Vulnerability Description
The ICMP path MTU (PMTU) discovery feature in various UNIX systems allows remote attackers to cause a denial of service by spoofing "ICMP Fragmentation needed but Don't Fragment (DF) set" packets between two target hosts, which could cause one host to lower its MTU when transmitting to the other host.
CVSS Score
MEDIUM
References
- http://marc.info/?l=bugtraq&m=97958349623450&w=2
- http://www.mandriva.com/security/advisories?name=MDVSA-2013:150
- http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/5975
- http://marc.info/?l=bugtraq&m=97958349623450&w=2
- http://www.mandriva.com/security/advisories?name=MDVSA-2013:150
- http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/5975
FAQ
What is CVE-2001-0323?
CVE-2001-0323 is a vulnerability with a CVSS score of 6.4 (MEDIUM). The ICMP path MTU (PMTU) discovery feature in various UNIX systems allows remote attackers to cause a denial of service by spoofing "ICMP Fragmentation needed but Don't Fragment (DF) set" packets betw...
How severe is CVE-2001-0323?
CVE-2001-0323 has been rated MEDIUM with a CVSS base score of 6.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2001-0323?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.