CVE-2001-0877

Name of the Vulnerable Software and Affected Versions Windows versions 98, 98SE, ME, and XP

Description The issue allows remote attackers to cause a denial of service. This can be achieved through a spoofed SSDP advertisement that causes the client to connect to a service on another machine generating a large amount of traffic, or via a spoofed SSDP announcement to broadcast or multicast addresses, potentially causing all clients to send traffic to a single target system.

Recommendations For Windows 98, 98SE, ME, and XP, consider disabling the Universal Plug and Play (UPnP) service to prevent exploitation until a fix is available. Restrict access to SSDP announcements and advertisements to minimize the risk of denial of service attacks.