CVE-2022-34294

Publication date

2022-08-15 11:53:52

Family

mitre

State

PUBLISHED

Description

totd 1.5.3 uses a fixed UDP source port in upstream queries sent to DNS resolvers. This allows DNS cache poisoning because there is not enough entropy to prevent traffic injection attacks.