The readconfigfile function in lib/hesiod.c in Hesiod 3.2.1 falls back to the ".athena.mit.edu" default domain when opening the configuration file fails, which allows remote attackers to gain root privileges by poisoning the DNS cache.
{ "binaries": [ { "binary_name": "hesiod", "binary_version": "3.2.1-3.1~build0.16.04.1" }, { "binary_name": "libhesiod0", "binary_version": "3.2.1-3.1~build0.16.04.1" } ], "availability": "No subscription required" }
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2016/UBUNTU-CVE-2016-10152.json"
{ "binaries": [ { "binary_name": "hesiod", "binary_version": "3.2.1-3.1~build0.18.04.1" }, { "binary_name": "libhesiod0", "binary_version": "3.2.1-3.1~build0.18.04.1" } ], "availability": "No subscription required" }