Kaillera Server Denial-of-Service Vulnerability

A denial-of-service vulnerability has been identified in Kaillera Server version 0.86. The issue arises from improper input validation in the server's UDP packet handler, allowing unauthenticated remote attackers to send malformed UDP packets that disrupt the server's availability. The vulnerability is triggered after a client has completed the initial handshake by sending a valid HELLO0.83 packet. Once this handshake is established, any subsequent malformed packet causes the server to crash and become unresponsive.

Impact

Exploitation of this vulnerability causes the Kaillera server to crash and become unresponsive, disrupting any active game sessions.

Reproduction

The vulnerability can be reproduced by sending a malformed UDP packet to a Kaillera server version 0.86 after the initial handshake has been completed. This can be done using a tool like Metasploit, which has a module available for this specific denial-of-service attack. The Metasploit module handles the entire process, including establishing the initial connection and sending the malformed packet that triggers the denial-of-service condition.