CVE-2022-33990 Information

Description

Misinterpretation of special domain name characters in dproxy-nexgen (aka dproxy nexgen) leads to cache poisoning because domain names and their associated IP addresses are cached in their misinterpreted form.

Reference

https://www.usenix.org/conference/usenixsecurity22/presentation/jeitner https://sourceforge.net/projects/dproxy/ https://www.usenix.org/conference/usenixsecurity21/presentation/jeitner https://www.openwall.com/lists/oss-security/2022/08/14/3