[ISN] Brit infosec bod finds Kaseya ‘master admin’ remote code exec holes

http://www.theregister.co.uk/2015/09/24/brit_infosec_bod_finds_kaseya_master_admin_remote_code_exec_holes/ By Darren Pauli The Register 24 Sep 2015 Three remote code execution and privilege escalation flaws have been reported in the Kaseya IT management software which when chained enable unauthenticated attackers to gain ‘master admin’ status. The remote upload holes reported by British Agile Information Security bod Pedro Ribeiro and since patched allow attackers to upload arbitrary code to Kaseya Virtual System Administrator. Any net crim can exploit words one vulnerability (CVE-2015-6922) to upload and execute arbitrary code on the server under the context of IIS. That flaw rated a severity score of 7.5 exists within the uploader.aspx page which fails to enforce authentication and does not restrict destination file paths. A privilege escalation flaw in the same feature and also rated 7.5 uin severity will make attackers ‘master admins’. […]