Intrusion PreventionSquid.Web.Proxy.HTTP.Version.Number.DoS
Description
This indicates an attack attempt against a remote Denial of Service vulnerability in Squid Web Proxy.
The vulnerability may allow an attacker to cause a DoS by sending a specially crafted HTTP request to the vulnerable software. This is possible because of an assertion error when processing malformed HTTP version numbers.
Affected Products
Ubuntu Ubuntu Linux 8.10 sparc
Ubuntu Ubuntu Linux 8.10 powerpc
Ubuntu Ubuntu Linux 8.10 lpia
Ubuntu Ubuntu Linux 8.10 i386
Ubuntu Ubuntu Linux 8.10 amd64
Squid Web Proxy Cache 3.1 .4
Squid Web Proxy Cache 3.0
Squid Web Proxy Cache 3.1
Squid Web Proxy Cache 3.0.STABLE7
Squid Web Proxy Cache 3.0.STABLE6
Squid Web Proxy Cache 3.0.STABLE5
Squid Web Proxy Cache 3.0.STABLE4
Squid Web Proxy Cache 3.0.STABLE3
Squid Web Proxy Cache 3.0.STABLE2
Squid Web Proxy Cache 3.0.STABLE12
Squid Web Proxy Cache 3.0.STABLE1
Squid Web Proxy Cache 2.7.STABLE5
Squid Web Proxy Cache 2.7
S.u.S.E. openSUSE 11.1
Red Hat Fedora 9
MandrakeSoft Linux Mandrake 2009.0 x86_64
MandrakeSoft Linux Mandrake 2009.0
MandrakeSoft Linux Mandrake 2008.1 x86_64
MandrakeSoft Linux Mandrake 2008.1
Gentoo Linux
Debian Linux 4.0 sparc
Debian Linux 4.0 s/390
Debian Linux 4.0 powerpc
Debian Linux 4.0 mipsel
Debian Linux 4.0 mips
Debian Linux 4.0 m68k
Debian Linux 4.0 ia-64
Debian Linux 4.0 ia-32
Debian Linux 4.0 hppa
Debian Linux 4.0 armel
Debian Linux 4.0 arm
Debian Linux 4.0 amd64
Debian Linux 4.0 alpha
Debian Linux 4.0
Impact
Denial of Service: Remote attackers can crash vulnerable systems.
Recommended Actions
Upgrade to the latest version, available from the web site.
MandrakeSoft Linux Mandrake 2008.1 x86_64
Mandriva squid-cachemgr-3.0-1.1mdv2008.1.x86_64.rpm
Mandriva squid-3.0-1.1mdv2008.1.x86_64.rpm
Debian Linux 4.0 arm
Debian squid3-common_3.0.PRE5-5+etch1_all.deb
Debian squid3-client_3.0.PRE5-5+etch1_arm.deb
Debian squid3-cgi_3.0.PRE5-5+etch1_arm.deb
Debian squid3_3.0.PRE5-5+etch1_arm.deb
MandrakeSoft Linux Mandrake 2008.1
Mandriva squid-3.0-1.1mdv2008.1.i586.rpm
Mandriva squid-cachemgr-3.0-1.1mdv2008.1.i586.rpm
Ubuntu Ubuntu Linux 8.10 powerpc
Ubuntu squid_2.7.STABLE3-1ubuntu2.1_powerpc.deb
Ubuntu squid-cgi_2.7.STABLE3-1ubuntu2.1_powerpc.deb
Debian Linux 4.0 powerpc
Debian squid3_3.0.PRE5-5+etch1_powerpc.deb
Debian squid3-cgi_3.0.PRE5-5+etch1_powerpc.deb
Debian squid3-common_3.0.PRE5-5+etch1_all.deb
Debian squid3-client_3.0.PRE5-5+etch1_powerpc.deb
Ubuntu Ubuntu Linux 8.10 i386
Ubuntu squid-cgi_2.7.STABLE3-1ubuntu2.1_i386.deb
Ubuntu squid_2.7.STABLE3-1ubuntu2.1_i386.deb
Debian Linux 4.0 m68k
Debian squid3-common_3.0.PRE5-5+etch1_all.deb
