Vulnerability Details CVE-2016-10152
The read_config_file function in lib/hesiod.c in Hesiod 3.2.1 falls back to the ".athena.mit.edu" default domain when opening the configuration file fails, which allows remote attackers to gain root privileges by poisoning the DNS cache.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.019
EPSS Ranking 82.3%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 10.0
References
- http://www.openwall.com/lists/oss-security/2017/01/21/1
- http://www.securityfocus.com/bid/90952
- https://bugzilla.redhat.com/show_bug.cgi?id=1332493
- https://github.com/achernya/hesiod/pull/10
- https://security.gentoo.org/glsa/201805-01
- http://www.openwall.com/lists/oss-security/2017/01/21/1
- http://www.securityfocus.com/bid/90952
- https://bugzilla.redhat.com/show_bug.cgi?id=1332493
- https://github.com/achernya/hesiod/pull/10
- https://security.gentoo.org/glsa/201805-01
Products affected by CVE-2016-10152
-
cpe:2.3:a:hesiod_project:hesiod:2.0.0
-
cpe:2.3:a:hesiod_project:hesiod:3.0.0
-
cpe:2.3:a:hesiod_project:hesiod:3.0.1
-
cpe:2.3:a:hesiod_project:hesiod:3.0.2
-
cpe:2.3:a:hesiod_project:hesiod:3.1.0
-
cpe:2.3:a:hesiod_project:hesiod:3.1.1
-
cpe:2.3:a:hesiod_project:hesiod:3.2.0
-
cpe:2.3:a:hesiod_project:hesiod:3.2.1