Main Vulnerability Database Vulnerabilities #VU66539

Insecure configuration in dproxy - CVE-2022-33991

Published: August 16, 2022

Vulnerability identifier: #VU66539

CSH Severity: Medium

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2022-33991

CWE-ID: CWE-16

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
dproxy

Software vendor:
dproxy

Description

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to dproxy forwards and caches DNS queries with the CD (aka checking disabled) bit set to 1, which in turn disables DNSSEC protection provided by upstream resolvers and allows to perform DNS cache poisoning.

Remediation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

External links

https://www.usenix.org/conference/usenixsecurity22/presentation/jeitner
https://www.openwall.com/lists/oss-security/2022/08/14/3

Insecure configuration in dproxy - CVE-2022-33991

Description

Remediation

External links

Please verify you're human