{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2011-10020", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "state": "PUBLISHED", "assignerShortName": "VulnCheck", "dateReserved": "2025-08-18T18:16:21.770Z", "datePublished": "2025-08-20T15:35:41.803Z", "dateUpdated": "2025-08-22T16:21:17.838Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "modules": ["UDP packet handler"], "product": "Server", "vendor": "Kaillera Project", "versions": [{"lessThanOrEqual": "0.86", "status": "affected", "version": "*", "versionType": "semver"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Sil3nt_Dre4m"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Kaillera Server version 0.86 is vulnerable to a denial-of-service condition triggered by sending a malformed UDP packet after the initial handshake. Once a client sends a valid HELLO0.83 packet and receives a response, any subsequent malformed packet causes the server to crash and become unresponsive. This flaw stems from improper input validation in the server\u2019s UDP packet handler, allowing unauthenticated remote attackers to disrupt service availability."}], "value": "Kaillera Server version 0.86 is vulnerable to a denial-of-service condition triggered by sending a malformed UDP packet after the initial handshake. Once a client sends a valid HELLO0.83 packet and receives a response, any subsequent malformed packet causes the server to crash and become unresponsive. This flaw stems from improper input validation in the server\u2019s UDP packet handler, allowing unauthenticated remote attackers to disrupt service availability."}], "impacts": [{"capecId": "CAPEC-130", "descriptions": [{"lang": "en", "value": "CAPEC-130 Excessive Allocation"}]}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "baseScore": 8.7, "baseSeverity": "HIGH", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-20", "description": "CWE-20 Improper Input Validation", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2025-08-20T15:35:41.803Z"}, "references": [{"tags": ["exploit"], "url": "https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/auxiliary/dos/windows/games/kaillera.rb"}, {"tags": ["exploit"], "url": "https://www.exploit-db.com/exploits/17460"}, {"tags": ["product"], "url": "http://kaillera.com/"}, {"tags": ["third-party-advisory"], "url": "https://www.vulncheck.com/advisories/kaillera-server-dos-via-malformed-udp-packet"}], "source": {"discovery": "UNKNOWN"}, "tags": ["unsupported-when-assigned"], "title": "Kaillera 0.86 Server DoS via Malformed UDP Packet", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"references": [{"url": "https://www.exploit-db.com/exploits/17460", "tags": ["exploit"]}, {"url": "https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/auxiliary/dos/windows/games/kaillera.rb", "tags": ["exploit"]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-08-22T16:21:09.395156Z", "id": "CVE-2011-10020", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-08-22T16:21:17.838Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2011-10020", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-08-22T16:21:09.395156Z"}}}], "references": [{"url": "https://www.exploit-db.com/exploits/17460", "tags": ["exploit"]}, {"url": "https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/auxiliary/dos/windows/games/kaillera.rb", "tags": ["exploit"]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-08-22T16:20:58.543Z"}}], "cna": {"tags": ["unsupported-when-assigned"], "title": "Kaillera 0.86 Server DoS via Malformed UDP Packet", "source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "finder", "value": "Sil3nt_Dre4m"}], "impacts": [{"capecId": "CAPEC-130", "descriptions": [{"lang": "en", "value": "CAPEC-130 Excessive Allocation"}]}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 8.7, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Kaillera Project", "modules": ["UDP packet handler"], "product": "Server", "versions": [{"status": "affected", "version": "*", "versionType": "semver", "lessThanOrEqual": "0.86"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/auxiliary/dos/windows/games/kaillera.rb", "tags": ["exploit"]}, {"url": "https://www.exploit-db.com/exploits/17460", "tags": ["exploit"]}, {"url": "http://kaillera.com/", "tags": ["product"]}, {"url": "https://www.vulncheck.com/advisories/kaillera-server-dos-via-malformed-udp-packet", "tags": ["third-party-advisory"]}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "Kaillera Server version 0.86 is vulnerable to a denial-of-service condition triggered by sending a malformed UDP packet after the initial handshake. Once a client sends a valid HELLO0.83 packet and receives a response, any subsequent malformed packet causes the server to crash and become unresponsive. This flaw stems from improper input validation in the server\u2019s UDP packet handler, allowing unauthenticated remote attackers to disrupt service availability.", "supportingMedia": [{"type": "text/html", "value": "Kaillera Server version 0.86 is vulnerable to a denial-of-service condition triggered by sending a malformed UDP packet after the initial handshake. Once a client sends a valid HELLO0.83 packet and receives a response, any subsequent malformed packet causes the server to crash and become unresponsive. This flaw stems from improper input validation in the server\u2019s UDP packet handler, allowing unauthenticated remote attackers to disrupt service availability.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-20", "description": "CWE-20 Improper Input Validation"}]}], "providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2025-08-20T15:35:41.803Z"}}}, "cveMetadata": {"cveId": "CVE-2011-10020", "state": "PUBLISHED", "dateUpdated": "2025-08-22T16:21:17.838Z", "dateReserved": "2025-08-18T18:16:21.770Z", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "datePublished": "2025-08-20T15:35:41.803Z", "assignerShortName": "VulnCheck"}, "dataVersion": "5.1"}

{"cveTags": [{"sourceIdentifier": "disclosure@vulncheck.com", "tags": ["unsupported-when-assigned"]}], "descriptions": [{"lang": "en", "value": "Kaillera Server version 0.86 is vulnerable to a denial-of-service condition triggered by sending a malformed UDP packet after the initial handshake. Once a client sends a valid HELLO0.83 packet and receives a response, any subsequent malformed packet causes the server to crash and become unresponsive. This flaw stems from improper input validation in the server\u2019s UDP packet handler, allowing unauthenticated remote attackers to disrupt service availability."}, {"lang": "es", "value": "La versi\u00f3n 0.86 de Kaillera Server es vulnerable a una condici\u00f3n de denegaci\u00f3n de servicio (DDS) que se activa al enviar un paquete UDP malformado tras el protocolo de enlace inicial. Una vez que un cliente env\u00eda un paquete HELLO0.83 v\u00e1lido y recibe una respuesta, cualquier paquete malformado posterior provoca el bloqueo del servidor y deja de responder. Esta vulnerabilidad se debe a una validaci\u00f3n de entrada incorrecta en el controlador de paquetes UDP del servidor, lo que permite a atacantes remotos no autenticados interrumpir la disponibilidad del servicio."}], "id": "CVE-2011-10020", "lastModified": "2025-08-22T18:09:17.710", "metrics": {"cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 8.7, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "disclosure@vulncheck.com", "type": "Secondary"}]}, "published": "2025-08-20T16:15:34.327", "references": [{"source": "disclosure@vulncheck.com", "url": "http://kaillera.com/"}, {"source": "disclosure@vulncheck.com", "url": "https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/auxiliary/dos/windows/games/kaillera.rb"}, {"source": "disclosure@vulncheck.com", "url": "https://www.exploit-db.com/exploits/17460"}, {"source": "disclosure@vulncheck.com", "url": "https://www.vulncheck.com/advisories/kaillera-server-dos-via-malformed-udp-packet"}, {"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "url": "https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/auxiliary/dos/windows/games/kaillera.rb"}, {"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "url": "https://www.exploit-db.com/exploits/17460"}], "sourceIdentifier": "disclosure@vulncheck.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "disclosure@vulncheck.com", "type": "Secondary"}]}

{}

{}