CVE-2022-33993

Sažetak

Misinterpretation of special domain name characters in DNRD (aka Domain Name Relay Daemon) 2.20.3 leads to cache poisoning because domain names and their associated IP addresses are cached in their misinterpreted form.

Reference

http://dnrd.sourceforge.net/
https://www.usenix.org/conference/usenixsecurity22/presentation/jeitner
https://www.openwall.com/lists/oss-security/2022/08/14/1
https://www.usenix.org/conference/usenixsecurity21/presentation/jeitner

CVSS

Base:	5.3
Impact:	1.4
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	-

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	LOW	NONE

CVSS vektor

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Zadnje važnije ažuriranje

18-08-2022 - 17:48

Objavljeno

15-08-2022 - 12:15