EIP-2026-103131

PRE-CVE

Half-Life Server 3.1.1.0 - Remote Buffer Overflow

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-103131. PoCs published by greuff.

AI-analyzed exploit summary This exploit targets a stack-based buffer overflow in Half-Life Linux servers (v3.1.1.0) by sending a maliciously crafted UDP packet. It leverages a 'call *%eax' instruction at a fixed address (0x0804AE93) to execute shellcode that binds a shell to port 30464.

Description

Half-Life Server 3.1.1.0 - Remote Buffer Overflow

Exploits (1)

exploitdb WORKING POC VERIFIED

by greuff · cremotelinux

https://www.exploit-db.com/exploits/4541

View Code ZIP pw:eip

This exploit targets a stack-based buffer overflow in Half-Life Linux servers (v3.1.1.0) by sending a maliciously crafted UDP packet. It leverages a 'call *%eax' instruction at a fixed address (0x0804AE93) to execute shellcode that binds a shell to port 30464.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Half-Life Server v3.1.1.0 (Linux)

No auth needed

Prerequisites: Network access to the target server on UDP port 27015 · Target must be a Linux Half-Life server version 3.1.1.0

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026