CVE-2010-0362

EUVD-2010-0393
Zeus Web Server before 4.3r5 does not use random transaction IDs for DNS requests, which makes it easier for remote attackers to spoof DNS responses.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:N/I:P/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 44%
Affected Products (NVD)
VendorProductVersion
zeuszeus_web_server
𝑥
≤ 4.3
zeuszeus_web_server
3.3
zeuszeus_web_server
3.3.1
zeuszeus_web_server
3.3.2
zeuszeus_web_server
3.3.3
zeuszeus_web_server
3.3.4
zeuszeus_web_server
3.3.5
zeuszeus_web_server
3.3.6
zeuszeus_web_server
3.3.7
zeuszeus_web_server
3.3.8
zeuszeus_web_server
3.4
zeuszeus_web_server
4.1
zeuszeus_web_server
4.1:r1
zeuszeus_web_server
4.2
zeuszeus_web_server
4.2:r2
zeuszeus_web_server
4.3
zeuszeus_web_server
4.3:r3
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://support.zeus.com/zws/media/docs/4.3/RELEASE_NOTES
http://support.zeus.com/zws/media/docs/4.3/RELEASE_NOTES