PT-2011-2246 · Hewlett Packard · Hp Loadrunner

Published

2011-01-12

Updated

2017-08-17

CVE-2011-0272

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions HP LoadRunner version 9.52

Description The issue allows remote attackers to execute arbitrary code via network traffic to TCP port 5001 or 5002, related to the HttpTunnel feature.

Recommendations For HP LoadRunner version 9.52, consider restricting access to TCP ports 5001 and 5002 to minimize the risk of exploitation. As a temporary workaround, consider disabling the HttpTunnel feature until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2011-0272

ZDI-11-015

Affected Products

Hp Loadrunner

PT-2011-2246 · Hewlett Packard · Hp Loadrunner

CVE-2011-0272

Related Identifiers

Affected Products

References · 9