cbcvebase.
CVE-2010-0362
published 2010-01-20

CVE-2010-0362: Zeus Web Server before 4.3r5 does not use random transaction IDs for DNS requests, which makes it easier for remote attackers to spoof DNS responses.

PriorityP419medium5CVSS 2.0
AVNACLAuNCNIPAN
EPSS
1.47%
70.5th percentile
Zeus Web Server before 4.3r5 does not use random transaction IDs for DNS requests, which makes it easier for remote attackers to spoof DNS responses.

Affected

14 ranges
VendorProductVersion rangeFixed in
zeuszeus_web_server<= 4.3
zeuszeus_web_server
zeuszeus_web_server
zeuszeus_web_server
zeuszeus_web_server
zeuszeus_web_server
zeuszeus_web_server
zeuszeus_web_server
zeuszeus_web_server
zeuszeus_web_server
zeuszeus_web_server
zeuszeus_web_server
zeuszeus_web_server
zeuszeus_web_server
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.