Denial of Service Vulnerability in TCP Implementations by Multiple Vendors
CVE-2001-1244

Currently unrated

Key Information:

Vendor

Microsoft
Status
Windows Nt
OpenBSD
HP-ux
Netbsd
Vendor
CVE Published:
7 July 2001

What is CVE-2001-1244?

Multiple TCP implementations are susceptible to attacks that exploit the maximum segment size (MSS). By setting the MSS to an extremely low value and requesting large amounts of data, attackers can cause significant bandwidth and CPU exhaustion. This results in an amplification of network traffic, as the server must process a greater number of smaller packets, overwhelming its resources and potentially leading to service disruption.

References

http://www.securityfocus.com/archive/1/195457
mailing-listx_refsource_BUGTRAQ
https://exchange.xforce.ibmcloud.com/vulnerabilities/6824
vdb-entryx_refsource_XF
http://www.securityfocus.com/bid/2997
vdb-entryx_refsource_BID

EPSS Score

8% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability Reserved

  • Vulnerability published

.