A buffer overflow vulnerability exists in the handling of wildcard backend hosts of SNIProxy 0.6.0-2 and the master branch (commit: 822bb80df9b7b345cc9eba55df74a07b498819ba). A specially crafted HTTP or TLS packet can lead to arbitrary code execution. An attacker could send a malicious packet to trigger this vulnerability.
References
Configurations
Configuration 1 (hide)
|
History
27 May 2023, 04:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
Information
Published : 2023-03-30 15:15
Updated : 2024-02-28 20:13
NVD link : CVE-2023-25076
Mitre link : CVE-2023-25076
CVE.ORG link : CVE-2023-25076
JSON object : View
Products Affected
sniproxy_project
- sniproxy
CWE
CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')