CVE-2022-33992 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2022-33992

CWE

https://cwe.mitre.org/data/definitions/.html

DNRD (aka Domain Name Relay Daemon) 2.20.3 forwards and caches DNS queries with the CD (aka checking disabled) bit set to 1. This leads to disabling of DNSSEC protection provided by upstream resolvers.

Affected Software

Name	Vendor	Start Version	End Version
Domain_name_relay_daemon	Domain_name_relay_daemon_project	2.20.3 (including)	2.20.3 (including)

References

http://dnrd.sourceforge.net/
https://www.openwall.com/lists/oss-security/2022/08/14/1
https://www.usenix.org/conference/usenixsecurity22/presentation/jeitner
http://dnrd.sourceforge.net/
https://www.openwall.com/lists/oss-security/2022/08/14/1
https://www.usenix.org/conference/usenixsecurity22/presentation/jeitner