Vulnerabilities > CVE-2017-16875 - Unspecified vulnerability in Teluu Pjsip
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
HIGH Summary
An issue was discovered in Teluu pjproject (pjlib and pjlib-util) in PJSIP before 2.7.1. The ioqueue component may issue a double key unregistration after an attacker initiates a socket connection with specific settings and sequences. Such double key unregistration will trigger an integer overflow, which may cause ioqueue backends to reject future key registrations.
Vulnerable Configurations
Nessus
| NASL family | Debian Local Security Checks |
| NASL id | DEBIAN_DSA-4170.NASL |
| description | Multiple vulnerabilities have been discovered in the PJSIP/PJProject multimedia communication which may result in denial of service during the processing of SIP and SDP messages and ioqueue keys. |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 108906 |
| published | 2018-04-10 |
| reporter | This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof. |
| source | https://www.tenable.com/plugins/nessus/108906 |
| title | Debian DSA-4170-1 : pjproject - security update |