USN-6148-1: SNI Proxy vulnerability
12 June 2023
SNI Proxy could be made to crash or run programs if it received specially crafted input.
- sniproxy - Transparent TLS and HTTP layer 4 proxy with SNI support
It was discovered that SNI Proxy did not properly handle wildcard backend
hosts. An attacker could possibly use this issue to cause a buffer overflow,
resulting in a denial of service, or arbitrary code execution.
The problem can be corrected by updating your system to the following package versions:
In general, a standard system update will make all the necessary changes.