CVE-2004-1215

Kreed <= 1.05 - Denial of Service via Long UDP Packet

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2004-1215.

AI-analyzed exploit summary This exploit targets multiple vulnerabilities in Kreed <= 1.05, including a format string vulnerability via client nickname, a DoS via oversized packets, and script dialog errors. The code includes network communication functions and attack logic for triggering these issues.

Description

Kreed 1.05 and earlier allows remote attackers to cause a denial of service (server disconnect) via a long UDP packet, which causes a "message too long" socket error.

Exploits (1)

exploitdb WORKING POC

cdoswindows

https://www.exploit-db.com/exploits/672

View Code ZIP pw:eip

This exploit targets multiple vulnerabilities in Kreed <= 1.05, including a format string vulnerability via client nickname, a DoS via oversized packets, and script dialog errors. The code includes network communication functions and attack logic for triggering these issues.

Classification

Working Poc 95%

Attack Type

Dos | Info Leak

Complexity

Moderate

Reliability

Reliable

Target: Kreed <= 1.05

No auth needed

Prerequisites: Network access to the target server · Target running Kreed <= 1.05

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (3)

Core 3

Core References

Mailing List mailing-list x_refsource_bugtraq

http://marc.info/?l=bugtraq&m=110201776207915&w=2

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/18344

Exploit, Vendor Advisory vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/11799

Scores

EPSS 0.0582

EPSS Percentile 90.8%

Details

Status published

Products (1)

burut/kreed 1.5

Published Jan 10, 2005

Tracked Since Feb 18, 2026