CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Hesiod Project: >> Hesiod >> 3.0.2 Security Vulnerabilities

CVE-2016-10152

The read_config_file function in lib/hesiod.c in Hesiod 3.2.1 falls back to the ".athena.mit.edu" default domain when opening the configuration file fails, which allows remote attackers to gain root privileges by poisoning the DNS cache.

CVSS Score

9.8

EPSS Score

0.019

Published

2017-03-28

Page 1

Vulnerabilities

Vulnerable Software

Hesiod Project: >> Hesiod >> 3.0.2 Security Vulnerabilities

Products

Pricing

Contact Us