Vulnerabilities > CVE-2006-5614 - Remote Denial of Service vulnerability in Microsoft Windows NT Helper Components and Windows XP

CVSS 2.6 - LOW

Attack vector

NETWORK

Attack complexity

HIGH

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

high complexity

microsoft

exploit available

metasploit

NVD

Published: 2006-10-31

Updated: 2017-10-19

Summary

Microsoft Windows NAT Helper Components (ipnathlp.dll) on Windows XP SP2, when Internet Connection Sharing is enabled, allows remote attackers to cause a denial of service (svchost.exe crash) via a malformed DNS query, which results in a null pointer dereference.

Vulnerable Configurations

Part	Description	Count
Application	Microsoft Microsoft Windows NT Helper Components *	1
OS	Microsoft Microsoft Windows XP *	1

Exploit-Db

description	MS Windows NAT Helper Components (ipnathlp.dll) Remote DoS Exploit. CVE-2006-5614. Dos exploit for windows platform
file	exploits/windows/dos/2672.py
id	EDB-ID:2672
last seen	2016-01-31
modified	2006-10-28
platform	windows
port
published	2006-10-28
reporter	h07
source	https://www.exploit-db.com/download/2672/
title	Microsoft Windows NAT Helper Components ipnathlp.dll Remote DoS Exploit
type	dos

Metasploit

description	This module exploits a denial of service vulnerability within the Internet Connection Sharing service in Windows XP.
id	MSF:AUXILIARY/DOS/WINDOWS/NAT/NAT_HELPER
last seen	2020-06-13
modified	2017-07-24
published	2006-12-08
references	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5614
reporter	Rapid7
source	https://github.com/rapid7/metasploit-framework/blob/master//modules/auxiliary/dos/windows/nat/nat_helper.rb
title	Microsoft Windows NAT Helper Denial of Service

Summary

Vulnerable Configurations

Exploit-Db

Metasploit

References