Back to search
CVE-2001-0877
Published: Mar 9, 2002
Modified: Aug 8, 2024
PUBLISHED
Description
Universal Plug and Play (UPnP) on Windows 98, 98SE, ME, and XP allows remote attackers to cause a denial of service via (1) a spoofed SSDP advertisement that causes the client to connect to a service on another machine that generates a large amount of traffic (e.g., chargen), or (2) via a spoofed SSDP announcement to broadcast or multicast addresses, which could cause all UPnP clients to send traffic to a single target system.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
VU#411059
third-party-advisory
x_refsource_CERT-VN
M-030
third-party-advisory
government-resource
x_refsource_CIAC
20020109 UPNP Denial of Service
mailing-list
x_refsource_BUGTRAQ
20011220 Multiple Remote Windows XP/ME/98 Vulnerabilities
mailing-list
x_refsource_NTBUGTRAQ
20011220 Multiple Remote Windows XP/ME/98 Vulnerabilities
mailing-list
x_refsource_BUGTRAQ
CA-2001-37
third-party-advisory
x_refsource_CERT
win-upnp-udp-dos(7722)
vdb-entry
x_refsource_XF
MS01-059
vendor-advisory
x_refsource_MS
3724
vdb-entry
x_refsource_BID
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now