Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2009-0478

Опубликовано: 08 фев. 2009
Источник: nvd
CVSS2: 5
EPSS Высокий

Описание

Squid 2.7 to 2.7.STABLE5, 3.0 to 3.0.STABLE12, and 3.1 to 3.1.0.4 allows remote attackers to cause a denial of service via an HTTP request with an invalid version number, which triggers a reachable assertion in (1) HttpMsg.c and (2) HttpStatusLine.c.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:squid:squid:2.7.stable1:*:*:*:*:*:*:*
cpe:2.3:a:squid:squid:2.7.stable2:*:*:*:*:*:*:*
cpe:2.3:a:squid:squid:2.7.stable3:*:*:*:*:*:*:*
cpe:2.3:a:squid:squid:2.7.stable4:*:*:*:*:*:*:*
cpe:2.3:a:squid:squid:2.7.stable5:*:*:*:*:*:*:*
cpe:2.3:a:squid:squid:3.0.stable1:*:*:*:*:*:*:*
cpe:2.3:a:squid:squid:3.0.stable2:*:*:*:*:*:*:*
cpe:2.3:a:squid:squid:3.0.stable3:*:*:*:*:*:*:*
cpe:2.3:a:squid:squid:3.0.stable4:*:*:*:*:*:*:*
cpe:2.3:a:squid:squid:3.0.stable5:*:*:*:*:*:*:*
cpe:2.3:a:squid:squid:3.0.stable6:*:*:*:*:*:*:*
cpe:2.3:a:squid:squid:3.0.stable7:*:*:*:*:*:*:*
cpe:2.3:a:squid:squid:3.0.stable8:*:*:*:*:*:*:*
cpe:2.3:a:squid:squid:3.0.stable9:*:*:*:*:*:*:*
cpe:2.3:a:squid:squid:3.0.stable10:*:*:*:*:*:*:*
cpe:2.3:a:squid:squid:3.0.stable11:*:*:*:*:*:*:*
cpe:2.3:a:squid:squid:3.0.stable12:*:*:*:*:*:*:*
cpe:2.3:a:squid:squid:3.1:*:*:*:*:*:*:*
cpe:2.3:a:squid:squid:3.1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:squid:squid:3.1.0.2:*:*:*:*:*:*:*
cpe:2.3:a:squid:squid:3.1.0.3:*:*:*:*:*:*:*
cpe:2.3:a:squid:squid:3.1.0.4:*:*:*:*:*:*:*

EPSS

Процентиль: 99%
0.77407
Высокий

5 Medium

CVSS2

Дефекты

CWE-20

Связанные уязвимости

ubuntu логотип

CVE-2009-0478

ubuntu
почти 17 лет назад

Squid 2.7 to 2.7.STABLE5, 3.0 to 3.0.STABLE12, and 3.1 to 3.1.0.4 allows remote attackers to cause a denial of service via an HTTP request with an invalid version number, which triggers a reachable assertion in (1) HttpMsg.c and (2) HttpStatusLine.c.

redhat логотип

CVE-2009-0478

redhat
почти 17 лет назад

Squid 2.7 to 2.7.STABLE5, 3.0 to 3.0.STABLE12, and 3.1 to 3.1.0.4 allows remote attackers to cause a denial of service via an HTTP request with an invalid version number, which triggers a reachable assertion in (1) HttpMsg.c and (2) HttpStatusLine.c.

debian логотип

CVE-2009-0478

debian
почти 17 лет назад

Squid 2.7 to 2.7.STABLE5, 3.0 to 3.0.STABLE12, and 3.1 to 3.1.0.4 allo ...

github логотип

GHSA-cfw6-qxff-576v

github
больше 3 лет назад

Squid 2.7 to 2.7.STABLE5, 3.0 to 3.0.STABLE12, and 3.1 to 3.1.0.4 allows remote attackers to cause a denial of service via an HTTP request with an invalid version number, which triggers a reachable assertion in (1) HttpMsg.c and (2) HttpStatusLine.c.

EPSS

Процентиль: 99%
0.77407
Высокий

5 Medium

CVSS2

Дефекты

CWE-20