CVE-2016-10152

Name of the Vulnerable Software and Affected Versions Hesiod version 3.2.1

Description The issue is related to the read config file function in lib/hesiod.c, which falls back to the ".athena.mit.edu" default domain when opening the configuration file fails. This allows remote attackers to gain root privileges by poisoning the DNS cache. The exploitation of this issue can lead to a remote attacker gaining root privileges by damaging the integrity of the DNS data through DNS cache manipulation.

Recommendations For Hesiod version 3.2.1, consider disabling the read config file function as a temporary workaround until a patch is available. Restrict access to the DNS cache to minimize the risk of exploitation. Avoid using the default domain ".athena.mit.edu" in the configuration file to prevent potential manipulation.