Totd Project: >> Totd Security Vulnerabilities
totd 1.5.3 uses a fixed UDP source port in upstream queries sent to DNS resolvers. This allows DNS cache poisoning because there is not enough entropy to prevent traffic injection attacks.
CVSS Score
9.8
EPSS Score
0.002
Published
2022-08-15
totd before 1.5.3 does not properly randomize mesg IDs.
CVSS Score
6.5
EPSS Score
0.004
Published
2022-06-23