CVE-2003-0325

Maelstrom <= 3.0.6 - Buffer Overflow via Long Server Command Line Argument

Title source: llm

Exploitation Summary

EIP tracks 3 public exploits for CVE-2003-0325. PoCs published by ph4nt0m, CMN, Luca Ercoli.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in Maelstrom for Linux (CVE-2003-0325) by overflowing a buffer with NOP sleds and shellcode. It leverages environment variable manipulation to bypass ASLR and execute arbitrary code, potentially escalating privileges if the binary is setGID.

Description

Buffer overflow in Maelstrom 3.0.6, 3.0.5, and earlier allows local users to execute arbitrary code via a long -server command line argument.

Exploits (3)

exploitdb WORKING POC VERIFIED

by ph4nt0m · clocalfreebsd

https://www.exploit-db.com/exploits/22614

View Code ZIP pw:eip

This exploit targets a buffer overflow vulnerability in Maelstrom for Linux (CVE-2003-0325) by overflowing a buffer with NOP sleds and shellcode. It leverages environment variable manipulation to bypass ASLR and execute arbitrary code, potentially escalating privileges if the binary is setGID.

Classification

Working Poc 95%

Attack Type

Lpe

Complexity

Moderate

Reliability

Reliable

Target: Maelstrom for Linux (version unspecified)

No auth needed

Prerequisites: Local access to the target system · Maelstrom binary installed · Binary must be setGID for privilege escalation

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

exploitdb WORKING POC VERIFIED

by CMN · clocalfreebsd

https://www.exploit-db.com/exploits/22615

View Code ZIP pw:eip

This exploit targets a buffer overflow vulnerability in Maelstrom for Linux (CVE-2003-0325). It constructs a malicious payload with NOP sleds and shellcode to execute arbitrary code, specifically spawning a shell via execve syscalls.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Maelstrom v1.4.3 (GPL version 3.0.6) and Maelstrom v1.4.3 (Linux version 3.0.3)

No auth needed

Prerequisites: Local access to the target system · Maelstrom binary installed and executable

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

exploitdb WORKING POC VERIFIED

by Luca Ercoli · perllocalfreebsd

https://www.exploit-db.com/exploits/22613

View Code ZIP pw:eip

This exploit targets a buffer overflow vulnerability in Maelstrom for Linux (CVE-2003-0325) by overflowing a buffer with NOP sleds, shellcode, and a return address to achieve arbitrary code execution. The shellcode spawns a shell, and the exploit is designed for FreeBSD 4.8-RELEASE.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Maelstrom 3.0.5

No auth needed

Prerequisites: Local access to the target system · Maelstrom installed with setGID permissions

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Mailing List mailing-list x_refsource_bugtraq

http://marc.info/?l=bugtraq&m=105346309123217&w=2

Mailing List mailing-list x_refsource_bugtraq

http://marc.info/?l=bugtraq&m=105337792703887&w=2

Mailing List mailing-list x_refsource_bugtraq

http://marc.info/?l=bugtraq&m=105344501331344&w=2

Scores

EPSS 0.0105

EPSS Percentile 59.9%

Details

Status published

Products (2)

ambrosia_software/maelstrom 3.0.6

ambrosia_software/maelstrom < 3.0.5

Published Jun 09, 2003

Tracked Since Feb 18, 2026