CVE-2011-4789 : Stack-based buffer overflow in magentservice.exe in the server in HP LoadRunner

Stack-based buffer overflow in magentservice.exe in the server in HP LoadRunner 11.00 before patch 4 allows remote attackers to execute arbitrary code via a crafted size value in a packet. NOTE: it was originally reported that the affected product is HP Diagnostics Server, but HP states that "the vulnerable product is actually HP LoadRunner."

Published 2012-01-13 04:14:39

Updated 2025-04-11 00:51:22

Source HP Inc.

View at NVD, CVE.org

Vulnerability category: OverflowExecute code

Products affected by CVE-2011-4789

HP » Diagnostics
cpe:2.3:a:hp:diagnostics:*:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2011-4789

EPSS FAQ

77.79%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 99 %

Percentile, the proportion of vulnerabilities that are scored at or less

Metasploit modules for CVE-2011-4789

HP Diagnostics Server magentservice.exe Overflow

Disclosure Date: 2012-01-12

First seen: 2020-04-26

exploit/windows/misc/hp_magentservice

This module exploits a stack buffer overflow in HP Diagnostics Server magentservice.exe service. By sending a specially crafted packet, an attacker may be able to execute arbitrary code. Originally found and posted by AbdulAziz Harir via ZDI. Authors: - Ab

More information

CVSS scores for CVE-2011-4789

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
10.0	HIGH	AV:N/AC:L/Au:N/C:C/I:C/A:C	10.0	10.0	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete

CWE ids for CVE-2011-4789

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2011-4789

http://osvdb.org/78309
http://www.securityfocus.com/bid/51398

HP LoadRunner 'magentservice.exe' Remote Stack Buffer Overflow Vulnerability
http://h20565.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c03216705
http://zerodayinitiative.com/advisories/ZDI-12-016/

ZDI-12-016 | Zero Day Initiative

Jump to