CVE

Id
3145  
CVE No.
CVE-2001-0324  
Status
Candidate  
Description
Windows 98 and Windows 2000 Java clients allow remote attackers to cause a denial of service via a Java applet that opens a large number of UDP sockets, which prevents the host from establishing any additional UDP connections, and possibly causes a crash.  
Phase
Proposed (20010404)  
Votes
MODIFY(1) Frech | NOOP(2) Cole, Ziese | RECAST(1) LeBlanc | REVIEWING(3) Baker, Bishop, Wall  
Comments
LeBlanc> Sun"s Java specification does not provide for limits on the | number of sockets that can be opened. We didn"t write the spec, we just | implemented it. Aside from the issue of EX-CLIENT-DOS issues noted in my | comments on CVE-2001-0322, the vuln would need to be recast to show that | the actual problem lies in Java. If the description is recast to show | that the issue is in Sun"s Java specification, then please change my | vote to NOOP, as per the "don"t vote on issues with other vendors" rule. | Frech> XF:win-udp-dos(6070)  

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
13108 3145 CVE-2001-0324 BUGTRAQ:20010206 Windows client UDP exhaustion denial of service  View
13109 3145 CVE-2001-0324 URL:http://archives.neohapsis.com/archives/win2ksecadvice/2001-q1/0060.html  View
13110 3145 CVE-2001-0324 BID:2340  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
64042 JVNDB-2001-000016 Microsoft Windows の UDP ソケットにおけるサービス運用妨害 (DoS) の脆弱性 Microsoft Windows には、多数の UDP ソケットを消費させることで、DNS による名前解決を不可能とする、あるいは、新規の TCP 接続の確立を不可能にすることが可能な脆弱性が存在します。 CVE-2001-0324 3145 2.6 http://jvndb.jvn.jp/ja/contents/2001/JVNDB-2001-000016.html  View