6 matches found
CVE-2016-9050
CVE-2016-9050 affects Aerospike Database Server 3.10.0.3 and is an exploitable out-of-bounds read in the client message-parsing path. The vulnerability arises in the in-memory transaction handling where the server can read beyond a field due to not validating the minimum size of the DIGEST_RIPE f...
CVE-2016-9054
CVE-2016-9054 describes a stack-based buffer overflow in Aerospike Database Server 3.10.0.3, exposed via the querying pathway. The vulnerability occurs in the function as_sindex__simatch_list_by_set_binid when processing a crafted packet that overflows an internal key buffer (setname_binid_typeid...
CVE-2016-9052
CVE-2016-9052 is an exploitable stack-based buffer overflow in Aerospike Database Server 3.10.0.3, triggered during a crafted index query. The vulnerability occurs in as_sindex__simatch_by_iname, which copies an index name into a fixed-size stack buffer (iname[AS_ID_INAME_SZ] = 256) using a lengt...
CVE-2016-9051
CVE-2016-9051 describes an exploitable out-of-bounds write in Aerospike Database Server 3.10.0.3 during batch transaction field parsing. The bug arises in as_batch_queue_task/as_msg_field handling: a missing bounds check when reading fields (field_sz) and subsequent field traversal can advance be...
CVE-2016-9053
CVE-2016-9053 affects Aerospike Database Server 3.10.0.3 via the RW fabric message particle type. A crafted fabric packet can trigger out-of-bounds indexing when decoding particle types: the server reads a type byte, uses it to index particle_vtable, and calls size_from_wire_fn, leading to remote...
CVE-2016-9049
CVE-2016-9049 : A denial-of-service in Aerospike Database Server’s fabric-worker (3.10.0.3) can be triggered by a crafted packet over TCP. The exploit writes to a NULL pointer due to a vulnerable allocation path when handling large message sizes, leading to a crash. A PoC exists and targets port ...