PT-2010-2148 · Zeus · Zeus Web Server
Published
2010-01-20
·
Updated
2011-05-06
·
CVE-2010-0362
CVSS v2.0
5.0
Medium
| Vector | AV:N/AC:L/Au:N/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
Zeus Web Server versions prior to 4.3r5
Description
The issue makes it easier for remote attackers to spoof DNS responses due to the lack of random transaction IDs for DNS requests.
Recommendations
For Zeus Web Server versions prior to 4.3r5, update to version 4.3r5 or later to resolve the issue.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Zeus Web Server