HTTP: Microsoft Biztalk Server SQL Injection
This signature detects attempts to exploit a known vulnerability in Microsoft BizTalk Server 2000 and BizTalk Server 2002. Attackers can send maliciously crafted code to the BizTalk Server to execute arbitrary commands on a Microsoft Windows Server, with system privileges.
Extended Description
A vulnerability has been reported for BizTalk Server which may make it possible for remote users to modify database query logic. The vulnerability exists in some of the pages used by the DTA interface. This vulnerability may be the result of inadequate sanitization of user-supplied values for some parameters. A remote attacker may exploit this vulnerability by creating a malicious URL that includes specially crafted SQL queries to execute commands or compromise the database.
Affected Products
Microsoft biztalk_server_2000_developer_edition
References
BugTraq: 7470
CVE: CVE-2003-0118
URL: http://www.microsoft.com/technet/security/bulletin/MS03-016.asp http://www.securityfocus.com/bid/7470/discuss
Short Name
HTTP:SQL:INJ:BIZTALK
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Biztalk CVE-2003-0118 Injection Microsoft SQL Server bid:7470
Release Date
05/29/2003
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3339
False Positive
Unknown
Vendors
Microsoft
CVSS Score
7.5