Headline
Debian Security Advisory 5413-1
Debian Linux Security Advisory 5413-1 - An issue has been found in sniproxy, a transparent TLS and HTTP layer 4 proxy with SNI support. Due to bad handling of wildcard backend hosts, a crafted HTTP or TLS packet might lead to remote arbitrary code execution.
-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA256- -------------------------------------------------------------------------Debian Security Advisory DSA-5413-1 [email protected]://www.debian.org/security/ Thorsten AlteholzMay 26, 2023 https://www.debian.org/security/faq- -------------------------------------------------------------------------Package : sniproxyCVE ID : CVE-2023-25076Debian Bug : 1033752An issue has been found in sniproxy, a transparent TLS and HTTP layer 4proxy with SNI support. Due to bad handling of wildcard backend hosts,a crafted HTTP or TLS packet might lead to remote arbitrary codeexecution.For the stable distribution (bullseye), this problem has been fixed inversion 0.6.0-2+deb11u1.We recommend that you upgrade your sniproxy packages.For the detailed security status of sniproxy please refer toits security tracker page at:https://security-tracker.debian.org/tracker/sniproxyFurther information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: [email protected] PGP SIGNATURE-----iQEzBAEBCAAdFiEEhhz+aYQl/Bp4OTA7O1LKKgqv2VQFAmRwsRMACgkQO1LKKgqv2VRavQgAuKHflNXCnnu4VYTdqVME/Gkm37TyaxmrIaWliakXlQcz56ZIVBAdbko4mUgqaWBleXcSXRNe/D+9I8ugQUSVzWXNXqOcu9Z+nQzlpHpB+wQR/rMrC97Ep00NLcEELevoz20uDf6ufU+AQixYyfthvncwKcj0TFp4G4VcQboB5CocCVhlXvqEtimch/M117hfKEsD5AJWY04vXicmCqZWrtEjKUSNkZkrRKT/7u4DTkYcYgYsPBKCT0vPGf2XpWEP0bJb7vRyrPq5BnoLXJclF/t6CqD4L9MtBP1gwHPrtJQmgYdjyWm7wKvKAKXINGSUIYDZKOw/3EEkzL2tHOSxng===0CH/-----END PGP SIGNATURE-----
Related news
Ubuntu Security Notice 6148-1 - It was discovered that SNI Proxy did not properly handle wildcard backend hosts. An attacker could possibly use this issue to cause a buffer overflow, resulting in a denial of service, or arbitrary code execution.
A buffer overflow vulnerability exists in the handling of wildcard backend hosts of SNIProxy 0.6.0-2 and the master branch (commit: 822bb80df9b7b345cc9eba55df74a07b498819ba). A specially crafted HTTP, TLS or DTLS packet can lead to arbitrary code execution. An attacker could send a malicious packet to trigger this vulnerability.
An attacker could exploit this vulnerability by sending a specially crafted HTTP, TLS or DTLS packet to the target machine, potentially causing a denial of service or gaining the ability to execute remote code.