Your submission was sent successfully! Close

CVE-2009-2622

Published: 28 July 2009

Squid 3.0 through 3.0.STABLE16 and 3.1 through 3.1.0.11 allows remote attackers to cause a denial of service via malformed requests including (1) "missing or mismatched protocol identifier," (2) missing or negative status value," (3) "missing version," or (4) "missing or invalid status number," related to (a) HttpMsg.cc and (b) HttpReply.cc.

Priority

Medium

Status

Package Release Status
squid3
Launchpad, Ubuntu, Debian
Upstream
Released (3.0.STABLE16-2.1)