Aerospike NoSQL server DBAs, make sure you’ve rolled out version 220.127.116.11, because the vulnerabilities it fixes have been made public.
Cisco Talos made the three-vuln disclosure after the fix landed, including one denial-of-service and two code execution bugs – all easy to trigger by sending crafted packets.
In the DoS bug, designated CVE-2016-9049, the crafted packet makes the server process crash by dereferencing a null pointer.
In CVE-2016-9051, a crafted packet sent to a listening port triggers “an out-of-bounds write which causes memory corruption that can lead to remote code execution”.
The same approach applies to CVE-2016-9053, because of an “out-of-bounds indexing vulnerability in the RW fabric message particle type of the Aerospike Database Server”. The crafted packet makes the server fetch a function table outside the bounds of an array.
Aerospike released the updated version on February 15. ®
Source: SANS ISC SecNewsFeed @ February 21, 2017 at 08:27PM