CVE-2022-33991

2022-08-1512:10:15

mitre

www.cve.org

cve

dproxy nexgen

dns queries

cd bit

disables

dnssec protection

AI Score

5.6

Confidence

High

EPSS

0.001

Percentile

34.1%

JSON

dproxy-nexgen (aka dproxy nexgen) forwards and caches DNS queries with the CD (aka checking disabled) bit set to 1. This leads to disabling of DNSSEC protection provided by upstream resolvers.

References

sourceforge.net/projects/dproxy/

www.openwall.com/lists/oss-security/2022/08/14/3

www.usenix.org/conference/usenixsecurity22/presentation/jeitner