Denial of Service Vulnerability in Windows XP SP2 NAT Helper Components
CVE-2006-5614

Currently unrated

Key Information:

Vendor: Microsoft
Status: Windows Nt Helper Components
Vendor: CVE Published:; 31 October 2006

Badges

👾 Exploit Exists🟡 Public PoC🟣 EPSS 88%

What is CVE-2006-5614?

The NAT Helper Components (ipnathlp.dll) of Microsoft Windows XP SP2, specifically when Internet Connection Sharing is enabled, are susceptible to a denial of service attack. Remote attackers can exploit this vulnerability by sending a malformed DNS query, leading to a null pointer dereference that crashes the svchost.exe process. This disruption could significantly affect network connectivity for users relying on the affected product.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2006-5614 - Proof of Concept

References

http://secunia.com/advisories/22592

third-party-advisoryx_refsource_SECUNIA

http://www.securityfocus.com/bid/20804

vdb-entryx_refsource_BID

http://research.eeye.com/html/alerts/zeroday/20061028.html

x_refsource_MISC

EPSS Score

88% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

🟡
Public PoC available
Oct 31, 2006
👾
Exploit known to exist
Oct 31, 2006
Vulnerability published
Oct 31, 2006
Vulnerability Reserved
Oct 30, 2006

CVE-2006-5614 Data

JSON