Intrusion PreventionSquid.HTTP.Invalid.Version.DoS
Description
This indicates an attack attempt against a denial-of-service (DoS) vulnerability in Squid.
The vulnerability is caused by an error when the vulnerable software handles an invalid HTTP version field. It allows a remote attacker to cause DoS via sending a crafted HTTP request.
Affected Products
Squid Web Proxy Cache 3.1 4
Squid Web Proxy Cache 3.0
Squid Web Proxy Cache 3.1
Squid Web Proxy Cache 3.0.STABLE7
Squid Web Proxy Cache 3.0.STABLE6
Squid Web Proxy Cache 3.0.STABLE5
Squid Web Proxy Cache 3.0.STABLE4
Squid Web Proxy Cache 3.0.STABLE3
Squid Web Proxy Cache 3.0.STABLE2
Squid Web Proxy Cache 3.0.STABLE12
Squid Web Proxy Cache 3.0.STABLE1
Squid Web Proxy Cache 2.7.STABLE5
Squid Web Proxy Cache 2.7
Impact
Denial of Service: Remote attackers can stop the vulnerable application.
Recommended Actions
Upgrade to Squid version 2.7.STABLE6, 3.0.STABLE13, or 3.1.0.5 :
http://www.squid-cache.org/Download/
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
Version Updates
| Date | Version | Detail |
|---|---|---|
| 2024-04-18 | 27.771 | Sig Added |
| ID | 17246 |
| Created | Apr 21, 2009 |
| Updated | Apr 18, 2024 |
| Risk |
|
| CVE ID | CVE-2009-0478 |
| Exploit Prediction Score | 95.14% |
| Default Action | drop |
| Active | |
| Affected OS | Linux, BSD, Solaris, Other |
| Affected App | Other |