Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
6 vulnerabilities by zeus
CVE-2010-0363 (GCVE-0-2010-0363)
Vulnerability from nvd – Published: 2010-01-20 16:00 – Updated: 2024-09-17 04:09
VLAI
Summary
Cross-site scripting (XSS) vulnerability in Zeus Web Server before 4.3r5, when SSL is enabled for the admin server, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2002-1785.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| http://support.zeus.com/zws/media/docs/4.3/RELEAS… | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:45:12.159Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.zeus.com/zws/media/docs/4.3/RELEASE_NOTES"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in Zeus Web Server before 4.3r5, when SSL is enabled for the admin server, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2002-1785."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-01-20T16:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.zeus.com/zws/media/docs/4.3/RELEASE_NOTES"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-0363",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in Zeus Web Server before 4.3r5, when SSL is enabled for the admin server, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2002-1785."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://support.zeus.com/zws/media/docs/4.3/RELEASE_NOTES",
"refsource": "CONFIRM",
"url": "http://support.zeus.com/zws/media/docs/4.3/RELEASE_NOTES"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-0363",
"datePublished": "2010-01-20T16:00:00.000Z",
"dateReserved": "2010-01-20T00:00:00.000Z",
"dateUpdated": "2024-09-17T04:09:35.969Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-0362 (GCVE-0-2010-0362)
Vulnerability from nvd – Published: 2010-01-20 16:00 – Updated: 2024-09-16 22:15
VLAI
Summary
Zeus Web Server before 4.3r5 does not use random transaction IDs for DNS requests, which makes it easier for remote attackers to spoof DNS responses.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| http://support.zeus.com/zws/media/docs/4.3/RELEAS… | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:45:12.187Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.zeus.com/zws/media/docs/4.3/RELEASE_NOTES"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Zeus Web Server before 4.3r5 does not use random transaction IDs for DNS requests, which makes it easier for remote attackers to spoof DNS responses."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-01-20T16:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.zeus.com/zws/media/docs/4.3/RELEASE_NOTES"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-0362",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Zeus Web Server before 4.3r5 does not use random transaction IDs for DNS requests, which makes it easier for remote attackers to spoof DNS responses."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://support.zeus.com/zws/media/docs/4.3/RELEASE_NOTES",
"refsource": "CONFIRM",
"url": "http://support.zeus.com/zws/media/docs/4.3/RELEASE_NOTES"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-0362",
"datePublished": "2010-01-20T16:00:00.000Z",
"dateReserved": "2010-01-20T00:00:00.000Z",
"dateUpdated": "2024-09-16T22:15:44.434Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-0359 (GCVE-0-2010-0359)
Vulnerability from nvd – Published: 2010-01-20 16:00 – Updated: 2024-09-16 22:56
VLAI
Summary
Buffer overflow in the SSLv2 support in Zeus Web Server before 4.3r5 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long string in an invalid Client Hello message.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
9 references
| URL | Tags |
|---|---|
| http://www.vupen.com/english/advisories/2010/0147 | vdb-entryx_refsource_VUPEN |
| http://www.osvdb.org/61699 | vdb-entryx_refsource_OSVDB |
| http://support.zeus.com/zws/news/2010/01/13/zws_4… | x_refsource_CONFIRM |
| http://support.zeus.com/zws/media/docs/4.3/RELEAS… | x_refsource_CONFIRM |
| http://securitytracker.com/id?1023465 | vdb-entryx_refsource_SECTRACK |
| http://intevydis.com/vd-list.shtml | x_refsource_MISC |
| http://www.securityfocus.com/bid/37829 | vdb-entryx_refsource_BID |
| http://secunia.com/advisories/38056 | third-party-advisoryx_refsource_SECUNIA |
| http://intevydis.blogspot.com/2010/01/zeus-web-se… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:45:12.158Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2010-0147",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0147"
},
{
"name": "61699",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/61699"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.zeus.com/zws/news/2010/01/13/zws_4_3r5_released"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.zeus.com/zws/media/docs/4.3/RELEASE_NOTES"
},
{
"name": "1023465",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1023465"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://intevydis.com/vd-list.shtml"
},
{
"name": "37829",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/37829"
},
{
