Vulnerabilities > CVE-2006-5614 - Remote Denial of Service vulnerability in Microsoft Windows NT Helper Components and Windows XP
Attack vector
NETWORK Attack complexity
HIGH Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
Microsoft Windows NAT Helper Components (ipnathlp.dll) on Windows XP SP2, when Internet Connection Sharing is enabled, allows remote attackers to cause a denial of service (svchost.exe crash) via a malformed DNS query, which results in a null pointer dereference.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 | |
OS | 1 |
Exploit-Db
description | MS Windows NAT Helper Components (ipnathlp.dll) Remote DoS Exploit. CVE-2006-5614. Dos exploit for windows platform |
file | exploits/windows/dos/2672.py |
id | EDB-ID:2672 |
last seen | 2016-01-31 |
modified | 2006-10-28 |
platform | windows |
port | |
published | 2006-10-28 |
reporter | h07 |
source | https://www.exploit-db.com/download/2672/ |
title | Microsoft Windows NAT Helper Components ipnathlp.dll Remote DoS Exploit |
type | dos |
Metasploit
description | This module exploits a denial of service vulnerability within the Internet Connection Sharing service in Windows XP. |
id | MSF:AUXILIARY/DOS/WINDOWS/NAT/NAT_HELPER |
last seen | 2020-06-13 |
modified | 2017-07-24 |
published | 2006-12-08 |
references | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5614 |
reporter | Rapid7 |
source | https://github.com/rapid7/metasploit-framework/blob/master//modules/auxiliary/dos/windows/nat/nat_helper.rb |
title | Microsoft Windows NAT Helper Denial of Service |
References
- http://research.eeye.com/html/alerts/zeroday/20061028.html
- http://secunia.com/advisories/22592
- http://securitytracker.com/id?1017133
- http://www.osvdb.org/30096
- http://www.securityfocus.com/bid/20804
- http://www.vupen.com/english/advisories/2006/4248
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29917
- https://www.exploit-db.com/exploits/2672