CVE-2022-33992

Description

DNRD (aka Domain Name Relay Daemon) 2.20.3 forwards and caches DNS queries with the CD (aka checking disabled) bit set to 1. This leads to disabling of DNSSEC protection provided by upstream resolvers.

Related CPE's

adomain_name_relay_daemon_projectdomain_name_relay_daemon2.20.3*******

References

http://dnrd.sourceforge.net/

ProductThird Party Advisory

https://www.usenix.org/conference/usenixsecurity22/presentation/jeitner

Third Party Advisory

https://www.openwall.com/lists/oss-security/2022/08/14/1

Mailing ListThird Party Advisory

CvssV3 impact

Could not find any metrics

CvssV2 impact

Could not find any metrics
Created by Yello
About Severity.io