"name": "38056",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/38056"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://intevydis.blogspot.com/2010/01/zeus-web-server-ssl2clienthello.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the SSLv2 support in Zeus Web Server before 4.3r5 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long string in an invalid Client Hello message."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-01-20T16:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2010-0147",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/0147"
},
{
"name": "61699",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/61699"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.zeus.com/zws/news/2010/01/13/zws_4_3r5_released"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.zeus.com/zws/media/docs/4.3/RELEASE_NOTES"
},
{
"name": "1023465",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1023465"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://intevydis.com/vd-list.shtml"
},
{
"name": "37829",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/37829"
},
{
"name": "38056",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/38056"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://intevydis.blogspot.com/2010/01/zeus-web-server-ssl2clienthello.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-0359",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the SSLv2 support in Zeus Web Server before 4.3r5 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long string in an invalid Client Hello message."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2010-0147",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0147"
},
{
"name": "61699",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/61699"
},
{
"name": "http://support.zeus.com/zws/news/2010/01/13/zws_4_3r5_released",
"refsource": "CONFIRM",
"url": "http://support.zeus.com/zws/news/2010/01/13/zws_4_3r5_released"
},
{
"name": "http://support.zeus.com/zws/media/docs/4.3/RELEASE_NOTES",
"refsource": "CONFIRM",
"url": "http://support.zeus.com/zws/media/docs/4.3/RELEASE_NOTES"
},
{
"name": "1023465",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1023465"
},
{
"name": "http://intevydis.com/vd-list.shtml",
"refsource": "MISC",
"url": "http://intevydis.com/vd-list.shtml"
},
{
"name": "37829",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/37829"
},
{
"name": "38056",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38056"
},
{
"name": "http://intevydis.blogspot.com/2010/01/zeus-web-server-ssl2clienthello.html",
"refsource": "MISC",
"url": "http://intevydis.blogspot.com/2010/01/zeus-web-server-ssl2clienthello.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-0359",
"datePublished": "2010-01-20T16:00:00.000Z",
"dateReserved": "2010-01-20T00:00:00.000Z",
"dateUpdated": "2024-09-16T22:56:40.138Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-0362 (GCVE-0-2010-0362)
Vulnerability from cvelistv5 – Published: 2010-01-20 16:00 – Updated: 2024-09-16 22:15
VLAI
Summary
Zeus Web Server before 4.3r5 does not use random transaction IDs for DNS requests, which makes it easier for remote attackers to spoof DNS responses.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| http://support.zeus.com/zws/media/docs/4.3/RELEAS… | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:45:12.187Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.zeus.com/zws/media/docs/4.3/RELEASE_NOTES"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Zeus Web Server before 4.3r5 does not use random transaction IDs for DNS requests, which makes it easier for remote attackers to spoof DNS responses."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-01-20T16:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.zeus.com/zws/media/docs/4.3/RELEASE_NOTES"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-0362",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Zeus Web Server before 4.3r5 does not use random transaction IDs for DNS requests, which makes it easier for remote attackers to spoof DNS responses."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://support.zeus.com/zws/media/docs/4.3/RELEASE_NOTES",
"refsource": "CONFIRM",
"url": "http://support.zeus.com/zws/media/docs/4.3/RELEASE_NOTES"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-0362",
"datePublished": "2010-01-20T16:00:00.000Z",
"dateReserved": "2010-01-20T00:00:00.000Z",
"dateUpdated": "2024-09-16T22:15:44.434Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-0359 (GCVE-0-2010-0359)
Vulnerability from cvelistv5 – Published: 2010-01-20 16:00 – Updated: 2024-09-16 22:56
VLAI
Summary
Buffer overflow in the SSLv2 support in Zeus Web Server before 4.3r5 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long string in an invalid Client Hello message.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
9 references
| URL | Tags |
|---|---|
| http://www.vupen.com/english/advisories/2010/0147 | vdb-entryx_refsource_VUPEN |
| http://www.osvdb.org/61699 | vdb-entryx_refsource_OSVDB |
| http://support.zeus.com/zws/news/2010/01/13/zws_4… | x_refsource_CONFIRM |
| http://support.zeus.com/zws/media/docs/4.3/RELEAS… | x_refsource_CONFIRM |
| http://securitytracker.com/id?1023465 | vdb-entryx_refsource_SECTRACK |
| http://intevydis.com/vd-list.shtml | x_refsource_MISC |
| http://www.securityfocus.com/bid/37829 | vdb-entryx_refsource_BID |
| http://secunia.com/advisories/38056 | third-party-advisoryx_refsource_SECUNIA |
