Public exploits available
On this page
Microsoft BizTalk Server is an Enterprise Integration product that allows organizations to integrate applications, trading partners, and business processes. BizTalk is used in intranet environments to transfer business documents between different back-end systems as well as extranet environments to exchange structured messages with trading partners. This patch addresses two newly reported vulnerabilities in BizTalk Server.
The first vulnerability affects Microsoft BizTalk Server 2002 only. BizTalk Server 2002 provides the ability to exchange documents using the HTTP format. A buffer overrun exists in the component used to receive HTTP documents - the HTTP receiver - and could result in an attacker being able to execute code of their choice on the BizTalk Server.
This vulnerability could enable an attacker to run code of his or her choice in the security context of the IIS Server hosting the ISAPI extension. By default IIS 5.0 runs under a user account
Technical details (analysis)
This is a buffer overrun vulnerability. An attacker who successfully exploited this vulnerability could cause IIS to fail, or could cause code of the attacker's choice to be executed with system privileges. Code running with system privileges could provide the attacker with the ability to take any desired action on the machine, such as adding, deleting, or modifying data on the system, and creating or deleting user accounts. An attacker could seek to exploit this vulnerability by sending a specially malformed request to the HTTP Receiver. This request could cause a buffer overflow condition that would allow the attacker to execute code of his or her choice on the server.
Microsoft BizTalk Server 2000
Microsoft BizTalk Server 2002
All applications not on the affected list.
Release Date: 2003-04-30T00:00:00
Known false positives
No known false positives at this time.
There are no known work arounds