This Metasploit module exploits a remote command execution vulnerability in HP LoadRunner before 9.50 and also HP Performance Center before 9.50. HP LoadRunner 12.53 and other versions are also most likely vulnerable if the (non-default) SSL option is turned off. By sending a specially crafted packet, an attacker can execute commands remotely. The service is vulnerable provided the Secure Channel feature is disabled (default).
0bfa24b3a3de55a83f6e1af498795fa6d0ddf8b35ad4a3fdfc280bd24cc80dd2
HP Security Bulletin - A potential security vulnerability has been identified with the HP Performance Center Agent running on Windows. The vulnerability could be exploited by a remote unauthenticated user to execute arbitrary code.
c28c089bb7e2b55d12d10cd135ce2619d9a5fbc8851ff9fbcf0681a576c06e87
Zero Day Initiative Advisory 10-080 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Mercury LoadRunner. Authentication is not required to exploit this vulnerability. The specific flaw exists within the process magentproc.exe that binds to TCP port 54345. A specially crafted packet will allow unauthenticated users to execute local commands. When a state of 0 or 4 is passed after the parameters, mchan.dll will process the commands on the host. This allows for remote code execution under the context of the SYSTEM user.
3a697f5301d22a62418676bae429ae274cd15b41bafb566750835d21ed410f17
HP Security Bulletin - A potential security vulnerability has been identified with the HP LoadRunner Agent running on Windows. The vulnerability could be exploited by a remote unauthenticated user to execute arbitrary code.
1778c04329294e34e18038a5d43bb6331b07a1a68d55165ce58abdbef6ba638a