Description

Squid 3.0 through 3.0.STABLE16 and 3.1 through 3.1.0.11 allows remote attackers to cause a denial of service via malformed requests including (1) "missing or mismatched protocol identifier," (2) missing or negative status value," (3) "missing version," or (4) "missing or invalid status number," related to (a) HttpMsg.cc and (b) HttpReply.cc.

Remediation

References

CVE-2009-2622

Related Vulnerabilities

Lighttpd NULL Pointer Dereference Vulnerability (CVE-2022-37797)

Django Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2024-42005)

Jboss EAP Uncontrolled Resource Consumption Vulnerability (CVE-2023-44487)

Handlebars Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2019-20922)

WordPress Plugin Package Quantity Discount Security Bypass (1.1.2)

Severity

Medium

Classification

CVE-2009-2622 CWE-20

Tags

Missing Update Known Vulnerabilities