Signature Detail

HTTP: Invalid HTTP Version (2)

This signature detects invalid HTTP versions sent by clients. Some servers do not properly handle such requests, which can cause a Denial of Service (DoS) of the server.

Extended Description

Squid is prone to a remote denial-of-service vulnerability because the proxy server fails to handle certain HTTP requests. Successfully exploiting this issue allows remote attackers to crash the affected application, denying further service to legitimate users. This issue affects versions prior to Squid 2.7.STABLE5, Squid 3.0.STABLE12, and Squid 3.1.0.4.

Affected Products

• Debian Linux 4.0
• Debian Linux 4.0 Alpha
• Debian Linux 4.0 Amd64
• Debian Linux 4.0 Arm
• Debian Linux 4.0 Armel
• Debian Linux 4.0 Hppa
• Debian Linux 4.0 Ia-32
• Debian Linux 4.0 Ia-64
• Debian Linux 4.0 M68k
• Debian Linux 4.0 Mips
• Debian Linux 4.0 Mipsel
• Debian Linux 4.0 Powerpc
• Debian Linux 4.0 S/390
• Debian Linux 4.0 Sparc
• Gentoo Linux
• Mandriva Linux Mandrake 2008.1
• Mandriva Linux Mandrake 2008.1 X86 64
• Mandriva Linux Mandrake 2009.0
• Mandriva Linux Mandrake 2009.0 X86 64
• Red Hat Fedora 9
• Squid Web Proxy Cache 2.7
• Squid Web Proxy Cache 2.7.STABLE5
• Squid Web Proxy Cache 3.0.0
• Squid Web Proxy Cache 3.0.STABLE1
• Squid Web Proxy Cache 3.0.STABLE12
• Squid Web Proxy Cache 3.0.STABLE2
• Squid Web Proxy Cache 3.0.STABLE3
• Squid Web Proxy Cache 3.0.STABLE4
• Squid Web Proxy Cache 3.0.STABLE5
• Squid Web Proxy Cache 3.0.STABLE6
• Squid Web Proxy Cache 3.0.STABLE7
• Squid Web Proxy Cache 3.1
• Squid Web Proxy Cache 3.1.0.4
• SuSE openSUSE 11.1
• Ubuntu Ubuntu Linux 8.10 Amd64
• Ubuntu Ubuntu Linux 8.10 I386
• Ubuntu Ubuntu Linux 8.10 Lpia
• Ubuntu Ubuntu Linux 8.10 Powerpc
• Ubuntu Ubuntu Linux 8.10 Sparc

References

• BugTraq: 33604
• CVE: CVE-2009-0478