what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

Microsoft Source Code Analyzer For SQL Injection 1.3 Improper Permissions

Microsoft Source Code Analyzer For SQL Injection 1.3 Improper Permissions
Posted Mar 16, 2011
Authored by LiquidWorm | Site zeroscience.mk

Microsoft Source Code Analyzer for SQL Injection is a static code analysis tool for finding SQL Injection vulnerabilities in ASP code. The package suffers from an elevation of privileges vulnerability which can be used by a simple user that can change the executable file with a binary of choice. The vulnerability exists due to the improper permissions, with the "C" flag (Change(write)) for the "Everyone" group, for the binary file msscasi_asp.exe and the package itself, msscasi_asp_pkg.exe.

tags | exploit, vulnerability, sql injection, asp
SHA-256 | 985f1b8a0c9c7170bfff235022459884dade76cc7504b5ccb7d597a030b5d2e8

Microsoft Source Code Analyzer For SQL Injection 1.3 Improper Permissions

Change Mirror Download
Microsoft Source Code Analyzer for SQL Injection 1.3 Improper Permissions


Vendor: Microsoft Corp.
Product web page: http://www.microsoft.com
Affected version: 1.3.30601.30705

summary: Microsoft Source Code Analyzer for SQL Injection is a static
code analysis tool for finding SQL Injection vulnerabilities in ASP code.
Customers can run the tool on their ASP source code to help identify code
paths that are vulnerable to SQL Injection attacks.

Desc: The package suffers from an elevation of privileges vulnerability
which can be used by a simple user that can change the executable file
with a binary of choice. The vulnerability exist due to the improper
permissions, with the "C" flag (Change(write)) for the "Everyone" group,
for the binary file msscasi_asp.exe and the package itself, msscasi_asp_pkg.exe.

Tested on: Microsoft Windows XP Professional SP3 (EN)

Vulnerability discovered by Gjoko 'LiquidWorm' Krstic
liquidworm gmail com


Advisory ID: ZSL-2011-5003
Advisory URL: http://www.zeroscience.mk/en/vulnerabilities/ZSL-2011-5003.php


12.03.2011


-------------------------------------------


C:\Documents and Settings\User101\Desktop\msaspscan>dir
Volume in drive C has no label.
Volume Serial Number is 7C64-FE80

Directory of C:\Documents and Settings\User101\Desktop\msaspscan

12.03.2011 02:27 <DIR> .
12.03.2011 02:27 <DIR> ..
12.03.2011 02:27 <DIR> bin
03.07.2008 15:08 119.422 license.rtf
09.07.2008 10:43 107.544 microsoft.analysis.aspparser.dll
06.11.2007 20:24 524 microsoft.vc90.crt.manifest
09.07.2008 11:51 4.738.072 msscasi_asp.exe
09.07.2008 13:04 139 msscasi_view.cmd
06.11.2007 20:23 224.768 msvcm90.dll
07.11.2007 01:19 568.832 msvcp90.dll
07.11.2007 01:19 655.872 msvcr90.dll
08.07.2008 16:31 224.405 readme.html
12.03.2011 02:27 <DIR> scripts
9 File(s) 6.639.578 bytes
4 Dir(s) 16.956.391.424 bytes free

C:\Documents and Settings\User101\Desktop\msaspscan>cacls msscasi_asp.exe
C:\Documents and Settings\User101\Desktop\msaspscan\msscasi_asp.exe BUILTIN\Administrators:F
Everyone:C
LABPC\User101:F
NT AUTHORITY\SYSTEM:F


C:\Documents and Settings\User101\Desktop\msaspscan>
Login or Register to add favorites

File Archive:

August 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    20 Files
  • 2
    Aug 2nd
    4 Files
  • 3
    Aug 3rd
    6 Files
  • 4
    Aug 4th
    55 Files
  • 5
    Aug 5th
    16 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    13 Files
  • 9
    Aug 9th
    13 Files
  • 10
    Aug 10th
    34 Files
  • 11
    Aug 11th
    16 Files
  • 12
    Aug 12th
    5 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close