Vulnerability Note VU#596268
Wonderware SuiteLink null pointer dereference
Overview
A vulnerability in the way Wonderware SuiteLink handles malformed TCP packets could result in a denial of service.
Description
Wonderware SuiteLink is a protocol based on TCP/IP that runs as a service listening for connections on port 5413/tcp on Microsoft Windows operating systems. A vulnerability exists in the way the Wonderware SuiteLink Service slssvc.exe handles malformed TCP packets. According to Core Security Advisory CORE-2008-0129: Un-authenticated client programs connecting to the service can send a malformed packet that causes a memory allocation operation (a call to new() operator) to fail returning a NULL pointer. Due to a lack of error-checking for the result of the memory allocation operation, the program later tries to use the pointer as a destination for memory copy operation, triggering an access violation error and terminating the service. |
Impact
A remote, unauthenticated attacker may be able to cause a denial-of-service condition. |
Solution
Apply an update |
Systems Affected (Learn More)
| Vendor | Status | Date Notified | Date Updated |
|---|---|---|---|
| Invensys | Affected | 06 May 2008 | 23 May 2008 |
| Wonderware | Affected | 06 May 2008 | 23 May 2008 |
CVSS Metrics (Learn More)
| Group | Score | Vector |
|---|---|---|
| Base | N/A | N/A |
| Temporal | N/A | N/A |
| Environmental | N/A | N/A |
References
- http://www.coresecurity.com/?action=item&id=2187
- http://www.securityfocus.com/bid/28974
- http://secunia.com/advisories/30063/
- http://www.wonderware.com/support/mmi/comprehensive/kbcd/html/t002260.htm
- http://www.wonderware.com/support/web/secure/downloads/download_serve.asp?id=2355&url=http://www.wonderware.com/support/mmi/registered/patchfixes/SL2.0P1.zip
- http://www.wonderware.com/support/mmi/esupport/securitycentral/documents/BestPractices/WWSecGd041707
- http://portal.wonderware.com/sites/securitycentral/default.aspx
- http://www.milw0rm.com/exploits/6474
Credit
This vulnerability was reported in Core Security Advisory CORE-2008-0129.
This document was written by Chris Taschner.
Other Information
- CVE IDs: CVE-2008-2005
- Date Public: 05 May 2008
- Date First Published: 06 May 2008
- Date Last Updated: 17 Sep 2008
- Severity Metric: 3.07
- Document Revision: 14
Feedback
If you have feedback, comments, or additional information about this vulnerability, please send us email.
View Notes By
Report a Vulnerability
Please use the Vulnerability Reporting Form to report a vulnerability. Alternatively, you can send us email. Be sure to read our vulnerability disclosure policy.