CVE-2006-2379

Microsoft Windows 2000, Windows XP, and Windows Server 2003 - Remote Code Execution via IP Source Routing

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-2379. PoCs published by Preddy.

AI-analyzed exploit summary This exploit leverages a buffer overflow in Windows 2000's TCP/IP stack via ICMP packets with Loose Source and Record Route IP options, causing a DoS (BSOD). It uses ping and traceroute/tracert commands to send malformed packets.

Description

Buffer overflow in the TCP/IP Protocol driver in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows remote attackers to execute arbitrary code via unknown vectors related to IP source routing.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Preddy · cdoswindows
https://www.exploit-db.com/exploits/1967

This exploit leverages a buffer overflow in Windows 2000's TCP/IP stack via ICMP packets with Loose Source and Record Route IP options, causing a DoS (BSOD). It uses ping and traceroute/tracert commands to send malformed packets.

Classification
Working Poc 90%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: Windows 2000 SP4 with NAT enabled
No auth needed
Prerequisites: Windows 2000 SP4 with NAT enabled · Network access to target
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (18)

Core 18
Core References
Various Sources mailing-list x_refsource_fulldisc
http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/46702
Patch vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/18374
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1787
Patch, Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/20639
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1483
Patch, US Government Resource third-party-advisory x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/722753
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1776
US Government Resource third-party-advisory x_refsource_cert
http://www.us-cert.gov/cas/techalerts/TA06-164A.html
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/438482/100/0/threaded
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/438609/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1016290
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1712
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2018
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/26834
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1585
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2006/2329
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/26433

Scores

EPSS 0.5406
EPSS Percentile 98.9%

Details

CWE
CWE-119
Status published
Products (9)
microsoft/windows_2000 (5 CPE variants)
microsoft/windows_2003_server datacenter_64-bit sp1
microsoft/windows_2003_server enterprise (2 CPE variants)
microsoft/windows_2003_server enterprise_64-bit (2 CPE variants)
microsoft/windows_2003_server r2 (3 CPE variants)
microsoft/windows_2003_server standard (2 CPE variants)
microsoft/windows_2003_server standard_64-bit
microsoft/windows_2003_server web (2 CPE variants)
microsoft/windows_nt 4.0 (32 CPE variants)
Published Jun 13, 2006
Tracked Since Feb 18, 2026