Описание
dproxy-nexgen (aka dproxy nexgen) uses a static UDP source port (selected randomly only at boot time) in upstream queries sent to DNS resolvers. This allows DNS cache poisoning because there is not enough entropy to prevent traffic injection attacks.
Ссылки
- Third Party Advisory
- ExploitMailing ListThird Party Advisory
- Third Party Advisory
- Third Party Advisory
- ExploitMailing ListThird Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:dproxy-nexgen_project:dproxy-nexgen:-:*:*:*:*:*:*:*
EPSS
Процентиль: 51%
0.00282
Низкий
5.3 Medium
CVSS3
Дефекты
CWE-331
Связанные уязвимости
CVSS3: 5.3
github
больше 3 лет назад
dproxy-nexgen (aka dproxy nexgen) uses a static UDP source port (selected randomly only at boot time) in upstream queries sent to DNS resolvers. This allows DNS cache poisoning because there is not enough entropy to prevent traffic injection attacks.
EPSS
Процентиль: 51%
0.00282
Низкий
5.3 Medium
CVSS3
Дефекты
CWE-331