CyberSec.Space Logo
返回 CVE 浏览器

CVE-2010-0362

MEDIUM
5.0
CVSS Severity Score
EPSS Score0.0290%
EPSS Percentile15.33th
Published2010年1月20日
Last Modified2026年4月23日

Vulnerability Description

Zeus Web Server before 4.3r5 does not use random transaction IDs for DNS requests, which makes it easier for remote attackers to spoof DNS responses.

Affected Platforms (CPE)

📦
Zeus

Zeus Web Server

<= 4.3
📦
Zeus

Zeus Web Server

= 3.3
📦
Zeus

Zeus Web Server

= 3.3.1
📦
Zeus

Zeus Web Server

= 3.3.2
📦
Zeus

Zeus Web Server

= 3.3.3
📦
Zeus

Zeus Web Server

= 3.3.4
📦
Zeus

Zeus Web Server

= 3.3.5
📦
Zeus

Zeus Web Server

= 3.3.6
📦
Zeus

Zeus Web Server

= 3.3.7
📦
Zeus

Zeus Web Server

= 3.3.8
📦
Zeus

Zeus Web Server

= 3.4
📦
Zeus

Zeus Web Server

= 4.1
📦
Zeus

Zeus Web Server

= 4.1
📦
Zeus

Zeus Web Server

= 4.2
📦
Zeus

Zeus Web Server

= 4.2
📦
Zeus

Zeus Web Server

= 4.3
📦
Zeus

Zeus Web Server

= 4.3

References & Advisories

🔗 http://support.zeus.com/zws/media/docs/4.3/RELEASE_NOTES
🔗 http://support.zeus.com/zws/media/docs/4.3/RELEASE_NOTES

相关漏洞威胁

CVE-1999-088310.0

Zeus web server allows remote attackers to read arbitrary files by specifying the file name in an option to the search engine.

CVE-2010-035910.0

Buffer overflow in the SSLv2 support in Zeus Web Server before 4.3r5 allows remote attackers to cause a denial of service (daemon ...

CVE-1999-08845.0

The Zeus web server administrative interface uses weak encryption for its passwords.

CVE-2000-01495.0

Zeus web server allows remote attackers to view the source code for CGI programs via a null character (%00) at the end of a URL.