CVE-2001-1184

Name of the Vulnerable Software and Affected Versions Denicomp Winsock RSHD/NT versions 2.21.00 and earlier

Description The issue allows remote attackers to cause a denial of service, specifically CPU consumption, via certain invalid port numbers. In versions 2.20.00 and earlier, using an invalid port number, such as a negative number, triggers a connection attempt to that port and all ports below 1024. In version 2.21.00, specifying a port number of 1024 achieves the same effect.

Recommendations For Denicomp Winsock RSHD/NT versions 2.21.00 and earlier, consider restricting access to the wrshdsp.exe component to minimize the risk of exploitation until a patch is available. As a temporary workaround, avoid using invalid port numbers, especially negative numbers and the number 1024, in the affected application.