The shared memory scoreboard in the HTTP daemon for Apache 1.3.x before 1.3.27 allows any user running as the Apache UID to send a SIGUSR1 signal to any process as root, resulting in a denial of service (process kill) or possibly other behaviors that would not normally be allowed, by modifying the parent[].pid and parent[].last_rtime segments in the scoreboard.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2002-10-05T04:00:00
Updated: 2024-08-08T03:03:49.280Z
Reserved: 2002-08-08T00:00:00
Link: CVE-2002-0839
Vulnrichment
No data.
NVD
Status : Modified
Published: 2002-10-11T04:00:00.000
Modified: 2023-11-07T01:55:54.730
Link: CVE-2002-0839
Redhat