Ubuntu Ubuntu Linux 8.10 lpia
Ubuntu squid_2.7.STABLE3-1ubuntu2.1_lpia.deb
Ubuntu squid-cgi_2.7.STABLE3-1ubuntu2.1_lpia.deb
Debian Linux 4.0 amd64
Debian squid3-cgi_3.0.PRE5-5+etch1_amd64.deb
Debian squid3-client_3.0.PRE5-5+etch1_amd64.deb
Debian squid3-common_3.0.PRE5-5+etch1_all.deb
Debian squid3_3.0.PRE5-5+etch1_amd64.deb
Debian Linux 4.0 ia-32
Debian squid3-cgi_3.0.PRE5-5+etch1_i386.deb
Debian squid3-client_3.0.PRE5-5+etch1_i386.deb
Debian squid3_3.0.PRE5-5+etch1_i386.deb
Debian squid3-common_3.0.PRE5-5+etch1_all.deb
Debian Linux 4.0 hppa
Debian squid3-cgi_3.0.PRE5-5+etch1_hppa.deb
Debian squid3-common_3.0.PRE5-5+etch1_all.deb
Debian squid3_3.0.PRE5-5+etch1_hppa.deb
Debian squid3-client_3.0.PRE5-5+etch1_hppa.deb
Debian Linux 4.0 sparc
Debian squid3-common_3.0.PRE5-5+etch1_all.deb
Debian Linux 4.0 s/390
Debian squid3-client_3.0.PRE5-5+etch1_s390.deb
Debian squid3-cgi_3.0.PRE5-5+etch1_s390.deb
Debian squid3_3.0.PRE5-5+etch1_s390.deb
Debian squid3-common_3.0.PRE5-5+etch1_all.deb
Ubuntu Ubuntu Linux 8.10 sparc
Ubuntu squid-cgi_2.7.STABLE3-1ubuntu2.1_sparc.deb
Ubuntu squid_2.7.STABLE3-1ubuntu2.1_sparc.deb
MandrakeSoft Linux Mandrake 2009.0
Mandriva squid-cachemgr-3.0-8.1mdv2009.0.i586.rpm
Mandriva squid-3.0-8.1mdv2009.0.i586.rpm
Debian Linux 4.0 alpha
Debian squid3-common_3.0.PRE5-5+etch1_all.deb
Debian squid3-cgi_3.0.PRE5-5+etch1_alpha.deb
Debian squid3-client_3.0.PRE5-5+etch1_alpha.deb
Debian squid3_3.0.PRE5-5+etch1_alpha.deb
Debian Linux 4.0 armel
Debian squid3-common_3.0.PRE5-5+etch1_all.deb
Debian Linux 4.0
Debian squid3-common_3.0.PRE5-5+etch1_all.deb
MandrakeSoft Linux Mandrake 2009.0 x86_64
Mandriva squid-3.0-8.1mdv2009.0.x86_64.rpm
Mandriva squid-cachemgr-3.0-8.1mdv2009.0.x86_64.rpm
Debian Linux 4.0 mipsel
Debian squid3-client_3.0.PRE5-5+etch1_mipsel.deb
Debian squid3_3.0.PRE5-5+etch1_mipsel.deb
Debian squid3-common_3.0.PRE5-5+etch1_all.deb
Debian squid3-cgi_3.0.PRE5-5+etch1_mipsel.deb
Ubuntu Ubuntu Linux 8.10 amd64
Ubuntu squid_2.7.STABLE3-1ubuntu2.1_amd64.deb
Ubuntu squid-cgi_2.7.STABLE3-1ubuntu2.1_amd64.deb
Debian Linux 4.0 ia-64
Debian squid3-cgi_3.0.PRE5-5+etch1_ia64.deb
Debian squid3-common_3.0.PRE5-5+etch1_all.deb
Debian squid3_3.0.PRE5-5+etch1_ia64.deb
Debian squid3-client_3.0.PRE5-5+etch1_ia64.deb
Debian Linux 4.0 mips
Debian squid3-common_3.0.PRE5-5+etch1_all.deb
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
| ID | 27484 |
| Created | Feb 15, 2012 |
| Updated | Apr 17, 2024 |
| Risk |
|
| CVE ID | CVE-2009-0478 |
| Exploit Prediction Score | 95.14% |
| Default Action | pass |
| Active | |
| Affected OS | Linux |
| Affected App | Other |