cbcvebase.
CVE-2016-9053
published 2017-02-21

CVE-2016-9053: An exploitable out-of-bounds indexing vulnerability exists within the RW fabric message particle type of Aerospike Database Server 3.10.0.3. A specially…

PriorityP265critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
7.25%
93.6th percentile
An exploitable out-of-bounds indexing vulnerability exists within the RW fabric message particle type of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause the server to fetch a function table outside the bounds of an array resulting in remote code execution. An attacker can simply connect to the port to trigger this vulnerability.

Affected

1 ranges
VendorProductVersion rangeFixed in
aerospikedatabase_server

Detection & IOCsextracted from sources · hover to see the quote

snort
41219
  • CVE-2016-9053 (TALOS-2016-0267) is triggered by simply connecting to the Aerospike fabric listening port and sending a specially crafted packet with a malformed RW fabric message particle type field; no authentication is required.
  • Use Snort rule 41219 (and related rules 41209, 41213 for the broader Aerospike vuln set) to detect exploitation attempts against Aerospike Database Server.
  • ·Vulnerability was confirmed on Aerospike Database Server 3.10.0.3; patched in version 3.11.1.1. Ensure tested/deployed version is identified before applying detection rules.
  • ·Snort rules 41209, 41213, and 41219 cover multiple Aerospike CVEs (CVE-2016-9049, CVE-2016-9051, CVE-2016-9053 respectively); rule 41219 is specifically associated with CVE-2016-9053 based on ordering, but verify rule mapping in FireSIGHT/Snort.org as rules are subject to change.

CVSS provenance

nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.