Squid · Squid · CVE-2009-2621
**Name of the Vulnerable Software and Affected Versions**
Squid versions 3.0 through 3.0.STABLE16
Squid versions 3.1 through 3.1.0.11
**Description**
The issue does not properly enforce buffer limits and related bound checks, allowing remote attackers to cause a denial of service via an incomplete request or a request with a large header size, related to HttpMsg.cc and client side.cc.
**Recommendations**
For Squid versions 3.0 through 3.0.STABLE16, update to a version outside of this range to resolve the issue.
For Squid versions 3.1 through 3.1.0.11, update to a version outside of this range to resolve the issue.