MGASA-2023-0178 - Updated sniproxy packages fix security vulnerability Publication date: 21 May 2023 URL: https://advisories.mageia.org/MGASA-2023-0178.html Type: security Affected Mageia releases: 8 CVE: A buffer overflow vulnerability exists in the handling of wildcard backend hosts of SNIProxy. A specially crafted HTTP or TLS packet can lead to arbitrary code execution. An attacker could send a malicious packet to trigger this vulnerability. (CVE-2023-25076) References: - https://bugs.mageia.org/show_bug.cgi?id=31879 - https://www.debian.org/lts/security/2023/dla-3406 - https://cve.mitre.org/cgi-bin/cvename.cgi?name= SRPMS: - 8/core/sniproxy-0.6.1-1.mga8
Mageia 2023-0178: sniproxy security update
A buffer overflow vulnerability exists in the handling of wildcard backend hosts of SNIProxy
Summary
A buffer overflow vulnerability exists in the handling of wildcard backend
hosts of SNIProxy. A specially crafted HTTP or TLS packet can lead to
arbitrary code execution. An attacker could send a malicious packet to
trigger this vulnerability. (CVE-2023-25076)
References
- https://bugs.mageia.org/show_bug.cgi?id=31879
- https://www.debian.org/lts/security/2023/dla-3406
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=
Resolution
MGASA-2023-0178 - Updated sniproxy packages fix security vulnerability
SRPMS
- 8/core/sniproxy-0.6.1-1.mga8
Severity
Publication date: 21 May 2023
URL: https://advisories.mageia.org/MGASA-2023-0178.html
Type: security
CVE:
News
HOWTOs
About Us
Powered By
