Vulnerability Description
Multiple TCP implementations could allow remote attackers to cause a denial of service (bandwidth and CPU exhaustion) by setting the maximum segment size (MSS) to a very small number and requesting large amounts of data, which generates more packets with less TCP-level data that amplify network traffic and consume more server CPU to process.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Freebsd | Freebsd | 4.3 |
| Hp | Hp-Ux | 11.00 |
| Hp | Vvos | 11.04 |
| Linux | Linux Kernel | 2.4.0 |
| Microsoft | Windows 2000 | All versions |
| Microsoft | Windows Nt | 4.0 |
| Netbsd | Netbsd | 1.5 |
| Openbsd | Openbsd | 2.8 |
| Sun | Sunos | 5.5.1 |
References
- http://www.securityfocus.com/archive/1/195457
- http://www.securityfocus.com/bid/2997ExploitVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6824
- http://www.securityfocus.com/archive/1/195457
- http://www.securityfocus.com/bid/2997ExploitVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6824
FAQ
What is CVE-2001-1244?
CVE-2001-1244 is a vulnerability with a CVSS score of 5.0 (MEDIUM). Multiple TCP implementations could allow remote attackers to cause a denial of service (bandwidth and CPU exhaustion) by setting the maximum segment size (MSS) to a very small number and requesting la...
How severe is CVE-2001-1244?
CVE-2001-1244 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2001-1244?
Check the references section above for vendor advisories and patch information. Affected products include: Freebsd Freebsd, Hp Hp-Ux, Hp Vvos, Linux Linux Kernel, Microsoft Windows 2000.