CVE-2011-10020

HIGH

Kaillera Server 0.86 - DoS

Title source: llm

Description

Kaillera Server version 0.86 is vulnerable to a denial-of-service condition triggered by sending a malformed UDP packet after the initial handshake. Once a client sends a valid HELLO0.83 packet and receives a response, any subsequent malformed packet causes the server to crash and become unresponsive. This flaw stems from improper input validation in the server’s UDP packet handler, allowing unauthenticated remote attackers to disrupt service availability.

Exploits (2)

exploitdb WORKING POC

by Sil3nt_Dre4m · perlremotewindows

https://www.exploit-db.com/exploits/17460

View Code ZIP pw:eip

metasploit WORKING POC

by Sil3nt_Dre4m · rubypoc

https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/dos/windows/games/kaillera.rb

View Code ZIP pw:eip

References (4)

[Various Sources] https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/auxiliary/dos/windows/games/kaillera.rb

[Various Sources] http://kaillera.com/

[Third Party Advisory] https://www.vulncheck.com/advisories/kaillera-server-dos-via-malformed-udp-packet

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/17460

Scores

CVSS v4 8.7

EPSS 0.4726

EPSS Percentile 97.7%

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Details

CWE

CWE-20

Status published

Products (1)

Kaillera Project/Server < 0.86

Published Aug 20, 2025

Tracked Since Feb 18, 2026