Flaw found in power-plant software
Published: 19 May 2008 13:27 BST
A hole has been found in software used by critical national infrastructure organisations including oil, gas and power companies that could lead to a successful denial-of-service attack.
The vulnerability is in a protocol used in versions of SuiteLink by Wonderware running on Microsoft Windows. The software is used to communicate between components in Supervisory Control and Data Acquisition (Scada) systems. The protocol is proprietary, and used over TCP/IP networks.
The flaw in the Wonderware SuiteLink Service, as reported by security researcher Sebastian Muniz from Core Security Technologies, means unauthenticated client programs connecting to the SuiteLink Service prior to version 2.0 patch 1 can send a malformed packet that causes a memory allocation operation to fail, returning a null pointer.
Due to a lack of error-checking for the result of the memory allocation operation, the program later tries to use the pointer as a destination for memory copy operation, triggering an access violation error and terminating the service, reported Core Security.
The flaw is remotely exploitable, according to the Core Secure Technologies researcher. According to the Wonderware site: "One-third of the world's plants run Wonderware software solutions. Wonderware has sold over 450,000 software licences in approximately 100,000 plants worldwide, which is 33 percent of the world's 305,544 plants with 20 or more employees."
Software updates and advice on how to secure systems are available from the Wonderware website, and users must register on the site to view the advisory.
Did you find this article useful?
Digg
Slashdot
Del.ici.ous
Stumble
Reddit
