Vulnerability Description
Microsoft Internet Security and Acceleration (ISA) Server 2000 allows remote attackers to cause a denial of service via a flood of fragmented UDP packets. NOTE: the vendor disputes this issue, saying that it requires high bandwidth to exploit, and the server does not experience any instability. Therefore this "laws of physics" issue might not be included in CVE
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Isa Server | 2000 |
References
- http://cert.uni-stuttgart.de/archive/bugtraq/2001/11/msg00018.html
- http://cert.uni-stuttgart.de/archive/bugtraq/2001/11/msg00031.html
- http://www.iss.net/security_center/static/7446.php
- http://www.securityfocus.com/bid/3501
- http://cert.uni-stuttgart.de/archive/bugtraq/2001/11/msg00018.html
- http://cert.uni-stuttgart.de/archive/bugtraq/2001/11/msg00031.html
- http://www.iss.net/security_center/static/7446.php
- http://www.securityfocus.com/bid/3501
FAQ
What is CVE-2001-1533?
CVE-2001-1533 is a vulnerability with a CVSS score of 5.3 (MEDIUM). Microsoft Internet Security and Acceleration (ISA) Server 2000 allows remote attackers to cause a denial of service via a flood of fragmented UDP packets. NOTE: the vendor disputes this issue, saying...
How severe is CVE-2001-1533?
CVE-2001-1533 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2001-1533?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Isa Server.