← back
CVE-2009-2622

CVE-2009-2622

EPSS 56.9%
Squid 3.0 through 3.0.STABLE16 and 3.1 through 3.1.0.11 allows remote attackers to cause a denial of service via malformed requests including (1) "missing or mismatched protocol identifier," (2) missing or negative status value," (3) "missing version," or (4) "missing or invalid status number," related to (a) HttpMsg.cc and (b) HttpReply.cc.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://secunia.com/advisories/36007http://www.mandriva.com/security/advisories?name=MDVSA-2009:161http://www.mandriva.com/security/advisories?name=MDVSA-2009:178http://www.securityfocus.com/bid/35812http://www.securitytracker.com/id?1022607http://www.squid-cache.org/Advisories/SQUID-2009_2.txthttp://www.squid-cache.org/Versions/v3/3.1/changesets/b9661.patchhttp://www.vupen.com/english/advisories/2009/2013