CVE-2004-2077

Nadeo Game Engine - Denial of Service via Malformed TCP Data to Port 2350

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2004-2077. PoCs published by scrap.

AI-analyzed exploit summary This exploit sends arbitrary data to TCP port 2350 of the Nadeo Game Engine, causing a denial of service (DoS) by crashing or hanging the Trackmania game server. The PoC is a simple C program that establishes a connection and sends a crafted string.

Description

Nadeo Game Engine for Nadeo TrackMania and Nadeo Virtual Skipper 3 allows remote attackers to cause a denial of service (server crash) via malformed data to TCP port 2350, possibly due to long values or incorrect size fields.

Exploits (1)

exploitdb WORKING POC VERIFIED

by scrap · cdoslinux

https://www.exploit-db.com/exploits/23662

View Code ZIP pw:eip

This exploit sends arbitrary data to TCP port 2350 of the Nadeo Game Engine, causing a denial of service (DoS) by crashing or hanging the Trackmania game server. The PoC is a simple C program that establishes a connection and sends a crafted string.

Classification

Working Poc 95%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Nadeo Game Engine (Trackmania demo version)

No auth needed

Prerequisites: Network access to the target's TCP port 2350

MITRE ATT&CK