HighProventia Server IPS for Linux technology, Proventia-G 1.1 and earlier, Proventia Network MFS, Proventia Desktop, Proventia Network IPS, RealSecure Server Sensor, RealSecure Network, BlackICE PC Protection, Proventia Server IPS for Microsoft Windows technology, BlackICE Server Protection:
This signature reports DPS messages which have an excessively long IP address string.
High
Proventia Server IPS for Linux technology: 1.88, Proventia-G 1.1 and earlier: XPU 24.49, Proventia Network MFS: XPU 1.88, Proventia Desktop: 1890, Proventia Network IPS: XPU 1.88, RealSecure Server Sensor: XPU 24.49, RealSecure Network: XPU 24.49, BlackICE PC Protection: 3.6cpu, Proventia Server IPS for Microsoft Windows technology: 1.0.914.1890, BlackICE Server Protection: 3.6.cpu
Microsoft Business Solutions Great Plains: 7.5, Microsoft Business Solutions Dynamics: 6.0, Microsoft Business Solutions Dynamics: 7.0, Microsoft Dynamics GP: 9.0
Unauthorized Access Attempt
Microsoft Dynamics GP (formerly known as Great Plains) is vulnerable to multiple stack and heap-based buffer overflows in the Distributed Process Server (DPS) and Distributed Process Manager (DPM) components. By sending a specially-crafted DPS message containing an overly long IP address, a remote attacker could overflow a buffer and execute arbitrary code on the system.
Upgrade to the latest version of Microsoft Dynamics GP (9.0 SP3 or 10.0 or later), available from the Microsoft Web site. See References.
Microsoft Web site
What's new in Microsoft Dynamics GP 10.0
http://www.microsoft.com/dynamics/gp/product/10.mspx
ISS X-Force
Microsoft Dynamics GP DPS and DPM IP address buffer overflow
http://www.iss.net/security_center/static/25841.php
CVE
CVE-2006-5266
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5266