Detections
Analytics

HP LoadRunner < 11.52 Patch 1 Multiple Vulnerabilities

critical Nessus Plugin ID 70806

Language:

Synopsis

The remote Windows host has an application that is affected by multiple vulnerabilities.

Description

The version of HP LoadRunner installed on the remote host is prior to 11.52 Patch 1. It is, therefore, affected by multiple vulnerabilities :

 - Flaws exist in the Virtual User Generator that allow directory traversal outside of a restricted path. These can be exploited by a remote attacker to create files with arbitrary content, thus leading to remote code execution. (CVE-2013-4837, CVE-2013-4838)

 - A SQL injection vulnerability exists in the Virtual User Generator that allows remote attackers to acquire sensitive information, modify data, or cause a denial of service. (CVE-2013-4839)

 - A flaw exists in the Virtual User Generator when handling multiple unspecified methods that allows a remote attacker to read, write, or delete arbitrary files, thus leading to information disclosure or the execution of arbitrary code. (CVE-2013-6213)

Solution

Upgrade to HP LoadRunner 11.52 Patch 1 or later or apply the workaround.

See Also

https://www.zerodayinitiative.com/advisories/ZDI-13-259/

https://www.zerodayinitiative.com/advisories/ZDI-13-260/

https://www.zerodayinitiative.com/advisories/ZDI-13-261/

https://www.zerodayinitiative.com/advisories/ZDI-14-100/

http://www.nessus.org/u?bf50511c

https://www.securityfocus.com/archive/1/531867/30/0/threaded

Plugin Details

Severity: Critical

ID: 70806

File Name: hp_loadrunner_11_52_1.nasl

Version: 1.15

Type: local

Agent: windows

Family: Windows

Published: 11/9/2013

Updated: 11/15/2018

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 8.3

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/a:hp:loadrunner

Required KB Items: SMB/Registry/Enumerated, installed_sw/HP LoadRunner

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 10/30/2013

Vulnerability Publication Date: 10/30/2013

Exploitable With

Metasploit (HP LoadRunner EmulationAdmin Web Service Directory Traversal)

Reference Information

CVE: CVE-2013-4837, CVE-2013-4838, CVE-2013-4839, CVE-2013-6213

BID: 63475, 63476, 63477, 66961

HP: HPSBMU02935, SSRT101191, SSRT101192, SSRT101193, SSRT101357, emr_na-c03969437