Security features bypass - CVE-2016-1567
Published: January 26, 2016 / Updated: August 3, 2020
Vulnerability identifier: #VU33078
CSH Severity: High
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
CVE-ID: CVE-2016-1567
CWE-ID: CWE-254
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor:
Affected software:
Detailed vulnerability description
The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.
chrony before 1.31.2 and 2.x before 2.2.1 do not verify peer associations of symmetric keys when authenticating packets, which might allow remote attackers to conduct impersonation attacks via an arbitrary trusted key, aka a "skeleton key."
How to mitigate CVE-2016-1567
Install update from vendor's website.
Sources
- http://chrony.tuxfamily.org/news.html#_20_jan_2016_chrony_2_2_1_and_chrony_1_31_2_released
- http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176559.html
- http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175969.html
- http://www.talosintel.com/reports/TALOS-2016-0071/