Aerospike Database Server 3.10.0.3 Batch Transaction Field Parsing Out-of-Bounds Write Vulnerability

Aerospike Database Server 3.10.0.3 Batch Transaction Field Parsing Out-of-Bounds Write Vulnerability

CVE-2016-9051 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

An exploitable out-of-bounds write vulnerability exists in the batch transaction field parsing functionality of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause an out-of-bounds write resulting in memory corruption which can lead to remote code execution. An attacker can simply connect to the port to trigger this vulnerability.

Learn more about our Cis Benchmark Audit For Server Software.