28 matches found
EUVD-2016-9874
Malware in sbrugna...
EUVD-2016-9870
Malware in sbrugna...
EUVD-2016-9871
Malware in sbrugna...
Aerospike Database Server Client Message Memory Disclosure Vulnerability(CVE-2016-9050)
Summary An exploitable out-of-bounds read vulnerability exists in the client message-parsing functionality of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause an out-of-bounds read resulting in disclosure of memory within the process, the same vulnerability can also be use...
Aerospike Database Server Client Batch Request Code Execution Vulnerability(CVE-2016-9051)
Summary An exploitable out-of-bounds write vulnerability exists in the batch transaction field parsing functionality of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause an out-of-bounds write resulting in memory corruption which can lead to remote code execution. An attack...
Aerospike Database Server Fabric-Worker Socket-Loop Denial-of-Service Vulnerability(CVE-2016-9049)
Summary An exploitable denial-of-service vulnerability exists in the fabric-worker component of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause the server process to dereference a null pointer. An attacker can simply connect to a TCP port in order to trigger this...
Aerospike Database Server RW Fabric Message Particle Type Code Execution Vulnerability(CVE-2016-9053)
Summary An exploitable out-of-bounds indexing vulnerability exists within the RW fabric message particle type of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause the server to fetch a function table outside the bounds of an array resulting in remote code execution. An...
The vulnerability of the packet transfer function in the Aerospike Database Server of the Oracle Database database management system allows a hacker to execute arbitrary code.
The vulnerability of the packet transfer function in the Aerospike Database Server of the Oracle Database database management system is related to writing beyond the buffer boundaries. Exploiting this vulnerability allows a malicious actor to execute arbitrary code writing beyond the memory bound...
The vulnerability of the RW-message structure in the Aerospike Database Server of the Oracle Database database management system allows a perpetrator to execute arbitrary code.
The vulnerability of the RW-message structure in the Aerospike Database Server of the Oracle Database database management system is related to unvalidated array indexing. Exploiting this vulnerability allows a malicious actor to execute arbitrary code read from beyond the memory limit using a...
CVE-2016-9049
An exploitable denial-of-service vulnerability exists in the fabric-worker component of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause the server process to dereference a null pointer. An attacker can simply connect to a TCP port in order to trigger this vulnerability...
Null pointer dereference
An exploitable denial-of-service vulnerability exists in the fabric-worker component of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause the server process to dereference a null pointer. An attacker can simply connect to a TCP port in order to trigger this vulnerability...
CVE-2016-9053
An exploitable out-of-bounds indexing vulnerability exists within the RW fabric message particle type of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause the server to fetch a function table outside the bounds of an array resulting in remote code execution. An attacker can...
CVE-2016-9053
CVE-2016-9053 affects Aerospike Database Server 3.10.0.3 via the RW fabric message particle type. A crafted fabric packet can trigger out-of-bounds indexing when decoding particle types: the server reads a type byte, uses it to index particle_vtable, and calls size_from_wire_fn, leading to remote...
CVE-2016-9051
CVE-2016-9051 describes an exploitable out-of-bounds write in Aerospike Database Server 3.10.0.3 during batch transaction field parsing. The bug arises in as_batch_queue_task/as_msg_field handling: a missing bounds check when reading fields (field_sz) and subsequent field traversal can advance be...
Aerospike Database Server Fabric-Worker Socket-Loop Denial-of-Service Vulnerability
Summary An exploitable denial-of-service vulnerability exists in the fabric-worker component of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause the server process to dereference a null pointer. An attacker can simply connect to a TCP port in order to trigger this...
Aerospike Database Server Client Batch Request Code Execution Vulnerability
Summary An exploitable out-of-bounds write vulnerability exists in the batch transaction field parsing functionality of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause an out-of-bounds write resulting in memory corruption which can lead to remote code execution. An attack...
PT-2017-9933 · Aerospike · Aerospike Database Server
Name of the Vulnerable Software and Affected Versions: Aerospike Database Server version 3.10.0.3 Description: A denial-of-service issue exists due to a specially crafted packet that can cause the server process to dereference a null pointer. An attacker can trigger this by connecting to a TCP...
Stack overflow
An exploitable stack-based buffer overflow vulnerability exists in the querying functionality of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause a stack-based buffer overflow in the function assindexsimatchbyiname resulting in remote code execution. An attacker can simply...
Stack overflow
An exploitable stack-based buffer overflow vulnerability exists in the querying functionality of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause a stack-based buffer overflow in the function assindexsimatchlistbysetbinid resulting in remote code execution. An attacker can...
CVE-2016-9054
An exploitable stack-based buffer overflow vulnerability exists in the querying functionality of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause a stack-based buffer overflow in the function assindexsimatchlistbysetbinid resulting in remote code execution. An attacker can...