CVE-2023-25076

A buffer overflow vulnerability exists in the handling of wildcard backend hosts of SNIProxy 0.6.0-2 and the master branch (commit: 822bb80df9b7b345cc9eba55df74a07b498819ba). A specially crafted HTTP or TLS packet can lead to arbitrary code execution. An attacker could send a malicious packet to trigger this vulnerability.

References

Affected packages

Git / github.com/dlundquist/sniproxy

Affected ranges

Type: GIT
Repo: https://github.com/dlundquist/sniproxy
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

f8d9a433fe22ab2fa15c00179048ab02ae23d583

Affected versions

0.*

0.3

0.3.1

0.3.2

0.3.3

0.3.4

0.3.5

0.3.6

0.4.0

0.5.0

0.6.0

Database specific

vanir_signatures

[
    {
        "id": "CVE-2023-25076-485dc03c",
        "deprecated": false,
        "signature_version": "v1",
        "target": {
            "file": "src/address.c"
        },
        "source": "https://github.com/dlundquist/sniproxy/commit/f8d9a433fe22ab2fa15c00179048ab02ae23d583",
        "digest": {
            "line_hashes": [
                "138289543668888041713044531663319349476",
                "212909470280196749271392918238573764830",
                "263280346834296647149550233130201968128",
                "192356876502373812635224961273018974547"
            ],
            "threshold": 0.9
        },
        "signature_type": "Line"
    },
    {
        "id": "CVE-2023-25076-a3681126",
        "deprecated": false,
        "signature_version": "v1",
        "target": {
            "function": "new_address",
            "file": "src/address.c"
        },
        "source": "https://github.com/dlundquist/sniproxy/commit/f8d9a433fe22ab2fa15c00179048ab02ae23d583",
        "digest": {
            "length": 2408.0,
            "function_hash": "11457737832399041380681785089784245979"
        },
        "signature_type": "Function"
    }
]