SCADA: WonderWare SuiteLink slssvc.exe Denial of Service
This signature detects attempts to exploit a known vulnerability against WonderWare SuiteLink. A successful attack can result in a denial-of-service condition. This signature is exploit specific to the WonderWare exploit released by Core Impact.
Extended Description
Wonderware SuiteLink is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to crash the affected application, denying service to legitimate users. Given the nature of this issue, the attacker may also be able to execute arbitrary code, but this has not been confirmed. Versions prior to Wonderware SuiteLink 2.0 Patch 01 are vulnerable. UPDATE: References to Wonderware InTouch 8.0 have been removed; that software is not affected by this vulnerability.
Affected Products
Wonderware suitelink
Short Name
SCADA:WWSUITE
Severity
Minor
Recommended
False
Recommended Action
Drop
Category
SCADA
Keywords
CVE-2008-2005 Denial Service SuiteLink WonderWare bid:28974 of slssvc.exe
Release Date
05/12/2008
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
Port
TCP/5413
False Positive
Unknown
Vendors
Wonderware
CVSS Score
5.0