Use of insufficiently random values in totd

#VU66542 Use of insufficiently random values in totd

Published: 2022-08-16

Vulnerability identifier: #VU66542

Vulnerability risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-34295

CWE-ID: CWE-330

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
totd
Server applications / DNS servers

Vendor: F.W. Dillema

Description

The vulnerability allows a remote attacker to perform DNS cache poisoning attacks.

The vulnerability exists due to totd does not properly randomize message IDs. A remote attacker can send specially crafted DNS packets to the server and poison the DNS cache.

Mitigation
Install update from vendor's website.

Vulnerable software versions

totd: 1.5.2

External links
http://www.usenix.org/conference/usenixsecurity22/presentation/jeitner
http://github.com/fwdillema/totd/commit/afd8a10a6a21f82a70940d1b43cff48143250399
http://github.com/fwdillema/totd/releases/tag/1.5.3
http://www.hit.bme.hu/~lencse/publications/JCST-Apr14-2.pdf

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

DNS cache poisoning in totd