HTTP: SNIProxy new_address Stack Buffer Overflow
This signature detects attempts to exploit a known vulnerability against SNI Proxy. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the SNI Proxy.
Extended Description
A buffer overflow vulnerability exists in the handling of wildcard backend hosts of SNIProxy 0.6.0-2 and the master branch (commit: 822bb80df9b7b345cc9eba55df74a07b498819ba). A specially crafted HTTP or TLS packet can lead to arbitrary code execution. An attacker could send a malicious packet to trigger this vulnerability.
Affected Products
Sniproxy_project sniproxy
References
CVE: CVE-2023-25076
Short Name
HTTP:CTS:SNIPROXY-STACK-BO
Severity
Major
Recommended
True
Recommended Action
Drop
Category
HTTP
Keywords
Buffer CVE-2023-25076 Overflow SNIProxy Stack new_address
Release Date
09/21/2023
Supported Platforms
srx-branch-19.3
vsrx3bsd-19.2
srx-19.4
vsrx3bsd-19.4
srx-branch-19.4
vsrx-19.4
vsrx-19.2
srx-19.3
Sigpack Version
3635
False Positive
Unknown
Vendors
Sniproxy_project