Main Vulnerability Database SB2022081631

SB2022081631 - DNS cache poisoning in totd

Published: August 16, 2022

Security Bulletin ID SB2022081631

Severity

Medium

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Remote access

Highest impact Data manipulation

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Use of insufficiently random values (CVE-ID: CVE-2022-34295)

The vulnerability allows a remote attacker to perform DNS cache poisoning attacks.

The vulnerability exists due to totd does not properly randomize message IDs. A remote attacker can send specially crafted DNS packets to the server and poison the DNS cache.

Remediation

Install update from vendor's website.

References

https://www.usenix.org/conference/usenixsecurity22/presentation/jeitner
https://github.com/fwdillema/totd/commit/afd8a10a6a21f82a70940d1b43cff48143250399
https://github.com/fwdillema/totd/releases/tag/1.5.3
http://www.hit.bme.hu/~lencse/publications/JCST-Apr14-2.pdf