
Report reliability Available in Customer Area
Solution Status Unpatched
Systems affected Available in Customer Area
Approve distribution Available in Customer Area
Remediation status Secunia VIM
Software:
HP LoadRunner 11.x
Secunia CVSS Score Available in Customer Area
CVE Reference(s) No CVE references.
Description
A vulnerability has been reported in HP LoadRunner, which can be exploited by malicious people to compromise a vulnerable system.
The vulnerability is caused due to an error in magentservice.exe when parsing certain received packets on TCP port 23472 and can be exploited to cause a stack-based buffer overflow.
Successful exploitation allows execution of arbitrary code with SYSTEM privileges.
Solution
No official solution is currently available.
Provided and/or discovered by
An anonymous person via ZDI.
Original Advisory
ZDI:
http://www.zerodayinitiative.com/advisories/ZDI-12-162/
Posljednje sigurnosne preporuke