CVE-2009-2622 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2009-2622 Interim 1 9 2022-10-15T18:15:42Z current 2021-05-30T12:47:48Z 2022-10-15T18:15:42Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2009-2622 Squid 3.0 through 3.0.STABLE16 and 3.1 through 3.1.0.11 allows remote attackers to cause a denial of service via malformed requests including (1) "missing or mismatched protocol identifier," (2) missing or negative status value," (3) "missing version," or (4) "missing or invalid status number," related to (a) HttpMsg.cc and (b) HttpReply.cc. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Server for SAP Applications 11 squid-2.7.STABLE5-2.4.1 squid-2.7.STABLE5-2.4.1 as a component of SUSE Linux Enterprise Server 11 squid-2.7.STABLE5-2.4.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 Squid 3.0 through 3.0.STABLE16 and 3.1 through 3.1.0.11 allows remote attackers to cause a denial of service via malformed requests including (1) "missing or mismatched protocol identifier," (2) missing or negative status value," (3) "missing version," or (4) "missing or invalid status number," related to (a) HttpMsg.cc and (b) HttpReply.cc. CVE-2009-2622 SUSE Linux Enterprise Server 11:squid-2.7.STABLE5-2.4.1 SUSE Linux Enterprise Server for SAP Applications 11:squid-2.7.STABLE5-2.4.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P