Lucene search

MitreCVE-2006-5614

HistoryOct 31, 2006 - 1:07 a.m.

CVE-2006-5614

2006-10-3101:07:00

mitre

web.nvd.nist.gov

cve-2006-5614

microsoft

windows

nat

helper

components

ipnathlp.dll

denial of service

svchost.exe

crash

dns

query

null pointer dereference

nvd

CVSS2

2.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:N/I:N/A:P

AI Score

6.6

Confidence

High

EPSS

0.971

Percentile

99.8%

JSON

Microsoft Windows NAT Helper Components (ipnathlp.dll) on Windows XP SP2, when Internet Connection Sharing is enabled, allows remote attackers to cause a denial of service (svchost.exe crash) via a malformed DNS query, which results in a null pointer dereference.

Affected configurations

Nvd

Node

microsoftwindows_nt_helper_components

Node

microsoftwindows_xpsp2tablet_pc

VendorProductVersionCPE
microsoftwindows_nt_helper_components*cpe:2.3:a:microsoft:windows_nt_helper_components:*:*:*:*:*:*:*:*
microsoftwindows_xp*cpe:2.3:o:microsoft:windows_xp:*:sp2:tablet_pc:*:*:*:*:*

Vendor	Product	Version	CPE
microsoft	windows_nt_helper_components	*	cpe:2.3:a:microsoft:windows_nt_helper_components::::::::
microsoft	windows_xp	*	cpe:2.3:o:microsoft:windows_xp::sp2:tablet_pc:::::

References

research.eeye.com/html/alerts/zeroday/20061028.html

secunia.com/advisories/22592

securitytracker.com/id?1017133

www.osvdb.org/30096

www.securityfocus.com/bid/20804

www.vupen.com/english/advisories/2006/4248

exchange.xforce.ibmcloud.com/vulnerabilities/29917

www.exploit-db.com/exploits/2672

CVSS2

2.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:N/I:N/A:P

AI Score

6.6

Confidence

High

EPSS

0.971

Percentile

99.8%

JSON

Related for CVE-2006-5614