Vulnerability Details : CVE-2016-10151
The hesiod_init function in lib/hesiod.c in Hesiod 3.2.1 compares EUID with UID to determine whether to use configurations from environment variables, which allows local users to gain privileges via the (1) HESIOD_CONFIG or (2) HES_DOMAIN environment variable and leveraging certain SUID/SGUID binary.
Products affected by CVE-2016-10151
- cpe:2.3:a:hesiod_project:hesiod:3.2.1:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2016-10151
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 6 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2016-10151
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
6.9
|
MEDIUM | AV:L/AC:M/Au:N/C:C/I:C/A:C |
3.4
|
10.0
|
NIST | |
7.0
|
HIGH | CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.0
|
5.9
|
NIST |
CWE ids for CVE-2016-10151
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2016-10151
-
https://github.com/achernya/hesiod/pull/9
Use secure_getenv() when it's available by nalind · Pull Request #9 · achernya/hesiod · GitHubIssue Tracking;Patch;Third Party Advisory
-
https://bugzilla.redhat.com/show_bug.cgi?id=1332508
1332508 – (CVE-2016-10151) CVE-2016-10151 hesiod: Weak SUID check allowing privilege elevationIssue Tracking
-
http://www.securityfocus.com/bid/90952
Hesiod Security Bypass and Privilege Escalation Vulnerabilities
-
https://security.gentoo.org/glsa/201805-01
hesiod: Root privilege escalation (GLSA 201805-01) — Gentoo security
-
http://www.openwall.com/lists/oss-security/2017/01/21/1
oss-security - Re: CVE Request: two flaws in hesiod permitting privilege elevationPatch;Third Party Advisory
Jump to