exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Debian Security Advisory 3577-1

Debian Security Advisory 3577-1
Posted May 16, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3577-1 - Gustavo Grieco discovered that jansson, a C library for encoding, decoding and manipulating JSON data, did not limit the recursion depth when parsing JSON arrays and objects. This could allow remote attackers to cause a denial of service (crash) via stack exhaustion, using crafted JSON data.

tags | advisory, remote, denial of service
systems | linux, debian
advisories | CVE-2016-4425
SHA-256 | 35e0db4c71f3007af50999c51a455a7780263187a843797552b6d84891ce2fb6

Debian Security Advisory 3577-1

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-3577-1 security@debian.org
https://www.debian.org/security/ Alessandro Ghedini
May 14, 2016 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : jansson
CVE ID : CVE-2016-4425
Debian Bug : 823238

Gustavo Grieco discovered that jansson, a C library for encoding,
decoding and manipulating JSON data, did not limit the recursion depth
when parsing JSON arrays and objects. This could allow remote attackers
to cause a denial of service (crash) via stack exhaustion, using crafted
JSON data.

For the stable distribution (jessie), this problem has been fixed in
version 2.7-1+deb8u1.

For the unstable distribution (sid), this problem has been fixed in
version 2.7-5.

We recommend that you upgrade your jansson packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCgAGBQJXN1f0AAoJEK+lG9bN5XPL6yMP/0rcvD6Leb575MxsRC1eq5oL
NrwgqJ/x6kE96jHBYYcM8Ra+riJnNCLF1gcbX2vp/xBYbKPR63RvHKLm3J8BEc+j
Hb3m+7joxf+JXkuKaPR51cm7sKQ6rWIKydd87KEXr1Iiam5a5MUfFJpHLkUvihZ9
TQAKSztIJumxlZKdIYH+0A7TghoeczPcioqDfRJ14kE9hwh4d+qnL0r/CYwGS88Q
Zor0Zi4OWhHCU2BPzNLSN1qXRvOTgPRd/+bKrJHxbAY8UCyd7b+BDk9NWX9nkdfZ
AoSYvLtPEQeGI8j0YZ9tzXKHX9E/WSWOrnPn0p1tn9qFvvAJpe/ev4/SooLD1a1O
2MyY77cattsX+LAHAZdsqasOzvd5EuIB9/kiwJ3tSfWjj9o08zjGH8hvp6vGeM+a
EUfZfc7AyW+l6glxJ9n3Njf1w1JjyYW6X2NfPEo47EQLYngtDCHS1E3Qg2ZscEen
DsTKTc2GrYrQqDylfZUTWUD+pVKp1itarYq5pT6Bwfm+Oul7PHnGS+eDW1DexCUk
dBedSuOMm3yiBwDI/bscGUMz8EnAJt8+86IhGa+76DByI7EFA54g7SyYFI4y68Ir
b2FqnRcT17JhMo+P6/5CchnZdYzwVfN9u/tlLX1JKpY0u5f2oQQia56iYdF7rtwg
LP8qraUYeK60btbLYmpO
=pQ8j
-----END PGP SIGNATURE-----
Login or Register to add favorites

File Archive:

February 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    16 Files
  • 2
    Feb 2nd
    19 Files
  • 3
    Feb 3rd
    0 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    24 Files
  • 6
    Feb 6th
    2 Files
  • 7
    Feb 7th
    10 Files
  • 8
    Feb 8th
    25 Files
  • 9
    Feb 9th
    37 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    17 Files
  • 13
    Feb 13th
    20 Files
  • 14
    Feb 14th
    25 Files
  • 15
    Feb 15th
    15 Files
  • 16
    Feb 16th
    6 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    35 Files
  • 20
    Feb 20th
    25 Files
  • 21
    Feb 21st
    18 Files
  • 22
    Feb 22nd
    15 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    10 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    37 Files
  • 27
    Feb 27th
    34 Files
  • 28
    Feb 28th
    27 Files
  • 29
    Feb 29th
    8 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close