Follow:

Vulnerability:Win/HTTP.Biztalk.RCE!CAN-2003-0117

Severity rating
Moderate

Class/Type
Vulnerability

Discovered date
2003-04-30T00:00:00

Attack vector
Remote

Authentication required
No

Public exploits available
Yes

Signature detection
Medium



On this page




Description

Microsoft BizTalk Server is an Enterprise Integration product that allows organizations to integrate applications, trading partners, and business processes. BizTalk is used in intranet environments to transfer business documents between different back-end systems as well as extranet environments to exchange structured messages with trading partners. This patch addresses two newly reported vulnerabilities in BizTalk Server. The first vulnerability affects Microsoft BizTalk Server 2002 only. BizTalk Server 2002 provides the ability to exchange documents using the HTTP format. A buffer overrun exists in the component used to receive HTTP documents - the HTTP receiver - and could result in an attacker being able to execute code of their choice on the BizTalk Server.



Impact

This vulnerability could enable an attacker to run code of his or her choice in the security context of the IIS Server hosting the ISAPI extension. By default IIS 5.0 runs under a user account



Technical details (analysis)

This is a buffer overrun vulnerability. An attacker who successfully exploited this vulnerability could cause IIS to fail, or could cause code of the attacker's choice to be executed with system privileges. Code running with system privileges could provide the attacker with the ability to take any desired action on the machine, such as adding, deleting, or modifying data on the system, and creating or deleting user accounts. An attacker could seek to exploit this vulnerability by sending a specially malformed request to the HTTP Receiver. This request could cause a buffer overflow condition that would allow the attacker to execute code of his or her choice on the server.



Affected software

Microsoft BizTalk Server 2000
Microsoft BizTalk Server 2002



Non-affected software

All applications not on the affected list.



References




Solutions




NIS signature

Name: Vulnerability:Win/HTTP.Biztalk.RCE!CAN-2003-0117
Release Date: 2003-04-30T00:00:00



Known false positives

No known false positives at this time.



Work-arounds

There are no known work arounds