CVE-2009-2622

Name of the Vulnerable Software and Affected Versions Squid versions 3.0 through 3.0.STABLE16 Squid versions 3.1 through 3.1.0.11

Description The issue allows remote attackers to cause a denial of service via malformed requests, including missing or mismatched protocol identifiers, missing or negative status values, missing versions, or missing or invalid status numbers. This is related to the HttpMsg.cc and HttpReply.cc components.

Recommendations For Squid versions 3.0 through 3.0.STABLE16, update to a version later than 3.0.STABLE16 to resolve the issue. For Squid versions 3.1 through 3.1.0.11, update to a version later than 3.1.0.11 to resolve the issue.