CVE-2010-0362

Zeus Web Server before 4.3r5 does not use random transaction IDs for DNS requests, which makes it easier for remote attackers to spoof DNS responses.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:N/I:P/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
zeuszeus_web_server
𝑥
≤ 4.3
zeuszeus_web_server
3.3
zeuszeus_web_server
3.3.1
zeuszeus_web_server
3.3.2
zeuszeus_web_server
3.3.3
zeuszeus_web_server
3.3.4
zeuszeus_web_server
3.3.5
zeuszeus_web_server
3.3.6
zeuszeus_web_server
3.3.7
zeuszeus_web_server
3.3.8
zeuszeus_web_server
3.4
zeuszeus_web_server
4.1
zeuszeus_web_server
4.1:r1
zeuszeus_web_server
4.2
zeuszeus_web_server
4.2:r2
zeuszeus_web_server
4.3
zeuszeus_web_server
4.3:r3
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://support.zeus.com/zws/media/docs/4.3/RELEASE_NOTES
http://support.zeus.com/zws/media/docs/4.3/RELEASE_NOTES