VYPR
← All advisories
Unrated severityNVD Advisory· Published Jan 20, 2010· Updated Apr 23, 2026

CVE-2010-0362

CVE-2010-0362

Description

Zeus Web Server before 4.3r5 does not use random transaction IDs for DNS requests, which makes it easier for remote attackers to spoof DNS responses.

Affected products

17
  • Zeus/Zeus Web Server17 versions
    cpe:2.3:a:zeus:zeus_web_server:3.3:*:*:*:*:*:*:*+ 16 more
    • cpe:2.3:a:zeus:zeus_web_server:3.3:*:*:*:*:*:*:*
    • cpe:2.3:a:zeus:zeus_web_server:3.3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:zeus:zeus_web_server:3.3.2:*:*:*:*:*:*:*
    • cpe:2.3:a:zeus:zeus_web_server:3.3.3:*:*:*:*:*:*:*
    • cpe:2.3:a:zeus:zeus_web_server:3.3.4:*:*:*:*:*:*:*
    • cpe:2.3:a:zeus:zeus_web_server:3.3.5:*:*:*:*:*:*:*
    • cpe:2.3:a:zeus:zeus_web_server:3.3.6:*:*:*:*:*:*:*
    • cpe:2.3:a:zeus:zeus_web_server:3.3.7:*:*:*:*:*:*:*
    • cpe:2.3:a:zeus:zeus_web_server:3.3.8:*:*:*:*:*:*:*
    • cpe:2.3:a:zeus:zeus_web_server:3.4:*:*:*:*:*:*:*
    • cpe:2.3:a:zeus:zeus_web_server:4.1:*:*:*:*:*:*:*
    • cpe:2.3:a:zeus:zeus_web_server:4.1:r1:*:*:*:*:*:*
    • cpe:2.3:a:zeus:zeus_web_server:4.2:*:*:*:*:*:*:*
    • cpe:2.3:a:zeus:zeus_web_server:4.2:r2:*:*:*:*:*:*
    • cpe:2.3:a:zeus:zeus_web_server:4.3:*:*:*:*:*:*:*
    • cpe:2.3:a:zeus:zeus_web_server:4.3:r3:*:*:*:*:*:*
    • cpe:2.3:a:zeus:zeus_web_server:*:r4:*:*:*:*:*:*range: <=4.3

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

1

News mentions

0

No linked articles in our index yet.