Vulnerability Details CVE-2001-1244
Multiple TCP implementations could allow remote attackers to cause a denial of service (bandwidth and CPU exhaustion) by setting the maximum segment size (MSS) to a very small number and requesting large amounts of data, which generates more packets with less TCP-level data that amplify network traffic and consume more server CPU to process.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.087
EPSS Ranking 92.0%
CVSS Severity
CVSS v2 Score 5.0
References
Products affected by CVE-2001-1244
-
cpe:2.3:o:freebsd:freebsd:4.3
-
cpe:2.3:o:hp:hp-ux:11.0.4
-
cpe:2.3:o:hp:hp-ux:11.00
-
cpe:2.3:o:hp:hp-ux:11.11
-
cpe:2.3:o:hp:vvos:11.04
-
cpe:2.3:o:linux:linux_kernel:2.4.0
-
cpe:2.3:o:linux:linux_kernel:2.4.1
-
cpe:2.3:o:linux:linux_kernel:2.4.2
-
cpe:2.3:o:linux:linux_kernel:2.4.3
-
cpe:2.3:o:linux:linux_kernel:2.4.4
-
cpe:2.3:o:linux:linux_kernel:2.4.5
-
cpe:2.3:o:microsoft:windows_2000:*
-
cpe:2.3:o:microsoft:windows_2000:-
-
cpe:2.3:o:microsoft:windows_nt:4.0
-
cpe:2.3:o:netbsd:netbsd:1.5
-
cpe:2.3:o:netbsd:netbsd:1.5.1
-
cpe:2.3:o:openbsd:openbsd:2.8
-
cpe:2.3:o:openbsd:openbsd:2.9
-
cpe:2.3:o:sun:sunos:5.5.1
-
cpe:2.3:o:sun:sunos:5.7
-
cpe:2.3:o:sun:sunos:5.8