Lucene search
K

4 matches found

Tenable Nessus
Tenable Nessus
added 2023/05/27 12:0 a.m.22 views

Debian DSA-5413-1 : sniproxy - security update

The remote Debian 11 host has a package installed that is affected by a vulnerability as referenced in the dsa-5413 advisory. An issue has been found in sniproxy, a transparent TLS and HTTP layer 4 proxy with SNI support. Due to bad handling of wildcard backend hosts, a crafted HTTP or TLS packet...

9.8CVSS8.3AI score0.65515EPSS
Exploits1References6
Mageia
Mageia
added 2023/05/21 8:42 a.m.37 views

Updated sniproxy packages fix security vulnerability

A buffer overflow vulnerability exists in the handling of wildcard backend hosts of SNIProxy. A specially crafted HTTP or TLS packet can lead to arbitrary code execution. An attacker could send a malicious packet to trigger this vulnerability. CVE-2023-25076...

9.8CVSS7.9AI score0.65515EPSS
Exploits1References2
OSV
OSV
added 2023/03/30 3:15 p.m.2 views

UBUNTU-CVE-2023-25076

A buffer overflow vulnerability exists in the handling of wildcard backend hosts of SNIProxy 0.6.0-2 and the master branch commit: 822bb80df9b7b345cc9eba55df74a07b498819ba. A specially crafted HTTP or TLS packet can lead to arbitrary code execution. An attacker could send a malicious packet to...

9.8CVSS7.8AI score0.65515EPSS
Exploits1References5
Talos Blog
Talos Blog
added 2023/03/30 2:35 p.m.24 views

Vulnerability Spotlight: SNIProxy contains remote code execution vulnerability

Keane OKelley of Cisco ASIG discovered this vulnerability. Cisco ASIG recently discovered a remote code execution vulnerability in the SNIProxy open-source tool that occurs when the user utilizes wildcard backend hosts. SNIProxy proxies incoming HTTP and TLS connections based on the hostname...

9.8AI score0.65515EPSS
Exploits1
Rows per page
Query Builder