CVE-2001-1244

Multiple TCP Implementations - DoS

Title source: llm

Description

Multiple TCP implementations could allow remote attackers to cause a denial of service (bandwidth and CPU exhaustion) by setting the maximum segment size (MSS) to a very small number and requesting large amounts of data, which generates more packets with less TCP-level data that amplify network traffic and consume more server CPU to process.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Darren Reed · cdosmultiple

https://www.exploit-db.com/exploits/20997

View Code ZIP pw:eip

References (3)

[Exploit, Vendor Advisory] http://www.securityfocus.com/bid/2997

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/6824

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/195457

Scores

EPSS 0.1680

EPSS Percentile 94.8%

Classification

Status draft

Affected Products (29)

freebsd/freebsd

hp/hp-ux

hp/hp-ux

hp/hp-ux

hp/vvos

linux/linux_kernel

linux/linux_kernel

linux/linux_kernel

linux/linux_kernel

linux/linux_kernel

linux/linux_kernel

microsoft/windows_2000

microsoft/windows_2000

microsoft/windows_2000

microsoft/windows_nt

... and 14 more

Timeline

Published Jul 07, 2001

Tracked Since Feb 18, 2026