medium
5
CWE
NVD-CWE-Other
Advisory Published
CVE Published
Updated

CVE-2001-1244

First published: Sat Jul 07 2001(Updated: )

Multiple TCP implementations could allow remote attackers to cause a denial of service (bandwidth and CPU exhaustion) by setting the maximum segment size (MSS) to a very small number and requesting large amounts of data, which generates more packets with less TCP-level data that amplify network traffic and consume more server CPU to process.

Credit: cve@mitre.org

Affected SoftwareAffected VersionHow to fix
Microsoft Windows NT=4.0
OpenBSD=2.8
HPE HP-UX=11.11
Microsoft Windows NT=4.0-sp2
NetBSD NetBSD=1.5
OpenBSD=2.9
Sun SunOS=5.7
Sun SunOS=5.8
Microsoft Windows 2000=sp2
Microsoft Windows NT=4.0-sp1
Microsoft Windows NT=4.0-sp4
Microsoft Windows 2000
HPE HP-UX=11.00
Microsoft Windows NT=4.0-sp6a
NetBSD NetBSD=1.5.1
Linux Kernel=2.4.0
Linux Kernel=2.4.2
HPE HP-UX=11.0.4
Microsoft Windows NT=4.0-sp6
Microsoft Windows 2000=sp1
HP Virtual Voice Overhead System=11.04
Linux Kernel=2.4.5
Sun SunOS=5.5.1
FreeBSD FreeBSD=4.3
Linux Kernel=2.4.3
Linux Kernel=2.4.1
Linux Kernel=2.4.4
Microsoft Windows NT=4.0-sp3
Microsoft Windows NT=4.0-sp5

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2001-1244?

    CVE-2001-1244 is considered a high severity vulnerability due to its potential to cause denial of service by exhausting bandwidth and CPU resources.

  • How do I fix CVE-2001-1244?

    To fix CVE-2001-1244, you should update your TCP/IP stack and monitor your network traffic for unusual patterns that may exploit this vulnerability.

  • Which operating systems are affected by CVE-2001-1244?

    CVE-2001-1244 affects multiple operating systems including Microsoft Windows NT, OpenBSD, HP-UX, and various versions of Linux and SunOS.

  • What type of attack does CVE-2001-1244 enable?

    CVE-2001-1244 enables remote attackers to perform denial of service attacks by manipulating the maximum segment size (MSS) in TCP connections.

  • Is there any known exploit for CVE-2001-1244?

    Yes, there are known exploits for CVE-2001-1244 that leverage small MSS values to generate excessive TCP traffic, leading to denial of service.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203