BizTalk Server SQL Injection

vendor:

BizTalk Server

by:

SecurityFocus

8.8

CVSS

HIGH

BizTalk Server SQL Injection

CWE

Product Name: BizTalk Server

Affected Version From: N/A

Affected Version To: N/A

Patch Exists: No

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2002

BizTalk Server SQL Injection

A vulnerability has been reported for BizTalk Server which may make it possible for remote users to modify database query logic. The vulnerability exists in some of the pages used by the DTA interface. This vulnerability may be the result of inadequate sanitization of user-supplied values for some parameters. A remote attacker may exploit this vulnerability by creating a malicious URL that includes specially crafted SQL queries to execute commands or compromise the database.

Mitigation:

Ensure that user-supplied values are properly sanitized before being used in database queries.

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/7470/info
 
A vulnerability has been reported for BizTalk Server which may make it possible for remote users to modify database query logic. The vulnerability exists in some of the pages used by the DTA interface.
 
This vulnerability may be the result of inadequate sanitization of user-supplied values for some parameters. A remote attacker may exploit this vulnerability by creating a malicious URL that includes specially crafted SQL queries to execute commands or compromise the database. 

http://server/biztalktracking/RawCustomSearchField.asp?nDocumentKey=1,@tnDirection=1;execmaster.dbo.xp_cmdshell 'any OS command'--

http://server/biztalktracking/RawCustomSearchField.asp?nDocumentKey=1,@tnDirection=1;execmaster.dbo.sp_grantlogin 'domain\attacker'--