CVE-2016-9053

Name of the Vulnerable Software and Affected Versions Aerospike Database Server version 3.10.0.3

Description The issue is related to an out-of-bounds indexing vulnerability in the RW fabric message particle type. This can be triggered by a specially crafted packet, causing the server to fetch a function table outside the bounds of an array, which may result in remote code execution. An attacker can exploit this by simply connecting to the port. The vulnerability is also described as an unverified array indexing in the RW message structure, allowing a remote attacker to execute arbitrary code using a specially crafted packet.

Recommendations For Aerospike Database Server version 3.10.0.3, at the moment, there is no information about a newer version that contains a fix for this vulnerability.