Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2001-0323 | First vendor Publication | 2001-06-02 |
Vendor | Cve | Last vendor Modification | 2017-12-19 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:N/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 6.4 | Attack Range | Network |
Cvss Impact Score | 4.9 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
The ICMP path MTU (PMTU) discovery feature in various UNIX systems allows remote attackers to cause a denial of service by spoofing "ICMP Fragmentation needed but Don't Fragment (DF) set" packets between two target hosts, which could cause one host to lower its MTU when transmitting to the other host. |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0323 |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:19650 | |||
Oval ID: | oval:org.mitre.oval:def:19650 | ||
Title: | CRITICAL PATCH UPDATE JULY 2012 | ||
Description: | The ICMP path MTU (PMTU) discovery feature in various UNIX systems allows remote attackers to cause a denial of service by spoofing "ICMP Fragmentation needed but Don't Fragment (DF) set" packets between two target hosts, which could cause one host to lower its MTU when transmitting to the other host. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2001-0323 | Version: | 3 |
Platform(s): | Sun Solaris 10 | Product(s): | |
Definition Synopsis: | |||
|
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
8816 | Multiple Vendor ICMP Path MTU Discovery Spoofing DoS Linux, some variants of BSD, and possibly other operating systems contain a flaw in their TCP/IP stacks that may allow a remote denial of service. The issue is triggered when spoofed "fragmentation required but DF set" ICMP packets (ICMP type 3, code 4) are sent to the machine. This will cause the machine to lower the MTU for connections to the spoofed address, significantly slowing throughput and efficiency, and will result in loss of availability for the platform. |
Sources (Detail)
Alert History
Date | Informations |
---|---|
2020-05-23 00:14:35 |
|
2017-12-19 09:22:05 |
|
2016-10-18 12:00:54 |
|
2013-10-11 13:22:54 |
|
2013-05-11 12:03:50 |
|