Back to search
CVE-2007-3304
Published: Jun 20, 2007
Modified: Aug 7, 2024
PUBLISHED
Description
Apache httpd 1.3.37, 2.0.59, and 2.2.4 with the Prefork MPM module, allows local users to cause a denial of service by modifying the worker_score and process_score arrays to reference an arbitrary process ID, which is sent a SIGUSR1 signal from the master process, aka "SIGUSR1 killer."
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
28606
third-party-advisory
x_refsource_SECUNIA
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=245111
x_refsource_MISC
MDKSA-2007:142
vendor-advisory
x_refsource_MANDRIVA
26822
third-party-advisory
x_refsource_SECUNIA
ADV-2007-4305
vdb-entry
x_refsource_VUPEN
ADV-2007-3420
vdb-entry
x_refsource_VUPEN
RHSA-2007:0557
vendor-advisory
x_refsource_REDHAT
38939
vdb-entry
x_refsource_OSVDB
PK52702
vendor-advisory
x_refsource_AIXAPAR
MDKSA-2007:140
vendor-advisory
x_refsource_MANDRIVA
HPSBUX02273
vendor-advisory
x_refsource_HP
25827
third-party-advisory
x_refsource_SECUNIA
25920
third-party-advisory
x_refsource_SECUNIA
26993
third-party-advisory
x_refsource_SECUNIA
28212
third-party-advisory
x_refsource_SECUNIA
http://security.psnc.pl/files/apache_report.pdf
x_refsource_MISC
1018304
vdb-entry
x_refsource_SECTRACK
27563
third-party-advisory
x_refsource_SECUNIA
27732
third-party-advisory
x_refsource_SECUNIA
http://svn.apache.org/viewvc?view=rev&revision=547987
x_refsource_CONFIRM
103179
vendor-advisory
x_refsource_SUNALERT
27209
third-party-advisory
x_refsource_SECUNIA
RHSA-2007:0662
vendor-advisory
x_refsource_REDHAT
26790
third-party-advisory
x_refsource_SECUNIA
RHSA-2007:0556
vendor-advisory
x_refsource_REDHAT
http://httpd.apache.org/security/vulnerabilities_20.html
x_refsource_CONFIRM
SUSE-SA:2007:061
vendor-advisory
x_refsource_SUSE
20070529 Apache httpd vulenrabilities
mailing-list
x_refsource_BUGTRAQ
FEDORA-2007-2214
vendor-advisory
x_refsource_FEDORA
[apache-httpd-dev] 20070622 Re: PID table changes (was Re: svn commit: r547987 - in /httpd/httpd/trunk)
mailing-list
x_refsource_MLIST
26759
third-party-advisory
x_refsource_SECUNIA
ADV-2007-3494
vdb-entry
x_refsource_VUPEN
PK50467
vendor-advisory
x_refsource_AIXAPAR
2007-0026
vendor-advisory
x_refsource_TRUSTIX
RHSA-2007:0532
vendor-advisory
x_refsource_REDHAT
http://httpd.apache.org/security/vulnerabilities_22.html
x_refsource_CONFIRM
https://issues.rpath.com/browse/RPL-1710
x_refsource_CONFIRM
[apache-httpd-dev] 20070629 Re: [PATCH] pid safety checks for 2.2.x
mailing-list
x_refsource_MLIST
20090821 VMSA-2009-0010 VMware Hosted products update libpng and Apache HTTP Server
mailing-list
x_refsource_BUGTRAQ
2814
third-party-advisory
x_refsource_SREASON
oval:org.mitre.oval:def:11589
vdb-entry
signature
x_refsource_OVAL
27121
third-party-advisory
x_refsource_SECUNIA
20070619 Apache Prefork MPM vulnerabilities - Report
mailing-list
x_refsource_BUGTRAQ
ADV-2008-0233
vdb-entry
x_refsource_VUPEN
26211
third-party-advisory
x_refsource_SECUNIA
apache-child-process-dos(35095)
vdb-entry
x_refsource_XF
26443
third-party-advisory
x_refsource_SECUNIA
[security-announce] 20090820 VMSA-2009-0010 VMware Hosted products update libpng and Apache HTTP Server
mailing-list
x_refsource_MLIST
http://httpd.apache.org/security/vulnerabilities_13.html
x_refsource_CONFIRM
GLSA-200711-06
vendor-advisory
x_refsource_GENTOO
28224
third-party-advisory
x_refsource_SECUNIA
200032
vendor-advisory
x_refsource_SUNALERT
25830
third-party-advisory
x_refsource_SECUNIA
24215
vdb-entry
x_refsource_BID
http://support.avaya.com/elmodocs2/security/ASA-2007-363.htm
x_refsource_CONFIRM
USN-499-1
vendor-advisory
x_refsource_UBUNTU
RHSA-2008:0261
vendor-advisory
x_refsource_REDHAT
26508
third-party-advisory
x_refsource_SECUNIA
http://support.avaya.com/elmodocs2/security/ASA-2007-353.htm
x_refsource_CONFIRM
26842
third-party-advisory
x_refsource_SECUNIA
ADV-2007-3283
vdb-entry
x_refsource_VUPEN
PK53984
vendor-advisory
x_refsource_AIXAPAR
ADV-2007-2727
vdb-entry
x_refsource_VUPEN
26611
third-party-advisory
x_refsource_SECUNIA
26273
third-party-advisory
x_refsource_SECUNIA
http://bugs.gentoo.org/show_bug.cgi?id=186219
x_refsource_CONFIRM
ADV-2007-3100
vdb-entry
x_refsource_VUPEN
SSRT071476
vendor-advisory
x_refsource_HP
[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/
mailing-list
x_refsource_MLIST
[httpd-cvs] 20210330 svn commit: r1888194 [4/13] - /httpd/site/trunk/content/security/json/
mailing-list
x_refsource_MLIST
[httpd-cvs] 20210330 svn commit: r1073143 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/
mailing-list
x_refsource_MLIST
[httpd-cvs] 20210330 svn commit: r1073139 [4/13] - in /websites/staging/httpd/trunk/content: ./ security/json/
mailing-list
x_refsource_MLIST
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now