DNS: Microsoft Windows NAT Helper Remote Denial of Service
This signature detects attempts to exploit a known vulnerability against Microsoft Windows NAT Helper. A successful attack can result in a denial-of-service condition.
Extended Description
Microsoft Windows is prone to a remote denial-of-service vulnerability because the Server service fails to properly handle unexpected network traffic. Exploiting this issue may cause affected computers to crash, denying service to legitimate users. Reports indicate that this vulnerability can be used to disable the Windows firewall. To exploit this issue, an attacker must be able to send malformed network traffic from a network interface located in the LAN side of an affected computer.
Affected Products
Microsoft windows_xp_tablet_pc_edition
Short Name
DNS:EXPLOIT:MS-WIN-NAT-HLPR-DOS
Severity
Major
Recommended
False
Recommended Action
Drop
Category
DNS
Keywords
CVE-2006-5614 Denial Helper Microsoft NAT Remote Service Windows bid:20804 of
Release Date
11/06/2012
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3339
False Positive
Unknown
Vendors
Microsoft
CVSS Score
2.6