CVE-2009-0478SUSE CVEsecurity@suse.deSUSE Security TeamSUSE CVE-2009-0478Interim112024-10-03T02:41:58Zcurrent2024-10-03T02:41:58Z2024-10-03T02:41:58Zcve-database/bin/generate-cvrf-cve.pl2020-12-27T01:00:00ZCVE-2009-0478Squid 2.7 to 2.7.STABLE5, 3.0 to 3.0.STABLE12, and 3.1 to 3.1.0.4 allows remote attackers to cause a denial of service via an HTTP request with an invalid version number, which triggers a reachable assertion in (1) HttpMsg.c and (2) HttpStatusLine.c.The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/IOHF3XMVGZGF7VSMUC3CQB3ZBKRU3DLE/#IOHF3XMVGZGF7VSMUC3CQB3ZBKRU3DLEE-Mail link for SUSE-SR:2009:005https://www.suse.com/support/security/rating/SUSE Security RatingsSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP4squid-2.7.STABLE5-2.10.1squid-2.7.STABLE5-2.12.12.1squid-2.7.STABLE5-2.12.16.1squid-2.7.STABLE5-2.4.1squid-2.7.STABLE5-2.4.1 as a component of SUSE Linux Enterprise Server 11 SP1squid-2.7.STABLE5-2.10.1 as a component of SUSE Linux Enterprise Server 11 SP2squid-2.7.STABLE5-2.12.12.1 as a component of SUSE Linux Enterprise Server 11 SP3squid-2.7.STABLE5-2.12.16.1 as a component of SUSE Linux Enterprise Server 11 SP4Squid 2.7 to 2.7.STABLE5, 3.0 to 3.0.STABLE12, and 3.1 to 3.1.0.4 allows remote attackers to cause a denial of service via an HTTP request with an invalid version number, which triggers a reachable assertion in (1) HttpMsg.c and (2) HttpStatusLine.c.CVE-2009-0478SUSE Linux Enterprise Server 11 SP1:squid-2.7.STABLE5-2.4.1SUSE Linux Enterprise Server 11 SP2:squid-2.7.STABLE5-2.10.1SUSE Linux Enterprise Server 11 SP3:squid-2.7.STABLE5-2.12.12.1SUSE Linux Enterprise Server 11 SP4:squid-2.7.STABLE5-2.12.16.1moderate5AV:N/AC:L/Au:N/C:N/I:N/A:P