First published: Thu Dec 20 2001(Updated: )
Universal Plug and Play (UPnP) on Windows 98, 98SE, ME, and XP allows remote attackers to cause a denial of service via (1) a spoofed SSDP advertisement that causes the client to connect to a service on another machine that generates a large amount of traffic (e.g., chargen), or (2) via a spoofed SSDP announcement to broadcast or multicast addresses, which could cause all UPnP clients to send traffic to a single target system.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Microsoft Windows 98SE | ||
Microsoft Windows Me | ||
Microsoft Windows 98 | =gold | |
Microsoft Windows XP | =gold |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.