45 matches found
CVE-2010-0362
Zeus Web Server before 4.3r5 does not use random transaction IDs for DNS requests, which makes it easier for remote attackers to spoof DNS responses...
CVE-2010-0359
Buffer overflow in the SSLv2 support in Zeus Web Server before 4.3r5 allows remote attackers to cause a denial of service daemon crash or possibly execute arbitrary code via a long string in an invalid Client Hello message...
EUVD-2000-0148
Malware in sbrugna...
EUVD-2010-0394
Malware in sbrugna...
EUVD-1999-0865
Malware in sbrugna...
EUVD-2010-0393
Malware in sbrugna...
CVE-2010-0363
Cross-site scripting XSS vulnerability in Zeus Web Server before 4.3r5, when SSL is enabled for the admin server, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2002-1785...
CVE-2002-1785
Cross-site scripting XSS vulnerability in Zeus Administration Server in Zeus Web Server 4.0 through 4.1r2 allows remote authenticated users to inject arbitrary web script or HTML via the section parameter to index.fcgi...
CVE-1999-0883
Zeus web server allows remote attackers to read arbitrary files by specifying the file name in an option to the search engine...
CVE-1999-0884
The Zeus web server administrative interface uses weak encryption for its passwords...
Zeus Web Server Detection
Checks whether Zeus Web Server is present on the target system and if so, tried to figure out the installed version. Copyright C 2019 Greenbone Networks GmbH SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it under the terms of the GN...
Zeus Web Server 3.x Null Terminated Strings Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/977/info Appending %00 to the end of a CGI script filename will permit a remote client to view full contents of the script if the CGI module option allow CGIs anywhere is enabled. Scripts located in directories which are...
Zeus Web Server 4.x 'SSL2_CLIENT_HELLO' Remote Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/37829/info Zeus Web Server is prone to a buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data. Attackers can exploit this issue to execute arbitrary code...
Zeus Web Server 4.0/4.1 Admin Interface Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/6144/info The Zeus Web Server contains a web based administration interface that is vulnerable to cross site scripting attacks. Due to insufficient sanitization of user-supplied input it is possible for an attacker to...
Update Protection against Zeus Web Server SSL2_Client_Hello Buffer Overflow
Zeus Web Server is a web server for Unix and Unix-like platforms. A buffer overflow was detected in Zeus Web Server SSL2 implementation SSL2CLIENTHELLO...
CVE-2010-0362
Zeus Web Server before 4.3r5 does not use random transaction IDs for DNS requests, which makes it easier for remote attackers to spoof DNS responses...
CVE-2010-0359
Buffer overflow in the SSLv2 support in Zeus Web Server before 4.3r5 allows remote attackers to cause a denial of service daemon crash or possibly execute arbitrary code via a long string in an invalid Client Hello message...
Code injection
Zeus Web Server before 4.3r5 does not use random transaction IDs for DNS requests, which makes it easier for remote attackers to spoof DNS responses...
Buffer overflow
Buffer overflow in the SSLv2 support in Zeus Web Server before 4.3r5 allows remote attackers to cause a denial of service daemon crash or possibly execute arbitrary code via a long string in an invalid Client Hello message...
Cross site scripting
Cross-site scripting XSS vulnerability in Zeus Web Server before 4.3r5, when SSL is enabled for the admin server, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2002-1785...