A buffer overflow vulnerability exists in the handling of wildcard backend hosts of SNIProxy 0.6.0-2 and the master branch (commit: 822bb80df9b7b345cc9eba55df74a07b498819ba). A specially crafted HTTP or TLS packet can lead to arbitrary code execution. An attacker could send a malicious packet to trigger this vulnerability.
{ "vanir_signatures": [ { "id": "CVE-2023-25076-485dc03c", "signature_type": "Line", "target": { "file": "src/address.c" }, "digest": { "line_hashes": [ "138289543668888041713044531663319349476", "212909470280196749271392918238573764830", "263280346834296647149550233130201968128", "192356876502373812635224961273018974547" ], "threshold": 0.9 }, "deprecated": false, "signature_version": "v1", "source": "https://github.com/dlundquist/sniproxy/commit/f8d9a433fe22ab2fa15c00179048ab02ae23d583" }, { "id": "CVE-2023-25076-a3681126", "signature_type": "Function", "target": { "file": "src/address.c", "function": "new_address" }, "digest": { "function_hash": "11457737832399041380681785089784245979", "length": 2408.0 }, "deprecated": false, "signature_version": "v1", "source": "https://github.com/dlundquist/sniproxy/commit/f8d9a433fe22ab2fa15c00179048ab02ae23d583" } ] }