CVE-2016-10152

NameCVE-2016-10152
DescriptionThe read_config_file function in lib/hesiod.c in Hesiod 3.2.1 falls back to the ".athena.mit.edu" default domain when opening the configuration file fails, which allows remote attackers to gain root privileges by poisoning the DNS cache.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, GitHub code/issues, web search, more)
ReferencesDLA-796-1
NVD severityhigh (attack range: remote)
Debian Bugs852093

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
hesiod (PTS)wheezy3.0.2-21vulnerable
wheezy (security)3.0.2-21+deb7u1fixed
buster, sid, jessie, stretch3.2.1-3vulnerable

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
hesiodsource(unstable)(unfixed)low852093
hesiodsourcewheezy3.0.2-21+deb7u1highDLA-796-1

Notes

[stretch] - hesiod <no-dsa> (Minor issue)
[jessie] - hesiod <no-dsa> (Minor issue)
https://github.com/achernya/hesiod/pull/10
https://bugzilla.redhat.com/show_bug.cgi?id=1332493

Search for package or bug name: Reporting problems