CVE-2009-0478
Squid <3.1.0.4 - DoS
Title source: llmDescription
Squid 2.7 to 2.7.STABLE5, 3.0 to 3.0.STABLE12, and 3.1 to 3.1.0.4 allows remote attackers to cause a denial of service via an HTTP request with an invalid version number, which triggers a reachable assertion in (1) HttpMsg.c and (2) HttpStatusLine.c.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Praveen Darshanam · perldosmultiple
https://www.exploit-db.com/exploits/8021
References (12)
Scores
EPSS
0.7705
EPSS Percentile
99.0%
Details
CWE
CWE-20
Status
published
Products (22)
squid/squid
2.7.stable1
squid/squid
2.7.stable2
squid/squid
2.7.stable3
squid/squid
2.7.stable4
squid/squid
2.7.stable5
squid/squid
3.0.stable1
squid/squid
3.0.stable2
squid/squid
3.0.stable3
squid/squid
3.0.stable4
squid/squid
3.0.stable5
... and 12 more
Published
Feb 08, 2009
Tracked Since
Feb 18, 2026