Code injection

2022-08-1513:15:00

PRIOn knowledge base

www.prio-n.com

7.5 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

34.7%

JSON

dproxy-nexgen (aka dproxy nexgen) re-uses the DNS transaction id (TXID) value from client queries, which allows attackers (able to send queries to the resolver) to conduct DNS cache-poisoning attacks because the TXID value is known to the attacker.

References

sourceforge.net/projects/dproxy/

www.openwall.com/lists/oss-security/2022/08/14/3

www.usenix.org/conference/usenixsecurity22/presentation/jeitner