Vulnerability CVE-2001-1244 - CERT Civis.Net

Vulnerability Name:

CVE-2001-1244 (CCN-6824)

Assigned:

2001-07-07

Published:

2001-07-07

Updated:

2018-10-30

Summary:

Multiple TCP implementations could allow remote attackers to cause a denial of service (bandwidth and CPU exhaustion) by setting the maximum segment size (MSS) to a very small number and requesting large amounts of data, which generates more packets with less TCP-level data that amplify network traffic and consume more server CPU to process.

CVSS v3 Severity:

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Low

CVSS v2 Severity:

5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

Vulnerability Type:

Vulnerability Consequences:

Denial of Service

References:

Source: CCN
Type: BugTraq Mailing List, Sat Jul 07 2001 - 10:47:21 CDT
Small TCP packets == very large overhead == DoS?

Source: CCN
Type: BugTraq Mailing List, Sun Jul 08 2001 - 06:30:57 CDT
Re: Small TCP packets == very large overhead == DoS?

Source: CCN
Type: BugTraq Mailing List, Mon Jul 09 2001 - 10:49:37 CDT
RE: Small TCP packets == very large overhead == DoS?

Source: CCN
Type: BugTraq Mailing List, Mon Jul 09 2001 - 11:23:22 CDT
RE: Small TCP packets == very large overhead == DoS?

Source: CCN
Type: BugTraq Mailing List, Mon Jul 09 2001 - 18:30:10 CDT
Re: Small TCP packets == very large overhead == DoS?

Source: MITRE
Type: CNA
CVE-2001-1244

Source: MITRE
Type: CNA
CVE-2004-0002

Source: CCN
Type: cvs commit: src/sys/netinet ip_icmp.c tcp.h tcp_input.c tcp_subr.c tcp_usrreq.c tcp_var.h
cvs commit: src/sys/netinet ip_icmp.c tcp.h tcp_input.c tcp_subr.c tcp_usrreq.c tcp_var.h

Source: CCN
Type: OSVDB ID: 10385
Multiple TCP Implementation Mismatched MSS DoS

Source: CCN
Type: OSVDB ID: 6854
netinet TCP MSS Resource Exhaustion DoS

Source: BUGTRAQ
Type: UNKNOWN
20010708 Small TCP packets == very large overhead == DoS?

Source: BID
Type: Exploit, Vendor Advisory
2997

Source: CCN
Type: BID-2997
Multiple Vendor Small TCP MSS Denial of Service Vulnerability

Source: CCN
Type: BID-9572
FreeBSD NetINet TCP Maximum Segment Size Remote Denial Of Service Vulnerability

Source: XF
Type: UNKNOWN
tcp-mss-dos(6824)

Source: XF
Type: UNKNOWN
tcp-mss-dos(6824)

Vulnerable Configuration:

Configuration 1:

cpe:/o:freebsd:freebsd:4.3:-:*:*:*:*:*:*

OR cpe:/o:hp:hp-ux:11.00:*:*:*:*:*:*:*

OR cpe:/o:hp:hp-ux:11.0.4:*:*:*:*:*:*:*

OR cpe:/o:hp:hp-ux:11.11:*:*:*:*:*:*:*

OR cpe:/o:hp:vvos:11.04:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.4.0:-:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.4.1:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.4.2:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.4.3:-:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.4.4:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.4.5:*:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_2000:*:*:workstation:*:*:*:*:*

OR cpe:/o:microsoft:windows_2000:*:sp1:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_2000:*:sp2:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_nt:4.0:*:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_nt:4.0:sp1:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_nt:4.0:sp2:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_nt:4.0:sp3:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_nt:4.0:sp4:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_nt:4.0:sp5:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_nt:4.0:sp6:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_nt:4.0:sp6a:*:*:*:*:*:*

OR cpe:/o:netbsd:netbsd:1.5:*:*:*:*:*:*:*

OR cpe:/o:netbsd:netbsd:1.5.1:*:*:*:*:*:*:*

OR cpe:/o:openbsd:openbsd:2.8:*:*:*:*:*:*:*

OR cpe:/o:openbsd:openbsd:2.9:*:*:*:*:*:*:*

OR cpe:/o:sun:sunos:5.5.1:*:*:*:*:*:*:*

OR cpe:/o:sun:sunos:5.7:*:*:*:*:*:*:*

OR cpe:/o:sun:sunos:5.8:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/o:linux:linux_kernel:*:*:*:*:*:*:*:*

OR cpe:/o:freebsd:freebsd:*:*:*:*:*:*:*:*

OR cpe:/o:sun:sunos:5.5.1:*:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_nt:4.0:*:*:*:*:*:*:*

OR cpe:/o:hp:hp-ux:11.00:*:*:*:*:*:*:*

OR cpe:/o:netbsd:netbsd:*:*:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_2000:*:*:*:*:*:*:*:*

OR cpe:/o:openbsd:openbsd:*:*:*:*:*:*:*:*

OR cpe:/o:sun:sunos:5.8:*:*:*:*:*:*:*

OR cpe:/o:hp:hp-ux:11.04:*:*:*:*:*:*:*

OR cpe:/o:hp:hp-ux:11.11:*:*:*:*:*:*:*

OR cpe:/o:hp:hp-ux:11.20:*:*:*:*:*:*:*

OR cpe:/o:hp:hp-ux:11.22:*:*:*:*:*:*:*

OR cpe:/o:hp:hp-ux:11.23:*:*:*:*:*:*:*

OR cpe:/o:sun:sunos:5.7:*:*:*:*:*:*:*

OR cpe:/o:hp:hp-ux:11.11i:*:*:*:*:*:*:*

OR cpe:/o:hp:hp-ux:11.31:*:*:*:*:*:*:*

OR cpe:/o:hp:hp-ux:11.0.4:*:*:*:*:*:*:*

OR cpe:/o:hp:hp-ux:11.10:*:*:*:*:*:*:*

OR cpe:/o:hp:hp-ux:11.2:*:*:*:*:*:*:*

OR cpe:/o:hp:hp-ux:11.4:*:*:*:*:*:*:*

Denotes that component is vulnerable