CVSS: 5.0EPSS: 97%CPEs: 4EXPL: 0CVE-2001-0877
https://notcve.org/view.php?id=CVE-2001-0877
Universal Plug and Play (UPnP) on Windows 98, 98SE, ME, and XP allows remote attackers to cause a denial of service via (1) a spoofed SSDP advertisement that causes the client to connect to a service on another machine that generates a large amount of traffic (e.g., chargen), or (2) via a spoofed SSDP announcement to broadcast or multicast addresses, which could cause all UPnP clients to send traffic to a single target system. Desbordamiento de buffer en UPnP (Universal Plug and Play) en Windows 98, 98E, Me y XP permite a atacantes remotos ejecutar código arbitrario por medio de (1) un anuncio SSDP malicioso que insta al cliente a conectarse a una máquina que ya tiene una enorme cantidad de tráfico, o (2) un anuncio SSDP malicioso a direcciones de broadcast o multicast, lo que podría causar que todos los clientes UPnP enviasen tráfico a un único sistema objetivo. • http://marc.info/?l=bugtraq&m=100887440810532&w=2 http://marc.info/?l=ntbugtraq&m=100887271006313&w=2 http://www.cert.org/advisories/CA-2001-37.html http://www.ciac.org/ciac/bulletins/m-030.shtml http://www.kb.cert.org/vuls/id/411059 http://www.securityfocus.com/archive/1/249238 http://www.securityfocus.com/bid/3724 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-059 https://exchange.xforce.ibmcloud.com/vulnerabilities/7722 •
CVSS: 5.0EPSS: 3%CPEs: 4EXPL: 0CVE-2001-0721
https://notcve.org/view.php?id=CVE-2001-0721
Universal Plug and Play (UPnP) in Windows 98, 98SE, ME, and XP allows remote attackers to cause a denial of service (memory consumption or crash) via a malformed UPnP request. • http://marc.info/?l=bugtraq&m=100467787323377&w=2 http://marc.info/?l=bugtraq&m=100528449024158&w=2 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-054 •
CVSS: 5.0EPSS: 3%CPEs: 2EXPL: 2CVE-2001-1055 – Microsoft Windows 98 - ARP Denial of Service
https://notcve.org/view.php?id=CVE-2001-1055
The Microsoft Windows network stack allows remote attackers to cause a denial of service (CPU consumption) via a flood of malformed ARP request packets with random source IP and MAC addresses, as demonstrated by ARPNuke. • https://www.exploit-db.com/exploits/21040 http://www.securityfocus.com/archive/1/200323 http://www.securityfocus.com/bid/3113 https://exchange.xforce.ibmcloud.com/vulnerabilities/6924 •
CVSS: 7.5EPSS: 1%CPEs: 6EXPL: 0CVE-2001-0238
https://notcve.org/view.php?id=CVE-2001-0238
Microsoft Data Access Component Internet Publishing Provider 8.103.2519.0 and earlier allows remote attackers to bypass Security Zone restrictions via WebDAV requests. • http://www.ciac.org/ciac/bulletins/l-074.shtml https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-022 https://exchange.xforce.ibmcloud.com/vulnerabilities/6405 •
CVSS: 2.6EPSS: 0%CPEs: 2EXPL: 3CVE-2001-0324 – Microsoft Windows 98/2000 - UDP Socket Denial of Service
https://notcve.org/view.php?id=CVE-2001-0324
Windows 98 and Windows 2000 Java clients allow remote attackers to cause a denial of service via a Java applet that opens a large number of UDP sockets, which prevents the host from establishing any additional UDP connections, and possibly causes a crash. • https://www.exploit-db.com/exploits/20613 http://archives.neohapsis.com/archives/win2ksecadvice/2001-q1/0060.html http://www.securityfocus.com/bid/2340 •