| http://intevydis.blogspot.com/2010/01/zeus-web-se… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:45:12.158Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2010-0147",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0147"
},
{
"name": "61699",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/61699"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.zeus.com/zws/news/2010/01/13/zws_4_3r5_released"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.zeus.com/zws/media/docs/4.3/RELEASE_NOTES"
},
{
"name": "1023465",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1023465"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://intevydis.com/vd-list.shtml"
},
{
"name": "37829",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/37829"
},
{
"name": "38056",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/38056"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://intevydis.blogspot.com/2010/01/zeus-web-server-ssl2clienthello.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the SSLv2 support in Zeus Web Server before 4.3r5 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long string in an invalid Client Hello message."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-01-20T16:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2010-0147",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/0147"
},
{
"name": "61699",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/61699"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.zeus.com/zws/news/2010/01/13/zws_4_3r5_released"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.zeus.com/zws/media/docs/4.3/RELEASE_NOTES"
},
{
"name": "1023465",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1023465"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://intevydis.com/vd-list.shtml"
},
{
"name": "37829",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/37829"
},
{
"name": "38056",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/38056"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://intevydis.blogspot.com/2010/01/zeus-web-server-ssl2clienthello.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-0359",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the SSLv2 support in Zeus Web Server before 4.3r5 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long string in an invalid Client Hello message."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2010-0147",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0147"
},
{
"name": "61699",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/61699"
},
{
"name": "http://support.zeus.com/zws/news/2010/01/13/zws_4_3r5_released",
"refsource": "CONFIRM",
"url": "http://support.zeus.com/zws/news/2010/01/13/zws_4_3r5_released"
},
{
"name": "http://support.zeus.com/zws/media/docs/4.3/RELEASE_NOTES",
"refsource": "CONFIRM",
"url": "http://support.zeus.com/zws/media/docs/4.3/RELEASE_NOTES"
},
{
"name": "1023465",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1023465"
},
{
"name": "http://intevydis.com/vd-list.shtml",
"refsource": "MISC",
"url": "http://intevydis.com/vd-list.shtml"
},
{
"name": "37829",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/37829"
},
{
"name": "38056",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38056"
},
{
"name": "http://intevydis.blogspot.com/2010/01/zeus-web-server-ssl2clienthello.html",
"refsource": "MISC",
"url": "http://intevydis.blogspot.com/2010/01/zeus-web-server-ssl2clienthello.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-0359",
"datePublished": "2010-01-20T16:00:00.000Z",
"dateReserved": "2010-01-20T00:00:00.000Z",
"dateUpdated": "2024-09-16T22:56:40.138Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-0363 (GCVE-0-2010-0363)
Vulnerability from cvelistv5 – Published: 2010-01-20 16:00 – Updated: 2024-09-17 04:09
VLAI
Summary
Cross-site scripting (XSS) vulnerability in Zeus Web Server before 4.3r5, when SSL is enabled for the admin server, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2002-1785.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| http://support.zeus.com/zws/media/docs/4.3/RELEAS… | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:45:12.159Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.zeus.com/zws/media/docs/4.3/RELEASE_NOTES"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in Zeus Web Server before 4.3r5, when SSL is enabled for the admin server, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2002-1785."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-01-20T16:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.zeus.com/zws/media/docs/4.3/RELEASE_NOTES"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-0363",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in Zeus Web Server before 4.3r5, when SSL is enabled for the admin server, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2002-1785."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://support.zeus.com/zws/media/docs/4.3/RELEASE_NOTES",
"refsource": "CONFIRM",
"url": "http://support.zeus.com/zws/media/docs/4.3/RELEASE_NOTES"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-0363",
"datePublished": "2010-01-20T16:00:00.000Z",
"dateReserved": "2010-01-20T00:00:00.000Z",
"dateUpdated": "2024-09-17T04:09:35.969Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}