CVE-2005-0621

Scrapland 1.0 and earlier - Denial of Service via Error Handling

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2005-0621. PoCs published by Luigi Auriemma.

AI-analyzed exploit summary This exploit targets a denial-of-service (DoS) vulnerability in Scrapland <= 1.0 by sending malformed UDP packets to crash the server. It includes multiple attack vectors such as oversized text strings and invalid model references.

Description

Scrapland 1.0 and earlier allows remote attackers to cause a denial of service (server termination) by triggering an error, which is treated as a fatal error by the server, as demonstrated using (1) signed integers for size values, (2) an invalid model, (3) a "newpos" value that is less than or equal to a size value, or (4) partial packets.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Luigi Auriemma · cdoswindows

https://www.exploit-db.com/exploits/849

View Code ZIP pw:eip

This exploit targets a denial-of-service (DoS) vulnerability in Scrapland <= 1.0 by sending malformed UDP packets to crash the server. It includes multiple attack vectors such as oversized text strings and invalid model references.

Classification

Working Poc 95%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Scrapland <= 1.0

No auth needed

Prerequisites: Network access to the target server

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/14435

Third Party Advisory x_refsource_misc

http://aluigi.altervista.org/adv/scrapboom-adv.txt

Mailing List mailing-list x_refsource_fulldisc

http://marc.info/?l=full-disclosure&m=110961578504928&w=2

Scores

EPSS 0.0316

EPSS Percentile 86.3%

Details

Status published

Products (1)

enlight_software/scrapland 1.0

Published May 02, 2005

Tracked Since Feb 18, 2026