Description

Squid 3.0 through 3.0.STABLE16 and 3.1 through 3.1.0.11 allows remote attackers to cause a denial of service via malformed requests including (1) "missing or mismatched protocol identifier," (2) missing or negative status value," (3) "missing version," or (4) "missing or invalid status number," related to (a) HttpMsg.cc and (b) HttpReply.cc.

Remediation

References

CVE-2009-2622

Related Vulnerabilities

Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4329)

WordPress Plugin WP Data Access Privilege Escalation (5.3.7)

WordPress Other Vulnerability (CVE-2006-1796)

Opencart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-29470)

WordPress Plugin Watu Quiz Cross-Site Scripting (2.4.9)

Severity

Medium

Classification

CVE-2009-2622 CWE-20

Tags

Missing Update Known Vulnerabilities