CVE-2001-1244
Last modified
CVE-2001-1244 is a vulnerability of currently unknown severity. Multiple TCP implementations could allow remote attackers to cause a denial of service (bandwidth and CPU exhaustion) by setting the maximum segment size (MSS) to a very small number and requesting large amounts of data, which generates more packets with less TCP-level data that amplify network traffic and consume more server CPU to process.. EPSS estimates a 35.29% chance of exploitation in the next 30 days.
Description
Multiple TCP implementations could allow remote attackers to cause a denial of service (bandwidth and CPU exhaustion) by setting the maximum segment size (MSS) to a very small number and requesting large amounts of data, which generates more packets with less TCP-level data that amplify network traffic and consume more server CPU to process.
Metrics
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Freebsd | Freebsd | 4.3 |
| Hp | Hp-Ux | 11.00 |
| Hp | Hp-Ux | 11.0.4 |
| Hp | Hp-Ux | 11.11 |
| Hp | Vvos | 11.04 |
| Linux | Linux Kernel | 2.4.0 |
| Linux | Linux Kernel | 2.4.1 |
| Linux | Linux Kernel | 2.4.2 |
| Linux | Linux Kernel | 2.4.3 |
| Linux | Linux Kernel | 2.4.4 |
| Linux | Linux Kernel | 2.4.5 |
| Microsoft | Windows 2000 | All versions |
| Microsoft | Windows Nt | 4.0 |
| Netbsd | Netbsd | 1.5 |
| Netbsd | Netbsd | 1.5.1 |
| Openbsd | Openbsd | 2.8 |
| Openbsd | Openbsd | 2.9 |
| Sun | Sunos | 5.5.1 |
| Sun | Sunos | 5.7 |
| Sun | Sunos | 5.8 |
References
- http://www.securityfocus.com/bid/2997Exploit, Vendor Advisory
- http://www.securityfocus.com/bid/2997Exploit, Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2001-1244?
How severe is CVE-2001-1244?
How do I fix CVE-2001-1244?
Are you affected by CVE-2001-1244?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST