CVE-2001-1244
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
07/07/2001
Last modified:
03/04/2025
Description
Multiple TCP implementations could allow remote attackers to cause a denial of service (bandwidth and CPU exhaustion) by setting the maximum segment size (MSS) to a very small number and requesting large amounts of data, which generates more packets with less TCP-level data that amplify network traffic and consume more server CPU to process.
Impact
Base Score 2.0
5.00
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:freebsd:freebsd:4.3:*:*:*:*:*:*:* | ||
| cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:* | ||
| cpe:2.3:o:hp:hp-ux:11.0.4:*:*:*:*:*:*:* | ||
| cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:* | ||
| cpe:2.3:o:hp:vvos:11.04:*:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:2.4.0:*:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:2.4.1:*:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:2.4.2:*:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:2.4.3:*:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:2.4.4:*:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:2.4.5:*:*:*:*:*:*:* | ||
| cpe:2.3:o:microsoft:windows_2000:*:*:workstation:*:*:*:*:* | ||
| cpe:2.3:o:microsoft:windows_2000:*:sp1:*:*:*:*:*:* | ||
| cpe:2.3:o:microsoft:windows_2000:*:sp2:*:*:*:*:*:* | ||
| cpe:2.3:o:microsoft:windows_nt:4.0:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page