Signature Detail
Short Name |
SCADA:WWSUITE |
|---|---|
Severity |
Medium |
Recommended |
No |
Recommended Action |
Drop |
Category |
SCADA |
Keywords |
WonderWare SuiteLink slssvc.exe Denial of Service |
Release Date |
2008/05/12 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.4+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
SCADA: WonderWare SuiteLink slssvc.exe Denial of Service
This signature detects attempts to exploit a known vulnerability against WonderWare SuiteLink. A successful attack can result in a denial-of-service condition. This signature is exploit specific to the WonderWare exploit released by Core Impact.
Extended Description
Wonderware SuiteLink is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to crash the affected application, denying service to legitimate users. Given the nature of this issue, the attacker may also be able to execute arbitrary code, but this has not been confirmed. Versions prior to Wonderware SuiteLink 2.0 Patch 01 are vulnerable. UPDATE: References to Wonderware InTouch 8.0 have been removed; that software is not affected by this vulnerability.
Affected Products
- Wonderware SuiteLink 2.0
References
- BugTraq: 28974
- CVE: CVE-2008-2005