CVE-2003-0407

Gnome Batalla Naval 1.0.4 - Remote Code Execution via Long Connection String

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2003-0407. PoCs published by jsk, wsxz.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in Batalla Naval game server (CVE-2003-0407) by sending a crafted payload with NOP sleds and shellcode to achieve remote code execution. The shellcode binds a shell to a high port (30464) for reverse connection.

Description

Buffer overflow in gbnserver for Gnome Batalla Naval 1.0.4 allows remote attackers to execute arbitrary code via a long connection string.

Exploits (2)

exploitdb WORKING POC VERIFIED

by jsk · cremotelinux

https://www.exploit-db.com/exploits/22659

View Code ZIP pw:eip

This exploit targets a buffer overflow vulnerability in Batalla Naval game server (CVE-2003-0407) by sending a crafted payload with NOP sleds and shellcode to achieve remote code execution. The shellcode binds a shell to a high port (30464) for reverse connection.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Batalla Naval game server

No auth needed

Prerequisites: Network access to the vulnerable game server · Game server running on port 1995

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

exploitdb WORKING POC VERIFIED

by wsxz · perlremotelinux

https://www.exploit-db.com/exploits/22658

View Code ZIP pw:eip

This exploit targets a buffer overflow vulnerability in Gnome Batalla Naval Server v1.0.4. It sends a crafted payload with shellcode to achieve remote code execution by overwriting the return address and GOT entry.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Gnome Batalla Naval Server v1.0.4

No auth needed

Prerequisites: Network access to the target server · Target server running Gnome Batalla Naval Server v1.0.4

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Exploit, Vendor Advisory vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/7699

Mailing List mailing-list x_refsource_bugtraq

http://marc.info/?l=bugtraq&m=105405668423102&w=2

Vendor Advisory vdb-entry x_refsource_xf

http://www.iss.net/security_center/static/12087.php

Scores

EPSS 0.1635

EPSS Percentile 96.6%

Details

Status published

Products (1)

gnome/batalla_naval 1.0_4

Published Jun 30, 2003

Tracked Since Feb 18, 2026