Denial of Service Vulnerability in Microsoft ISA Server 2000
CVE-2001-1533

Currently unrated

Key Information:

Vendor: Microsoft
Status: Isa Server
Vendor: CVE Published:; 31 December 2001

Summary

Microsoft Internet Security and Acceleration (ISA) Server 2000 is susceptible to a denial of service (DoS) vulnerability that can be triggered by remote attackers utilizing a flood of fragmented UDP packets. While the vendor claims the issue demands high bandwidth for successful exploitation, and asserts that it does not lead to server instability, the theoretical risk of performance degradation remains a concern for network administrators. Organizations using this product should be aware of the potential implications and consider implementing appropriate network defenses.

References

http://www.securityfocus.com/bid/3501

vdb-entryx_refsource_BID

http://www.iss.net/security_center/static/7446.php

vdb-entryx_refsource_XF

http://cert.uni-stuttgart.de/archive/bugtraq/2001/11/msg0...

mailing-listx_refsource_BUGTRAQ

EPSS Score

34% chance of being exploited in the next 30 days.

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Dec 31, 2001