CVE-2010-0362

Zeus Web Server before 4.3r5 does not use random transaction IDs for DNS requests, which makes it easier for remote attackers to spoof DNS responses.
Severity
UNKNOWN
AV:N/AC:L/Au:N/C:N/I:P/A:N
Atk. Vector
NETWORK
Atk. Complexity
LOW
Base Score
CVSS 3.x
EPSS Score
Percentile: 51%
VendorProductVersion
zeuszeus_web_server
𝑥
≤ 4.3
zeuszeus_web_server
3.3
zeuszeus_web_server
3.3.1
zeuszeus_web_server
3.3.2
zeuszeus_web_server
3.3.3
zeuszeus_web_server
3.3.4
zeuszeus_web_server
3.3.5
zeuszeus_web_server
3.3.6
zeuszeus_web_server
3.3.7
zeuszeus_web_server
3.3.8
zeuszeus_web_server
3.4
zeuszeus_web_server
4.1
zeuszeus_web_server
4.1
zeuszeus_web_server
4.2
zeuszeus_web_server
4.2
zeuszeus_web_server
4.3
zeuszeus_web_server
4.3
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://support.zeus.com/zws/media/docs/4.3/RELEASE_NOTES
http://support.zeus.com/zws/media/docs/4.3/RELEASE_NOTES