Vulnerability Note VU#596268
Wonderware SuiteLink null pointer dereference
A vulnerability in the way Wonderware SuiteLink handles malformed TCP packets could result in a denial of service.
Wonderware SuiteLink is a protocol based on TCP/IP that runs as a service listening for connections on port 5413/tcp on Microsoft Windows operating systems. A vulnerability exists in the way the Wonderware SuiteLink Service slssvc.exe handles malformed TCP packets. According to Core Security Advisory CORE-2008-0129:
Un-authenticated client programs connecting to the service can send a malformed packet that causes a memory allocation operation (a call to new() operator) to fail returning a NULL pointer. Due to a lack of error-checking for the result of the memory allocation operation, the program later tries to use the pointer as a destination for memory copy operation, triggering an access violation error and terminating the service.
A remote, unauthenticated attacker may be able to cause a denial-of-service condition.
Apply an update
Systems Affected (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Invensys||Affected||06 May 2008||23 May 2008|
|Wonderware||Affected||06 May 2008||23 May 2008|
CVSS Metrics (Learn More)
This vulnerability was reported in Core Security Advisory CORE-2008-0129.
This document was written by Chris Taschner.
- CVE IDs: CVE-2008-2005
- Date Public: 05 May 2008
- Date First Published: 06 May 2008
- Date Last Updated: 17 Sep 2008
- Severity Metric: 3.07
- Document Revision: 14
If you have feedback, comments, or additional information about this vulnerability, please send us email.