CVE-2001-1244

Multiple TCP implementations could allow remote attackers to cause a denial of service (bandwidth and CPU exhaustion) by setting the maximum segment size (MSS) to a very small number and requesting large amounts of data, which generates more packets with less TCP-level data that amplify network traffic and consume more server CPU to process.

Affected Software

Name	Vendor	Start Version	End Version
Freebsd	Freebsd	4.3 (including)	4.3 (including)
Hp-ux	Hp	11.00 (including)	11.00 (including)
Hp-ux	Hp	11.0.4 (including)	11.0.4 (including)
Hp-ux	Hp	11.11 (including)	11.11 (including)
Vvos	Hp	11.04 (including)	11.04 (including)
Linux_kernel	Linux	2.4.0 (including)	2.4.0 (including)
Linux_kernel	Linux	2.4.1 (including)	2.4.1 (including)
Linux_kernel	Linux	2.4.2 (including)	2.4.2 (including)
Linux_kernel	Linux	2.4.3 (including)	2.4.3 (including)
Linux_kernel	Linux	2.4.4 (including)	2.4.4 (including)
Linux_kernel	Linux	2.4.5 (including)	2.4.5 (including)
Windows_2000	Microsoft	*	*
Windows_nt	Microsoft	4.0 (including)	4.0 (including)
Windows_nt	Microsoft	4.0-sp1 (including)	4.0-sp1 (including)
Windows_nt	Microsoft	4.0-sp2 (including)	4.0-sp2 (including)
Windows_nt	Microsoft	4.0-sp3 (including)	4.0-sp3 (including)
Windows_nt	Microsoft	4.0-sp4 (including)	4.0-sp4 (including)
Windows_nt	Microsoft	4.0-sp5 (including)	4.0-sp5 (including)
Windows_nt	Microsoft	4.0-sp6 (including)	4.0-sp6 (including)
Windows_nt	Microsoft	4.0-sp6a (including)	4.0-sp6a (including)
Netbsd	Netbsd	1.5 (including)	1.5 (including)
Netbsd	Netbsd	1.5.1 (including)	1.5.1 (including)
Openbsd	Openbsd	2.8 (including)	2.8 (including)
Openbsd	Openbsd	2.9 (including)	2.9 (including)
Sunos	Sun	5.5.1 (including)	5.5.1 (including)
Sunos	Sun	5.7 (including)	5.7 (including)
Sunos	Sun	5.8 (including)	5.8 (including)

NVD	https://nvd.nist.gov/vuln/detail/CVE-2001-1244
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html

Affected Software

References