4 matches found
Debian DSA-5413-1 : sniproxy - security update
The remote Debian 11 host has a package installed that is affected by a vulnerability as referenced in the dsa-5413 advisory. An issue has been found in sniproxy, a transparent TLS and HTTP layer 4 proxy with SNI support. Due to bad handling of wildcard backend hosts, a crafted HTTP or TLS packet...
Updated sniproxy packages fix security vulnerability
A buffer overflow vulnerability exists in the handling of wildcard backend hosts of SNIProxy. A specially crafted HTTP or TLS packet can lead to arbitrary code execution. An attacker could send a malicious packet to trigger this vulnerability. CVE-2023-25076...
UBUNTU-CVE-2023-25076
A buffer overflow vulnerability exists in the handling of wildcard backend hosts of SNIProxy 0.6.0-2 and the master branch commit: 822bb80df9b7b345cc9eba55df74a07b498819ba. A specially crafted HTTP or TLS packet can lead to arbitrary code execution. An attacker could send a malicious packet to...
Vulnerability Spotlight: SNIProxy contains remote code execution vulnerability
Keane OKelley of Cisco ASIG discovered this vulnerability. Cisco ASIG recently discovered a remote code execution vulnerability in the SNIProxy open-source tool that occurs when the user utilizes wildcard backend hosts. SNIProxy proxies incoming HTTP and TLS connections based on the hostname...