BID:53498

Wonderware Archestra SuiteLink 'slssvc.exe' Remote Denial of Service Vulnerability

Info

Wonderware Archestra SuiteLink 'slssvc.exe' Remote Denial of Service Vulnerability

Bugtraq ID:	53498
Class:	Failure to Handle Exceptional Conditions
CVE:
Remote:	Yes
Local:	No
Published:	May 13 2012 12:00AM
Updated:	May 13 2012 12:00AM
Credit:	Luigi Auriemma
Vulnerable:	Wonderware SuiteLink 51.5.0.0 Wonderware SuiteLink 51.5 Wonderware InTouch 10.5

Not Vulnerable:	Wonderware Archestra SuiteLink 59 Wonderware Archestra SuiteLink 56

Discussion

Wonderware Archestra SuiteLink 'slssvc.exe' Remote Denial of Service Vulnerability

Wonderware Archestra SuiteLink is prone to a remote denial-of-service vulnerability.

An attacker can exploit this issue to cause the application to crash, denying service to legitimate users.

Exploit / POC

Wonderware Archestra SuiteLink 'slssvc.exe' Remote Denial of Service Vulnerability

The researcher has created a proof-of-concept to demonstrate the issue. Please see the references for more information.

Solution / Fix

Wonderware Archestra SuiteLink 'slssvc.exe' Remote Denial of Service Vulnerability

Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].

References

Wonderware Archestra SuiteLink 'slssvc.exe' Remote Denial of Service Vulnerability

References:

Vendor Homepage (Wonderware)
Wonderware Products Homepage (Wonderware)
DOS Advisory (Luigi Auriemma)