VYPR
High severity7.0NVD Advisory· Published Mar 1, 2017· Updated Jun 17, 2026

CVE-2016-10151

CVE-2016-10151

Description

The hesiod_init function in lib/hesiod.c in Hesiod 3.2.1 compares EUID with UID to determine whether to use configurations from environment variables, which allows local users to gain privileges via the (1) HESIOD_CONFIG or (2) HES_DOMAIN environment variable and leveraging certain SUID/SGUID binary.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Hesiod/Hesiod2 versions
    cpe:2.3:a:hesiod_project:hesiod:3.2.1:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:hesiod_project:hesiod:3.2.1:*:*:*:*:*:*:*
    • (no CPE)range: <3.2.1

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.