CVE-2016-9051

Name of the Vulnerable Software and Affected Versions Aerospike Database Server version 3.10.0.3

Description The issue is related to an out-of-bounds write vulnerability in the batch transaction field parsing functionality. This can be triggered by a specially crafted packet, leading to memory corruption and potentially allowing remote code execution. An attacker can exploit this by simply connecting to the port.

Recommendations For Aerospike Database Server version 3.10.0.3, consider restricting access to the batch transaction field parsing functionality until a patch is available. As a temporary workaround, limit connections to the affected port to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.