Linux Distros Unpatched Vulnerability : CVE-2016-10151

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The hesiodinit function in lib/hesiod.c in Hesiod 3.2.1 compares EUID with UID to determine whether to use configurations from environment variables, which allo...

RHEL 5 : hesiod (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - hesiod: Use of hard-coded unsafe configuration if configuration file cannot be opened CVE-2016-10152 - Th...

EulerOS 2.0 SP3 : hesiod (EulerOS-SA-2022-1729)

According to the versions of the hesiod package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The hesiodinit function in lib/hesiod.c in Hesiod 3.2.1 compares EUID with UID to determine whether to use configurations from environment...

Huawei EulerOS: Security Advisory for hesiod (EulerOS-SA-2022-1729)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP5 : hesiod (EulerOS-SA-2022-1325)

According to the versions of the hesiod package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The hesiodinit function in lib/hesiod.c in Hesiod 3.2.1 compares EUID with UID to determine whether to use configurations from environment...

Huawei EulerOS: Security Advisory for hesiod (EulerOS-SA-2022-1325)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Advisory ROSA-SA-2021-1852

Software: hesiod 3.2.1 OS: Cobalt 7.9 CVE-ID: CVE-2016-10151 CVE-Crit: HIGH CVE-DESC: The hesiodinit function in lib / hesiod.c in Hesiod 3.2.1 compares EUID to UID to determine whether to use configurations from environment variables, allowing local users to gain privileges via 1 HESIODCONFIG or...

Fedora 29 : hesiod (2018-792ff3cafa)

Fix CVE-2016-10152 hard-coded DNS fallback Fix CVE-2016-10151 weak SUID check Move package to autosetup Resolves: 1332509 Resolves: 1332494 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to...

Fedora 27 : hesiod (2018-25c6d1b417)

Fix CVE-2016-10152 hard-coded DNS fallback Fix CVE-2016-10151 weak SUID check Move package to autosetup Resolves: 1332509 Resolves: 1332494 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to...

GLSA-201805-01 : hesiod: Root privilege escalation

The remote host is affected by the vulnerability described in GLSA-201805-01 hesiod: Root privilege escalation Multiple vulnerabilities have been discovered in hesiod that have remained unaddressed. Please review the referenced CVE identifiers for details. Impact : A remote or local attacker may ...

UBUNTU-CVE-2016-10151

The hesiodinit function in lib/hesiod.c in Hesiod 3.2.1 compares EUID with UID to determine whether to use configurations from environment variables, which allows local users to gain privileges via the 1 HESIODCONFIG or 2 HESDOMAIN environment variable and leveraging certain SUID/SGUID binary...

CVE-2016-10151

CVE-2016-10151 is tied to the Hesiod 3.2.1 package. The vulnerability arises in the hesiod_init function in lib/hesiod.c, which compares the effective user ID (EUID) with the real UID to decide whether to load configurations from environment variables. This logic can enable local users to elevate...

[SECURITY] [DLA 795-1] hesiod security update

Package : hesiod Version : 3.0.2-21+deb7u1 CVE IDs : CVE-2016-10151 CVE-2016-10152 Debian Bugs : 852094, 852093 It was discovered that there were two vulnerabilities in hesiod, Project Athenas DNS-based directory service: CVE-2016-10151: A weak SUID check allowing privilege elevation...