Fedora 28 update for hesiod
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 2 |
| CVE-ID | CVE-2016-10152 CVE-2016-10151 |
| CWE-ID | CWE-16 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
Fedora Operating systems & Components / Operating system hesiod Operating systems & Components / Operating system package or component |
| Vendor | Fedoraproject |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
1) Configuration error
EUVDB-ID: #VU12434
Risk: Low
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2016-10152
CWE-ID:
CWE-16 - Configuration
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain elevated privileges on the target system.
The weakness exists in the read_config_file function in lib/hesiod. due to falling back to the ".athena.mit.edu" default domain when opening the configuration file fails. A remote attacker can poison the DNS cache and gain root privileges.
Install updates from vendor's repository.
Vulnerable software versionsFedora: 28
hesiod: before 3.2.1-14.fc28
CPE2.3 External linkshttps://bodhi.fedoraproject.org/updates/FEDORA-2018-2b274689e8
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Configuration error
EUVDB-ID: #VU12433
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2016-10151
CWE-ID:
CWE-16 - Configuration
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to gain elevated privileges on the target system.
The weakness exists in the hesiod_init function in lib/hesiod.c due to comparing EUID with UID to determine whether to use configurations from environment variables. A local attacker can gain root privileges via the (1) HESIOD_CONFIG or (2) HES_DOMAIN environment variable and leveraging certain SUID/SGUID binary.
Install updates from vendor's repository.
Vulnerable software versionsFedora: 28
hesiod: before 3.2.1-14.fc28
CPE2.3 External linkshttps://bodhi.fedoraproject.org/updates/FEDORA-2018-2b274689e8
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
