4 matches found
CVE-2022-33991
CVE-2022-33991 affects dproxy-nexgen (dproxy nexgen), a DNS proxy/cache. The root issue is that it forwards and caches DNS queries with the CD (Check Disabled) bit set to 1, which disables DNSSEC protection from upstream resolvers. The CVE details provided show a CVSS v3.1 base score of 5.3 (Netw...
CVE-2022-33989
CVE-2022-33989 concerns dproxy-nexgen (dproxy nexgen), which uses a static UDP source port that is chosen randomly only at boot for upstream DNS queries. The limited entropy enables DNS cache poisoning since traffic injection becomes easier without a fresh, per-query port randomization. Connected...
CVE-2022-33990
CVE-2022-33990 affects dproxy-nexgen (dproxy nexgen). The issue stems from misinterpretation of special domain name characters causing domain names and their IP addresses to be cached in the misinterpreted form, enabling cache poisoning. The CVSS 3.1 base score is 7.5 (Network, Low attack complex...
CVE-2022-33988
CVE-2022-33988 affects dproxy-nexgen (DNS proxy). The issue is the reuse of the DNS TXID from client queries, enabling an attacker who can send queries to the resolver to perform DNS cache poisoning. Exploitation status is not detailed in the provided documents; no concrete patch/version remediat...