Lucene search

[email protected]CVE-2001-1533

HistoryDec 31, 2001 - 5:00 a.m.

CVE-2001-1533

2001-12-3105:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

microsoft

isa server 2000

denial of service

fragmented udp packets

remote attack

7.3 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.098 Low

EPSS

Percentile

94.8%

JSON

Microsoft Internet Security and Acceleration (ISA) Server 2000 allows remote attackers to cause a denial of service via a flood of fragmented UDP packets. NOTE: the vendor disputes this issue, saying that it requires high bandwidth to exploit, and the server does not experience any instability. Therefore this “laws of physics” issue might not be included in CVE

CPENameOperatorVersion
microsoft:isa_servermicrosoft isa servereq2000

CPE	Name	Operator	Version
microsoft:isa_server	microsoft isa server	eq	2000

References

cert.uni-stuttgart.de/archive/bugtraq/2001/11/msg00018.html

cert.uni-stuttgart.de/archive/bugtraq/2001/11/msg00031.html

www.iss.net/security_center/static/7446.php

www.securityfocus.com/bid/3501

7.3 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.098 Low

EPSS

Percentile

94.8%

JSON

Related for CVE-2001-1533

cvelist1