{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2017-01-20T00:00:00", "descriptions": [{"lang": "en", "value": "The read_config_file function in lib/hesiod.c in Hesiod 3.2.1 falls back to the \".athena.mit.edu\" default domain when opening the configuration file fails, which allows remote attackers to gain root privileges by poisoning the DNS cache."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-21T09:57:02", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "90952", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/90952"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1332493"}, {"name": "[oss-security] 20170120 Re: CVE Request: two flaws in hesiod permitting privilege elevation", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2017/01/21/1"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/achernya/hesiod/pull/10"}, {"name": "GLSA-201805-01", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "https://security.gentoo.org/glsa/201805-01"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "[email protected]", "ID": "CVE-2016-10152", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The read_config_file function in lib/hesiod.c in Hesiod 3.2.1 falls back to the \".athena.mit.edu\" default domain when opening the configuration file fails, which allows remote attackers to gain root privileges by poisoning the DNS cache."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "90952", "refsource": "BID", "url": "http://www.securityfocus.com/bid/90952"}, {"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1332493", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1332493"}, {"name": "[oss-security] 20170120 Re: CVE Request: two flaws in hesiod permitting privilege elevation", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2017/01/21/1"}, {"name": "https://github.com/achernya/hesiod/pull/10", "refsource": "CONFIRM", "url": "https://github.com/achernya/hesiod/pull/10"}, {"name": "GLSA-201805-01", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201805-01"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T03:14:42.364Z"}, "title": "CVE Program Container", "references": [{"name": "90952", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/90952"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1332493"}, {"name": "[oss-security] 20170120 Re: CVE Request: two flaws in hesiod permitting privilege elevation", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2017/01/21/1"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/achernya/hesiod/pull/10"}, {"name": "GLSA-201805-01", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "https://security.gentoo.org/glsa/201805-01"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2016-10152", "datePublished": "2017-03-28T14:00:00", "dateReserved": "2017-01-20T00:00:00", "dateUpdated": "2024-08-06T03:14:42.364Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:hesiod_project:hesiod:*:*:*:*:*:*:*:*", "matchCriteriaId": "019FDAF0-E93C-4F06-9466-CA53D27528E6", "versionEndIncluding": "3.2.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The read_config_file function in lib/hesiod.c in Hesiod 3.2.1 falls back to the \".athena.mit.edu\" default domain when opening the configuration file fails, which allows remote attackers to gain root privileges by poisoning the DNS cache."}, {"lang": "es", "value": "La funci\u00f3n read_config_file en lib/hesiod.c en Hesiod 3.2.1 cae de nuevo al dominio por defecto \".athena.mit.edu\" cuando abren el archivo de configuraci\u00f3n fallido, lo que permite a atacantes remotos obtener privilegios de root envenenando la cach\u00e9 DNS."}], "id": "CVE-2016-10152", "lastModified": "2025-04-20T01:37:25.860", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "[email protected]", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "[email protected]", "type": "Primary"}]}, "published": "2017-03-28T14:59:00.247", "references": [{"source": "[email protected]", "tags": ["Mailing List", "Patch", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2017/01/21/1"}, {"source": "[email protected]", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/90952"}, {"source": "[email protected]", "tags": ["Issue Tracking"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1332493"}, {"source": "[email protected]", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://github.com/achernya/hesiod/pull/10"}, {"source": "[email protected]", "url": "https://security.gentoo.org/glsa/201805-01"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Patch", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2017/01/21/1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/90952"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1332493"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://github.com/achernya/hesiod/pull/10"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://security.gentoo.org/glsa/201805-01"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-264"}], "source": "[email protected]", "type": "Primary"}]}

{"acknowledgement": "This issue was discovered by Florian Weimer (Red Hat).", "bugzilla": {"description": "hesiod: Use of hard-coded unsafe configuration if configuration file cannot be opened", "id": "1332493", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1332493"}, "csaw": false, "cvss": {"cvss_base_score": "3.7", "cvss_scoring_vector": "AV:L/AC:H/Au:N/C:P/I:P/A:P", "status": "draft"}, "cvss3": {"cvss3_base_score": "7.0", "cvss3_scoring_vector": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "status": "draft"}, "cwe": "CWE-547", "details": ["The read_config_file function in lib/hesiod.c in Hesiod 3.2.1 falls back to the \".athena.mit.edu\" default domain when opening the configuration file fails, which allows remote attackers to gain root privileges by poisoning the DNS cache."], "name": "CVE-2016-10152", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Will not fix", "package_name": "hesiod", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Will not fix", "package_name": "hesiod", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Will not fix", "package_name": "hesiod", "product_name": "Red Hat Enterprise Linux 7"}], "public_date": "2016-05-03T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2016-10152\nhttps://nvd.nist.gov/vuln/detail/CVE-2016-10152"], "statement": "Red Hat Product Security has rated this issue as having Low security\nimpact. This issue is not currently planned to be addressed in future\nupdates. For additional information, refer to the Issue Severity\nClassification: https://access.redhat.com/security/updates/classification/.", "threat_severity": "Low"}