Description

Squid 3.0 through 3.0.STABLE16 and 3.1 through 3.1.0.11 allows remote attackers to cause a denial of service via malformed requests including (1) "missing or mismatched protocol identifier," (2) missing or negative status value," (3) "missing version," or (4) "missing or invalid status number," related to (a) HttpMsg.cc and (b) HttpReply.cc.

Remediation

References

CVE-2009-2622

Related Vulnerabilities

WebLogic CVE-2018-3252 Vulnerability (CVE-2018-3252)

WordPress Plugin File Manager Cross-Site Scripting (2.9)

Apache Tomcat Improper Input Validation Vulnerability (CVE-2013-2185)

Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-14242)

Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-28982)

Severity

Medium

Classification

CVE-2009-2622 CWE-20

Tags

Missing Update Known Vulnerabilities