CVE-2010-0359
published 2010-01-20CVE-2010-0359: Buffer overflow in the SSLv2 support in Zeus Web Server before 4.3r5 allows remote attackers to cause a denial of service (daemon crash) or possibly execute…
PriorityP357critical10CVSS 2.0
AVNACLAuNCCICAC
EXPLOIT
EPSS
19.62%
97.1th percentile
Buffer overflow in the SSLv2 support in Zeus Web Server before 4.3r5 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long string in an invalid Client Hello message.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| zeus | zeus_web_server | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Suricata
GPL RPC portmap rpc.xfsmd request TCP
suricata·2010-09-23
CVE-2002-0359 GPL RPC portmap rpc.xfsmd request TCP
GPL RPC portmap rpc.xfsmd request TCP
Rule: alert tcp $EXTERNAL_NET any -> $HOME_NET 111 (msg:"GPL RPC portmap rpc.xfsmd request TCP"; flow:established,to_server; content:"|00 01 86 A0|"; depth:4; offset:16; content:"|00 00 00 03|"; within:4; distance:4; byte_jump:4,4,relative,align; byte_jump:4,4,relative,align; content:"|00 05 F7|h"; within:4; content:"|00 00 00 00|"; depth:4; offset:8; reference:bugtraq,5072; reference:bugtraq,5075; reference:cve,2002-0359; classtype:rpc-portmap-decode; sid:2102082; rev:11; metadata:created_at 2010_09_23, cve CVE_2002_0359, signature_severity Informational, updated_at 2024_03_08;)
No writeups or analysis indexed.
http://intevydis.blogspot.com/2010/01/zeus-web-server-ssl2clienthello.htmlhttp://intevydis.com/vd-list.shtmlhttp://secunia.com/advisories/38056http://securitytracker.com/id?1023465http://support.zeus.com/zws/media/docs/4.3/RELEASE_NOTEShttp://support.zeus.com/zws/news/2010/01/13/zws_4_3r5_releasedhttp://www.osvdb.org/61699http://www.securityfocus.com/bid/37829http://www.vupen.com/english/advisories/2010/0147http://intevydis.blogspot.com/2010/01/zeus-web-server-ssl2clienthello.htmlhttp://intevydis.com/vd-list.shtmlhttp://secunia.com/advisories/38056http://securitytracker.com/id?1023465http://support.zeus.com/zws/media/docs/4.3/RELEASE_NOTEShttp://support.zeus.com/zws/news/2010/01/13/zws_4_3r5_releasedhttp://www.osvdb.org/61699http://www.securityfocus.com/bid/37829http://www.vupen.com/english/advisories/2010/0147
2010-01-20
Published