Intrusion Prevention



This indicates an attack attempt to exploit a Directory Traversal vulnerability in HP Loadrunner.
A vulnerability has been reported in Loadrunner that may allow an attacker to execute shell commands on a vulnerable system. This is possible because the user input filters fail to properly sanitize the "username" parameter value that is passed to "". An attacker may write a file to an arbitrary directory by sending a crafted HTTP POST request.

Affected Products

HP LoadRunner 9.1 and earlier versions.


Directory Traversal

Recommended Actions

Apply patch, available from the website:

CVE References