CVE-2007-4370

Racer 0.5.3 beta 5 - Buffer Overflow

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 4 public exploits for CVE-2007-4370. PoCs published by Metasploit, fl0 fl0w, n00b, including Metasploit module exploits/windows/games/racer_503beta5.

AI-analyzed exploit summary This Metasploit module exploits a buffer overflow vulnerability in Racer v0.5.3 beta 5 by sending a maliciously crafted UDP packet to port 26000, allowing remote code execution.

Description

Multiple buffer overflows in the (1) client and (2) server in Racer 0.5.3 beta 5 allow remote attackers to execute arbitrary code via a long string to UDP port 26000.

Exploits (4)

exploitdb WORKING POC VERIFIED
by Metasploit · rubyremotewindows
https://www.exploit-db.com/exploits/16694

This Metasploit module exploits a buffer overflow vulnerability in Racer v0.5.3 beta 5 by sending a maliciously crafted UDP packet to port 26000, allowing remote code execution.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Racer Car and Racing Simulator v0.5.3 beta 5 and earlier
No auth needed
Prerequisites: Network access to UDP port 26000 on the target system
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by fl0 fl0w · cremotewindows
https://www.exploit-db.com/exploits/8253

This exploit targets a remote stack buffer overflow in Racer vs 0.5.3 beta 5, allowing arbitrary code execution via crafted packets. It includes multiple payloads (e.g., Calc.exe, bind shell) and supports customizable target IP/port.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Racer vs 0.5.3 beta 5
No auth needed
Prerequisites: Network access to target · Target running vulnerable Racer version
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by n00b · perlremotewindows
https://www.exploit-db.com/exploits/4283

This exploit targets a buffer overflow vulnerability in Racer v0.5.3 beta 5 by sending a maliciously crafted UDP packet to port 26000, overwriting the EIP register and executing shellcode for a bind shell on port 4444.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Racer v0.5.3 beta 5
No auth needed
Prerequisites: Target running Racer v0.5.3 beta 5 with UDP port 26000 exposed · Network access to the target
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit WORKING POC GREAT
rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/games/racer_503beta5.rb

This Metasploit module exploits a buffer overflow vulnerability in Racer v0.5.3 Beta 5 via UDP port 26000. It sends a maliciously crafted buffer to achieve remote code execution on vulnerable Windows systems.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Racer Car and Racing Simulator v0.5.3 Beta 5 and earlier
No auth needed
Prerequisites: Network access to UDP port 26000 · Vulnerable version of Racer installed
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/25297
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/4283
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/39601
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/35991

Scores

EPSS 0.5920
EPSS Percentile 99.0%

Details

Status published
Products (1)
racer/racer 0.5.3
Published Aug 15, 2007
Tracked Since Feb 18, 2026