CVE-2001-1244

Multiple TCP Implementations - DoS

Title source: llm

Description

Multiple TCP implementations could allow remote attackers to cause a denial of service (bandwidth and CPU exhaustion) by setting the maximum segment size (MSS) to a very small number and requesting large amounts of data, which generates more packets with less TCP-level data that amplify network traffic and consume more server CPU to process.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Darren Reed · cdosmultiple

https://www.exploit-db.com/exploits/20997

View Code ZIP pw:eip

References (3)

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/195457

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/6824

[Exploit, Vendor Advisory] http://www.securityfocus.com/bid/2997

Scores

EPSS 0.1680

EPSS Percentile 95.0%

Details

Status published

Products (20)

freebsd/freebsd 4.3

hp/hp-ux 11.00

hp/hp-ux 11.0.4

hp/hp-ux 11.11

hp/vvos 11.04

linux/linux_kernel 2.4.0

linux/linux_kernel 2.4.1

linux/linux_kernel 2.4.2

linux/linux_kernel 2.4.3

linux/linux_kernel 2.4.4

... and 10 more

Published Jul 07, 2001

Tracked Since Feb 18, 2026