1.7 - VU#204988

Executive Summary

Summary
Title	Kaseya's agent driver contains NULL pointer dereference

Informations
Name	VU#204988	First vendor Publication	2014-07-14
Vendor	VU-CERT	Last vendor Modification	2014-07-28
Severity (Vendor)	N/A	Revision	M

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:L/Au:S/C:N/I:N/A:P)
Cvss Base Score	1.7	Attack Range	Local
Cvss Impact Score	2.9	Attack Complexity	Low
Cvss Expoit Score	3.1	Authentication	Requires single instance
Calculate full CVSS 2.0 Vectors scores

Detail

Vulnerability Note VU#204988

Kaseya's agent driver contains NULL pointer dereference

Original Release date: 14 Jul 2014 | Last revised: 28 Jul 2014

Overview

Kaseya's agent driver, kapfa.sys, is vulnerable to a NULL pointer dereference.

Description

CWE-476: NULL Pointer Dereference

Kaseya's agent driver, kapfa.sys, is vulnerable to a NULL pointer dereference.

Impact

A local authenticated attacker may be able to cause a denial-of-service condition or achieve code execution with the privileges of the Windows kernel.

Solution

Kaseya has released patches with the following instructions:

"For VSA Version 7.0, install patch 7.0.0.16 and then update your agents to version 7.0.0.3 or higher (Agent-> Upgrade Agent->Update Agent).

For VSA Version 6.5, install patch 6.5.0.17 and then update your agents to version 6.5.0.2 or higher (Agent-> Upgrade Agent->Update Agent).

For VSA 6.3 or earlier, it is recommended to upgrade the system to version 6.5 or 7.0."

Vendor Information (Learn More)

Vendor	Status	Date Notified	Date Updated
Kaseya, Inc.	Affected	14 Mar 2014	29 Apr 2014

If you are a vendor and your product is affected, let us know.

CVSS Metrics (Learn More)

Group	Score	Vector
Base	6.8	AV:L/AC:L/Au:S/C:C/I:C/A:C
Temporal	5.5	E:POC/RL:U/RC:UC
Environmental	1.5	CDP:L/TD:L/CR:L/IR:M/AR:H

References

http://www.kaseya.com/
https://cwe.mitre.org/data/definitions/476.html

Credit

Thanks to Bill Finlayson for reporting this vulnerability.

This document was written by Jared Allar.

Other Information

CVE IDs:CVE-2014-2926
Date Public:14 Jul 2014
Date First Published:14 Jul 2014
Date Last Updated:28 Jul 2014
Document Revision:26

Feedback

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Original Source

Url : http://www.kb.cert.org/vuls/id/204988

CPE : Common Platform Enumeration

Type	Description	Count
Application	Kaseya Virtual System Administrator cpe:2.3:a:kaseya:virtual_system_administrator:7.0:::::::* cpe:2.3:a:kaseya:virtual_system_administrator:6.5:::::::*	2

Alert History

If you want to see full details history, please login or register.

Date	Informations
2014-07-28 17:23:28	Multiple Updates
2014-07-25 13:18:45	Multiple Updates
2014-07-15 21:28:35	Multiple Updates
2014-07-15 05:27:28	Multiple Updates
2014-07-14 21:22:37	Multiple Updates
2014-07-14 17:21:34	First insertion