CVE-2001-0323

high

Description

The ICMP path MTU (PMTU) discovery feature in various UNIX systems allows remote attackers to cause a denial of service by spoofing "ICMP Fragmentation needed but Don't Fragment (DF) set" packets between two target hosts, which could cause one host to lower its MTU when transmitting to the other host.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/5975

http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html

http://www.mandriva.com/security/advisories?name=MDVSA-2013:150

http://marc.info/?l=bugtraq&m=97958349623450&w=2

Details

Source: Mitre, NVD

Published: 2001-06-02

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 6.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Severity: High

EPSS

EPSS: 0.00741