Stack Buffer Overflow Vulnerability in HP LoadRunner

May 20, 2015 HP released a fix for the stack buffer overflow vulnerability in HP LoadRunner 11.52. A potential security issue has been identified in HP LoadRunner 11.52 where the hacker can use LoadRunner agent to connect LG machines and execute malicious files. Then, the hacker can use the LG to perform malicious operations.

Security Vulnerability in HP LoadRunner
Security Vulnerability in HP LoadRunner

Solution:

  1. Go to https://softwaresupport.hp.com/group/softwaresupport/search-result/-/facetsearch/document/KM01566261/555054e2002f909581606398/two_way_comm.dll
  2. Save the DLL file
  3. Replace the DLL file in the following places:
  4. %LOADRUNNER_INSTALL_DIRECTORY%\bin
  5. %LOADRUNNER_INSTALL_DIRECTORY%\launch_service\bin
  6. Above DLLs should be copied in wherever LoadRunner is installed such as Controller, Load Generator and MI Listener.

This vulnerability has been fixed already in HP LoadRunner 12.00 and above.

If you like my article, please do share in your favorite social media. Please do not forget to subscribe to my weekly newsletter, it is FREE.

About the Author

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Hamster - Launch JMeter Recent Test Plans SwiftlyDownload for free
+
Share via
Copy link