CVE-2004-1208

Orbz 2.10 - Buffer Overflow via Long Password Field in Join Request

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2004-1208. PoCs published by Luigi Auriemma.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in Orbz <= 2.10 via UDP port 28000. It sends a crafted packet to trigger the overflow, potentially allowing remote code execution.

Description

Buffer overflow in Orbz 2.10 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long password field in a join request.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Luigi Auriemma · cdoswindows

https://www.exploit-db.com/exploits/665

View Code ZIP pw:eip

This exploit targets a buffer overflow vulnerability in Orbz <= 2.10 via UDP port 28000. It sends a crafted packet to trigger the overflow, potentially allowing remote code execution.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Orbz <= 2.10

No auth needed

Prerequisites: Network access to UDP port 28000 on the target

MITRE ATT&CK

T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/18298

Mailing List mailing-list x_refsource_bugtraq

http://marc.info/?l=bugtraq&m=110176280402580&w=2

Exploit, Vendor Advisory vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/11774

Scores

EPSS 0.0762

EPSS Percentile 93.8%

Details

Status published

Products (6)

21-6_productions/orbz 2.5

21-6_productions/orbz 2.6

21-6_productions/orbz 2.7

21-6_productions/orbz 2.8

21-6_productions/orbz 2.9

21-6_productions/orbz 2.10

Published Jan 10, 2005

Tracked Since Feb 18, 2026