CyberSec.Space Logo
Back to CVE Browser

CVE-2010-0362

MEDIUM
5.0
CVSS Severity Score
EPSS Score0.0290%
EPSS Percentile15.33th
PublishedJan 20, 2010
Last ModifiedApr 23, 2026

Vulnerability Description

Zeus Web Server before 4.3r5 does not use random transaction IDs for DNS requests, which makes it easier for remote attackers to spoof DNS responses.

Affected Platforms (CPE)

πŸ“¦
Zeus

Zeus Web Server

<= 4.3
πŸ“¦
Zeus

Zeus Web Server

= 3.3
πŸ“¦
Zeus

Zeus Web Server

= 3.3.1
πŸ“¦
Zeus

Zeus Web Server

= 3.3.2
πŸ“¦
Zeus

Zeus Web Server

= 3.3.3
πŸ“¦
Zeus

Zeus Web Server

= 3.3.4
πŸ“¦
Zeus

Zeus Web Server

= 3.3.5
πŸ“¦
Zeus

Zeus Web Server

= 3.3.6
πŸ“¦
Zeus

Zeus Web Server

= 3.3.7
πŸ“¦
Zeus

Zeus Web Server

= 3.3.8
πŸ“¦
Zeus

Zeus Web Server

= 3.4
πŸ“¦
Zeus

Zeus Web Server

= 4.1
πŸ“¦
Zeus

Zeus Web Server

= 4.1
πŸ“¦
Zeus

Zeus Web Server

= 4.2
πŸ“¦
Zeus

Zeus Web Server

= 4.2
πŸ“¦
Zeus

Zeus Web Server

= 4.3
πŸ“¦
Zeus

Zeus Web Server

= 4.3

References & Advisories

πŸ”— http://support.zeus.com/zws/media/docs/4.3/RELEASE_NOTES
πŸ”— http://support.zeus.com/zws/media/docs/4.3/RELEASE_NOTES

Related Vulnerabilities

CVE-1999-088310.0

Zeus web server allows remote attackers to read arbitrary files by specifying the file name in an option to the search engine.

CVE-2010-035910.0

Buffer overflow in the SSLv2 support in Zeus Web Server before 4.3r5 allows remote attackers to cause a denial of service (daemon ...

CVE-1999-08845.0

The Zeus web server administrative interface uses weak encryption for its passwords.

CVE-2000-01495.0

Zeus web server allows remote attackers to view the source code for CGI programs via a null character (%00) at the end of a URL.