vulnerability

Huawei EulerOS: CVE-2016-10152: hesiod security update

Severity
10
CVSS
(AV:N/AC:L/Au:N/C:C/I:C/A:C)
Published
Mar 28, 2017
Added
Mar 22, 2022
Modified
May 5, 2025

Description

The read_config_file function in lib/hesiod.c in Hesiod 3.2.1 falls back to the ".athena.mit.edu" default domain when opening the configuration file fails, which allows remote attackers to gain root privileges by poisoning the DNS cache.

Solution

huawei-euleros-2_0_sp5-upgrade-hesiod
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.