1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
|
Candidate: CVE-2009-2621
PublicDate: 2009-07-28
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2621
Description:
Squid 3.0 through 3.0.STABLE16 and 3.1 through 3.1.0.11 does not properly
enforce "buffer limits and related bound checks," which allows remote
attackers to cause a denial of service via (1) an incomplete request or (2)
a request with a large header size, related to (a) HttpMsg.cc and (b)
client_side.cc.
Ubuntu-Description:
Notes:
Bugs:
Priority: low
Discovered-by:
Assigned-to:
Patches_squid3:
upstream_squid3: released (3.0.STABLE16-2.1)
dapper_squid3: DNE
hardy_squid3: ignored (reached end-of-life)
intrepid_squid3: needed (reached end-of-life)
jaunty_squid3: released (3.0.STABLE8-3+lenny2build0.9.04.1)
karmic_squid3: not-affected
lucid_squid3: not-affected
maverick_squid3: not-affected
natty_squid3: not-affected
oneiric_squid3: not-affected
devel_squid3: not-affected
|