Lucene search
K

15 matches found

Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.8 views

RHEL 5 : hesiod (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - hesiod: Use of hard-coded unsafe configuration if configuration file cannot be opened CVE-2016-10152 - Th...

9.8CVSS9AI score0.0683EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/05/26 12:0 a.m.14 views

EulerOS 2.0 SP3 : hesiod (EulerOS-SA-2022-1729)

According to the versions of the hesiod package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The hesiodinit function in lib/hesiod.c in Hesiod 3.2.1 compares EUID with UID to determine whether to use configurations from environment...

10CVSS7.8AI score0.0683EPSS
Exploits0References3
Rosalinux
Rosalinux
added 2021/07/02 5:4 p.m.24 views

Advisory ROSA-SA-2021-1852

Software: hesiod 3.2.1 OS: Cobalt 7.9 CVE-ID: CVE-2016-10151 CVE-Crit: HIGH CVE-DESC: The hesiodinit function in lib / hesiod.c in Hesiod 3.2.1 compares EUID to UID to determine whether to use configurations from environment variables, allowing local users to gain privileges via 1 HESIODCONFIG or...

10CVSS7.2AI score0.0683EPSS
Exploits0
OSV
OSV
added 2017/03/28 2:59 p.m.13 views

CVE-2016-10152

The readconfigfile function in lib/hesiod.c in Hesiod 3.2.1 falls back to the ".athena.mit.edu" default domain when opening the configuration file fails, which allows remote attackers to gain root privileges by poisoning the DNS cache...

9.8CVSS7.5AI score
Exploits0References5
UbuntuCve
UbuntuCve
added 2017/03/28 2:59 p.m.16 views

CVE-2016-10152

The readconfigfile function in lib/hesiod.c in Hesiod 3.2.1 falls back to the ".athena.mit.edu" default domain when opening the configuration file fails, which allows remote attackers to gain root privileges by poisoning the DNS cache...

10CVSS7.2AI score0.0683EPSS
Exploits0References2
Prion
Prion
added 2017/03/28 2:59 p.m.10 views

Design/Logic Flaw

The readconfigfile function in lib/hesiod.c in Hesiod 3.2.1 falls back to the ".athena.mit.edu" default domain when opening the configuration file fails, which allows remote attackers to gain root privileges by poisoning the DNS cache...

10CVSS7.3AI score0.0683EPSS
Exploits0References5Affected Software1
Debian CVE
Debian CVE
added 2017/03/28 2:0 p.m.31 views

CVE-2016-10152

The readconfigfile function in lib/hesiod.c in Hesiod 3.2.1 falls back to the ".athena.mit.edu" default domain when opening the configuration file fails, which allows remote attackers to gain root privileges by poisoning the DNS cache...

10CVSS9.7AI score0.0683EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2017/03/01 8:59 p.m.16 views

CVE-2016-10151

The hesiodinit function in lib/hesiod.c in Hesiod 3.2.1 compares EUID with UID to determine whether to use configurations from environment variables, which allows local users to gain privileges via the 1 HESIODCONFIG or 2 HESDOMAIN environment variable and leveraging certain SUID/SGUID binary...

7CVSS7.1AI score0.00391EPSS
Exploits0References1
NVD
NVD
added 2017/03/01 8:59 p.m.12 views

CVE-2016-10151

The hesiodinit function in lib/hesiod.c in Hesiod 3.2.1 compares EUID with UID to determine whether to use configurations from environment variables, which allows local users to gain privileges via the 1 HESIODCONFIG or 2 HESDOMAIN environment variable and leveraging certain SUID/SGUID binary...

7CVSS8.1AI score0.00391EPSS
Exploits0References5
Prion
Prion
added 2017/03/01 8:59 p.m.11 views

Design/Logic Flaw

The hesiodinit function in lib/hesiod.c in Hesiod 3.2.1 compares EUID with UID to determine whether to use configurations from environment variables, which allows local users to gain privileges via the 1 HESIODCONFIG or 2 HESDOMAIN environment variable and leveraging certain SUID/SGUID binary...

6.9CVSS6.9AI score0.00391EPSS
Exploits0References5Affected Software1
Debian CVE
Debian CVE
added 2017/03/01 8:0 p.m.38 views

CVE-2016-10151

The hesiodinit function in lib/hesiod.c in Hesiod 3.2.1 compares EUID with UID to determine whether to use configurations from environment variables, which allows local users to gain privileges via the 1 HESIODCONFIG or 2 HESDOMAIN environment variable and leveraging certain SUID/SGUID binary...

7CVSS8.2AI score0.00391EPSS
Exploits0
CVE
CVE
added 2017/03/01 8:0 p.m.73 views

CVE-2016-10151

CVE-2016-10151 is tied to the Hesiod 3.2.1 package. The vulnerability arises in the hesiod_init function in lib/hesiod.c, which compares the effective user ID (EUID) with the real UID to decide whether to load configurations from environment variables. This logic can enable local users to elevate...

7CVSS7.8AI score0.00391EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2017/03/01 8:0 p.m.18 views

CVE-2016-10151

The hesiodinit function in lib/hesiod.c in Hesiod 3.2.1 compares EUID with UID to determine whether to use configurations from environment variables, which allows local users to gain privileges via the 1 HESIODCONFIG or 2 HESDOMAIN environment variable and leveraging certain SUID/SGUID binary...

8AI score0.00391EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2017/01/23 1:17 a.m.19 views

CVE-2016-10152

The readconfigfile function in lib/hesiod.c in Hesiod 3.2.1 falls back to the ".athena.mit.edu" default domain when opening the configuration file fails, which allows remote attackers to gain root privileges by poisoning the DNS cache...

10CVSS6.2AI score0.0683EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2017/01/23 1:17 a.m.22 views

CVE-2016-10151

The hesiodinit function in lib/hesiod.c in Hesiod 3.2.1 compares EUID with UID to determine whether to use configurations from environment variables, which allows local users to gain privileges via the 1 HESIODCONFIG or 2 HESDOMAIN environment variable and leveraging certain SUID/SGUID binary...

6.9CVSS5.5AI score0.00391EPSS
Exploits0References1
Rows per page
Query Builder