Jan. 26, 2023, 10:15 p.m. |

National Vulnerability Database web.nvd.nist.gov

Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer overflow is in the function that manages the 'no vpn schedule name1 WORD name2 WORD policy (failover|backup) description (WORD|null)' command template.

backup buffer buffer overflow command cve failover function network network packet overflow packet parsing policy requests send template trigger vpn vulnerabilities word

Information Security Engineers

@ D. E. Shaw Research | New York City

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA

Senior Product Delivery Associate - Cybersecurity | CyberOps

@ JPMorgan Chase & Co. | NY, United States

Security Ops Infrastructure Engineer (Remote US):

@ RingCentral | Remote, USA

SOC Analyst-1

@ NTT DATA | Bengaluru, India