CVE-2016-9052

Name of the Vulnerable Software and Affected Versions Aerospike Database Server version 3.10.0.3

Description The issue is related to a stack-based buffer overflow in the querying functionality of the Aerospike Database Server. This occurs in the as sindex simatch by iname function, allowing for remote code execution when a specially crafted packet is sent. An attacker can exploit this by simply connecting to the port and sending the crafted packet.

Recommendations For Aerospike Database Server version 3.10.0.3, consider disabling the as sindex simatch by iname function as a temporary workaround until a patch is available. Restrict access to the affected port to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.