Lucene search
+L
Dproxy-nexgen ProjectDproxy-nexgen

4 matches found

CVE
CVE
added 2022/08/15 12:10 p.m.63 views

CVE-2022-33991

CVE-2022-33991 affects dproxy-nexgen (dproxy nexgen), a DNS proxy/cache. The root issue is that it forwards and caches DNS queries with the CD (Check Disabled) bit set to 1, which disables DNSSEC protection from upstream resolvers. The CVE details provided show a CVSS v3.1 base score of 5.3 (Netw...

5.3CVSS5.3AI score0.00753EPSS
CVE
CVE
added 2022/08/15 12:10 p.m.60 views

CVE-2022-33989

CVE-2022-33989 concerns dproxy-nexgen (dproxy nexgen), which uses a static UDP source port that is chosen randomly only at boot for upstream DNS queries. The limited entropy enables DNS cache poisoning since traffic injection becomes easier without a fresh, per-query port randomization. Connected...

5.3CVSS5.4AI score0.00794EPSS
CVE
CVE
added 2022/08/15 12:10 p.m.58 views

CVE-2022-33990

CVE-2022-33990 affects dproxy-nexgen (dproxy nexgen). The issue stems from misinterpretation of special domain name characters causing domain names and their IP addresses to be cached in the misinterpreted form, enabling cache poisoning. The CVSS 3.1 base score is 7.5 (Network, Low attack complex...

7.5CVSS7.4AI score0.00938EPSS
CVE
CVE
added 2022/08/15 12:9 p.m.55 views

CVE-2022-33988

CVE-2022-33988 affects dproxy-nexgen (DNS proxy). The issue is the reuse of the DNS TXID from client queries, enabling an attacker who can send queries to the resolver to perform DNS cache poisoning. Exploitation status is not detailed in the provided documents; no concrete patch/version remediat...

7.5CVSS7.5AI score0.00908EPSS