HighProventia Network MFS, IBM Security Server Protection for Windows, Proventia-G 1.1 and earlier, Proventia Network IDS, Proventia Desktop, RealSecure Network, RealSecure Server Sensor, BlackICE Server Protection, BlackICE PC Protection, Proventia Network IPS, RealSecure Desktop, Proventia Server IPS for Linux technology, Virtual Server Protection for Vmware:
This signature reports the use an excessively long string in a DPS message that will cause a buffer overflow.
High
Proventia Network MFS: XPU 1.88, IBM Security Server Protection for Windows: 1.0.914.1890, IBM Security Server Protection for Windows: 2.1.14.2400, Proventia-G 1.1 and earlier: XPU 24.49, Proventia Network IDS: XPU 24.49, Proventia Desktop: 1890, RealSecure Network: XPU 24.49, RealSecure Server Sensor: XPU 24.49, BlackICE Server Protection: 3.6.cpu, BlackICE PC Protection: 3.6cpu, Proventia Network IPS: XPU 1.88, RealSecure Desktop: epu, Proventia Server IPS for Linux technology: 1.88, Virtual Server Protection for Vmware: 1.0
Microsoft Business Solutions Great Plains: 7.5, Microsoft Business Solutions Dynamics: 6.0, Microsoft Business Solutions Dynamics: 7.0, Microsoft Dynamics GP: 9.0
Unauthorized Access Attempt
Microsoft Dynamics GP (formerly known as Great Plains) is vulnerable to multiple stack and heap-based buffer overflows in the Distributed Process Server (DPS) and Distributed Process Manager (DPM) components. By sending a specially-crafted DPS message containing an overly long string, a remote attacker could overflow a buffer and execute arbitrary code on the system.
Upgrade to the latest version of Microsoft Dynamics GP (10.0 or later), available from the Microsoft Web site. See References.
Microsoft Web site
What's new in Microsoft Dynamics GP 10.0
http://www.microsoft.com/dynamics/gp/product/10.mspx
ISS X-Force
Microsoft Dynamics GP DPS and DPM string buffer overflow
http://www.iss.net/security_center/static/25840.php
CVE
CVE-2006-5266
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5266