Wonderware SuiteLink Vuln Now In Metasploit
Author: Dave Lewis
The Wonderware security vulnerability that was released back in March of this year has now found its way into the Metasploit framework.
The code example is available over on Milw0rm. It was posted yesterday.
From Secunia (May 08):
The vulnerability is caused due to an error within the Wonderware SuiteLink Service (slssvc.exe) when handling Registration packets. This can be exploited to cause the service to crash via a specially crafted Registration packet containing an overly large length field sent to default port 5413/TCP.
For more on this vulnerability check out CVE-2008-2005
Tags: SCADA, SCADA Security, Wonderware, Metasploit
