HP Diagnostics Server 'magentservice.exe' Buffer Overflow Vulnerability Network Vulnerability

Summary

This host is running HP Diagnostics Server and is prone to buffer overflow vulnerability.

Impact

Successful exploitation may allow remote attackers to execute arbitrary code within the context of the application or cause a denial of service condition. Impact Level: System/Application

Solution

Upgrade to HP LoadRunner 11.0 patch4 or later, For updates refer to http://www.hp.com/

Insight

The flaw is due to an error within the magentservice.exe process when processing a specially crafted request sent to TCP port 23472 and causing a stack-based buffer overflow.

Affected

HP Diagnostics Server 9.00

References

http://osvdb.org/show/osvdb/78309
http://seclists.org/bugtraq/2012/Jan/88
http://secunia.com/advisories/47574/
http://www.zerodayinitiative.com/advisories/ZDI-12-016/

Updated on 2015-03-25

Severity

Classification

CVE CVE-2011-4789

CVSS	Base Score: 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe Flash Player Multiple Vulnerabilities - Mar09 (Win)
Adobe Reader 'Plug-in' Buffer Overflow Vulnerability (Mac OS X)
CA ARCserve Backup Multiple Bufffer Overflow Vulnerabilities
CursorArts ZipWrangler 'ZIP Processing' Buffer Overflow Vulnerability
Adobe Reader Buffer Overflow Vulnerability Sep09 (Win)

Take action and discover your vulnerabilities