CVE-2016-10152

2017-03-28T10:59:00
ID CVE-2016-10152
Type cve
Reporter NVD
Modified 2017-03-31T16:26:24

Description

The read_config_file function in lib/hesiod.c in Hesiod 3.2.1 falls back to the ".athena.mit.edu" default domain when opening the configuration file fails, which allows remote attackers to gain root privileges by poisoning the DNS cache.