libhesiod.so is vulnerable to a privilege escalation. The library does not safely check the EUID with the UID parameters, overriding configuration values with environment variable. This can allow a malicious user to use the HESIOD_CONFIG
or HES_DOMAIN
environment variable to run arbitrary binaries.
CPE | Name | Operator | Version |
---|---|---|---|
libhesiod.so | eq | 0.0.0 |