|
|
|
Vulnerability Note VU#596268Wonderware SuiteLink null pointer dereferenceOverviewA vulnerability in the way Wonderware SuiteLink handles malformed TCP packets could result in a denial of service.I. DescriptionWonderware SuiteLink is a protocol based on TCP/IP that runs as a service listening for connections on port 5413/tcp on Microsoft Windows operating systems. A vulnerability exists in the way the Wonderware SuiteLink Service slssvc.exe handles malformed TCP packets. According to Core Security Advisory CORE-2008-0129:Un-authenticated client programs connecting to the service can send a malformed packet that causes a memory allocation operation (a call to new() operator) to fail returning a NULL pointer. Due to a lack of error-checking for the result of the memory allocation operation, the program later tries to use the pointer as a destination for memory copy operation, triggering an access violation error and terminating the service. II. ImpactA remote, unauthenticated attacker may be able to cause a denial-of-service condition.III. SolutionApply an updateThis issue is addressed in Wonderware SuiteLink Version 2.0 Patch 01. Wonderware SuiteLink customers should refer to Wonderware Tech Alert 106 and Wonderware Security Manual - Securing Industrial Control Systems for more details.
References
This vulnerability was reported in Core Security Advisory CORE-2008-0129. This document was written by Chris Taschner.
If you have feedback, comments, or additional information about this vulnerability, please send us
email. |
||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||
Get Adobe Reader