Signature Detail

HTTP: Microsoft Biztalk Server SQL Injection

This signature detects attempts to exploit a known vulnerability in Microsoft BizTalk Server 2000 and BizTalk Server 2002. Attackers can send maliciously crafted code to the BizTalk Server to execute arbitrary commands on a Microsoft Windows Server, with system privileges.

Extended Description

A vulnerability has been reported for BizTalk Server which may make it possible for remote users to modify database query logic. The vulnerability exists in some of the pages used by the DTA interface. This vulnerability may be the result of inadequate sanitization of user-supplied values for some parameters. A remote attacker may exploit this vulnerability by creating a malicious URL that includes specially crafted SQL queries to execute commands or compromise the database.

Affected Products

• Microsoft BizTalk Server 2000 Developer Edition SP1a
• Microsoft BizTalk Server 2000 Developer Edition SP2
• Microsoft BizTalk Server 2000 Developer Edition
• Microsoft BizTalk Server 2000 Enterprise Edition SP1a
• Microsoft BizTalk Server 2000 Enterprise Edition SP2
• Microsoft BizTalk Server 2000 Enterprise Edition
• Microsoft BizTalk Server 2000 Standard Edition SP1a
• Microsoft BizTalk Server 2000 Standard Edition SP2
• Microsoft BizTalk Server 2000 Standard Edition
• Microsoft BizTalk Server 2002 Developer Edition
• Microsoft BizTalk Server 2002 Enterprise Edition

References

• BugTraq: 7470
• CVE: CVE-2003-0118
• URL: http://www.microsoft.com/technet/security/bulletin/MS03-016.asp
• URL: http://www.securityfocus.com/bid/7470/discuss