CVE-2016-9051
published 2017-02-21CVE-2016-9051: An exploitable out-of-bounds write vulnerability exists in the batch transaction field parsing functionality of Aerospike Database Server 3.10.0.3. A specially…
PriorityP262critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
6.86%
93.2th percentile
An exploitable out-of-bounds write vulnerability exists in the batch transaction field parsing functionality of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause an out-of-bounds write resulting in memory corruption which can lead to remote code execution. An attacker can simply connect to the port to trigger this vulnerability.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| aerospike | database_server | — | — |
Detection & IOCsextracted from sources · hover to see the quote
snort↗
41213
- →CVE-2016-9051 (TALOS-2016-0265) is triggered by a specially crafted packet sent to the Aerospike Database Server's listening port targeting the batch transaction field parsing functionality; no authentication required — attacker only needs to connect and send the packet. ↗
- →Monitor for unexpected or malformed batch transaction field packets arriving at the Aerospike service port; the vulnerability is in batch transaction field parsing and results in an out-of-bounds write causing memory corruption. ↗
- ·Snort rule 41213 is specifically associated with CVE-2016-9051 (TALOS-2016-0265); rules 41209 and 41219 cover the other Aerospike CVEs in the same advisory (CVE-2016-9049 and CVE-2016-9053 respectively). Confirm correct rule-to-CVE mapping in your FireSIGHT Management Center or Snort.org before deploying. ↗
- ·Rules are subject to change as additional vulnerability information becomes available; always pull the latest rule version. ↗
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
Talos
Vulnerability Spotlight: Multiple Vulnerabilities in the Aerospike NoSQL Database Server
blogs_talos·2017-02-21·CVSS 7.5
[HIGH] Vulnerability Spotlight: Multiple Vulnerabilities in the Aerospike NoSQL Database Server
## Vulnerability Spotlight: Multiple Vulnerabilities in the Aerospike NoSQL Database Server
Vulnerabilities discovered by Talos
Talos is releasing multiple vulnerabilities discovered in the Aerospike Database Server. These vulnerabilities range from Denial of Service to potential remote code execution. This software is used by various companies that require a high performance NoSQL database. These issues have been addressed in version 3.11.1.1 of the Aerospike Database software.
The Aerospike Database Server is both a distributed and scalable NoSQL database that is used as a back-end for scalable web applications that need a key-value store. With a focus on performance, it is multi-threaded and retains its indexes entirely in ram with the ability to persist data to a solid-state drive o
Talos
Vulnerability Spotlight: Multiple Vulnerabilities in the Aerospike NoSQL Database Server
blogs_talos·2017-02-21·CVSS 7.5
[HIGH] Vulnerability Spotlight: Multiple Vulnerabilities in the Aerospike NoSQL Database Server
Vulnerabilities discovered by Talos
Talos is releasing multiple vulnerabilities discovered in the Aerospike Database Server. These vulnerabilities range from Denial of Service to potential remote code execution. This software is used by various companies that require a high performance NoSQL database. These issues have been addressed in version 3.11.1.1 of the Aerospike Database software.
The Aerospike Database Server is both a distributed and scalable NoSQL database that is used as a back-end for scalable web applications that need a key-value store. With a focus on performance, it is multi-threaded and retains its indexes entirely in ram with the ability to persist data to a solid-state drive or traditional rotational media.
TALOS-2016-0263 (CVE-2016-9049) - Aerospike Database Server
Bugzilla
CVE-2016-3086 hadoop: YARN NodeManager vulnerability
bugzilla·2017-09-06·CVSS 9.8
CVE-2016-3086 [CRITICAL] CVE-2016-3086 hadoop: YARN NodeManager vulnerability
CVE-2016-3086 hadoop: YARN NodeManager vulnerability
The YARN NodeManager in Apache Hadoop 2.6.x before 2.6.5 and 2.7.x before 2.7.3 can leak the password for credential store provider used by the NodeManager to YARN Applications.
Discussion:
External References:
http://mail-archives.apache.org/mod_mbox/hadoop-general/201701.mbox/%3C0ed32746-5a53-9051-5877-2b1abd88beb6%40apache.org%3E
---
Created hadoop tracking bugs for this issue:
Affects: fedora-25 [bug 1488799]
2017-02-21
Published