This script is Copyright (C) 2008-2016 Tenable Network Security, Inc.
The remote host contains an application that is affected by multiple
Microsoft Dynamics GP (formerly known as Great Plains), is installed
on remote host. The installed version of Microsoft Dynamics GP is
affected by multiple vulnerabilities.
- By sending a specially crafted DPS message with a very
long IP address or a string, to Distributed Process
Server (DPS) or Distributed Process Manager (DPM), it
may be possible to overflow a buffer or execute
arbitrary code on the remote system.
- By sending a specially crafted DPS message, containing
an invalid magic number, it may be possible to cause a
denial of service condition and crash the remote system.
- By sending a specially crafted DPM message, it may be
possible to execute arbitrary code on the remote system.
It should be noted that code execution will generally result in a
complete compromise of the affected system.
See also :
Upgrade to Microsoft Dynamics GP 10.0 or later.
Risk factor :
Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 7.4
Public Exploit Available : false