CVE-2016-9053
published 2017-02-21CVE-2016-9053: An exploitable out-of-bounds indexing vulnerability exists within the RW fabric message particle type of Aerospike Database Server 3.10.0.3. A specially…
PriorityP265critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
7.25%
93.6th percentile
An exploitable out-of-bounds indexing vulnerability exists within the RW fabric message particle type of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause the server to fetch a function table outside the bounds of an array resulting in remote code execution. An attacker can simply connect to the port to trigger this vulnerability.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| aerospike | database_server | — | — |
Detection & IOCsextracted from sources · hover to see the quote
snort↗
41219
- →CVE-2016-9053 (TALOS-2016-0267) is triggered by simply connecting to the Aerospike fabric listening port and sending a specially crafted packet with a malformed RW fabric message particle type field; no authentication is required. ↗
- →Use Snort rule 41219 (and related rules 41209, 41213 for the broader Aerospike vuln set) to detect exploitation attempts against Aerospike Database Server. ↗
- ·Vulnerability was confirmed on Aerospike Database Server 3.10.0.3; patched in version 3.11.1.1. Ensure tested/deployed version is identified before applying detection rules. ↗
- ·Snort rules 41209, 41213, and 41219 cover multiple Aerospike CVEs (CVE-2016-9049, CVE-2016-9051, CVE-2016-9053 respectively); rule 41219 is specifically associated with CVE-2016-9053 based on ordering, but verify rule mapping in FireSIGHT/Snort.org as rules are subject to change. ↗
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
Talos
Vulnerability Spotlight: Multiple Vulnerabilities in the Aerospike NoSQL Database Server
blogs_talos·2017-02-21·CVSS 7.5
[HIGH] Vulnerability Spotlight: Multiple Vulnerabilities in the Aerospike NoSQL Database Server
## Vulnerability Spotlight: Multiple Vulnerabilities in the Aerospike NoSQL Database Server
Vulnerabilities discovered by Talos
Talos is releasing multiple vulnerabilities discovered in the Aerospike Database Server. These vulnerabilities range from Denial of Service to potential remote code execution. This software is used by various companies that require a high performance NoSQL database. These issues have been addressed in version 3.11.1.1 of the Aerospike Database software.
The Aerospike Database Server is both a distributed and scalable NoSQL database that is used as a back-end for scalable web applications that need a key-value store. With a focus on performance, it is multi-threaded and retains its indexes entirely in ram with the ability to persist data to a solid-state drive o
Talos
Vulnerability Spotlight: Multiple Vulnerabilities in the Aerospike NoSQL Database Server
blogs_talos·2017-02-21·CVSS 7.5
[HIGH] Vulnerability Spotlight: Multiple Vulnerabilities in the Aerospike NoSQL Database Server
Vulnerabilities discovered by Talos
Talos is releasing multiple vulnerabilities discovered in the Aerospike Database Server. These vulnerabilities range from Denial of Service to potential remote code execution. This software is used by various companies that require a high performance NoSQL database. These issues have been addressed in version 3.11.1.1 of the Aerospike Database software.
The Aerospike Database Server is both a distributed and scalable NoSQL database that is used as a back-end for scalable web applications that need a key-value store. With a focus on performance, it is multi-threaded and retains its indexes entirely in ram with the ability to persist data to a solid-state drive or traditional rotational media.
TALOS-2016-0263 (CVE-2016-9049) - Aerospike Database Server
2017-02-21
Published