Gentoo update for hesiod
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 2 |
| CVE-ID | CVE-2016-10151 CVE-2016-10152 |
| CWE-ID | CWE-16 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
Gentoo Linux Operating systems & Components / Operating system |
| Vendor | Gentoo |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
1) Configuration error
EUVDB-ID: #VU12433
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2016-10151
CWE-ID:
CWE-16 - Configuration
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to gain elevated privileges on the target system.
The weakness exists in the hesiod_init function in lib/hesiod.c due to comparing EUID with UID to determine whether to use configurations from environment variables. A local attacker can gain root privileges via the (1) HESIOD_CONFIG or (2) HES_DOMAIN environment variable and leveraging certain SUID/SGUID binary.
Update the affected packages.
net-dns/hesiod to version:
Gentoo Linux: All versions
CPE2.3 External linkshttps://security.gentoo.org/glsa/201805-01
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Configuration error
EUVDB-ID: #VU12434
Risk: Low
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2016-10152
CWE-ID:
CWE-16 - Configuration
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain elevated privileges on the target system.
The weakness exists in the read_config_file function in lib/hesiod. due to falling back to the ".athena.mit.edu" default domain when opening the configuration file fails. A remote attacker can poison the DNS cache and gain root privileges.
Update the affected packages.
net-dns/hesiod to version:
Gentoo Linux: All versions
CPE2.3 External linkshttps://security.gentoo.org/glsa/201805-01
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
