Описание
The shared memory scoreboard in the HTTP daemon for Apache 1.3.x before 1.3.27 allows any user running as the Apache UID to send a SIGUSR1 signal to any process as root, resulting in a denial of service (process kill) or possibly other behaviors that would not normally be allowed, by modifying the parent[].pid and parent[].last_rtime segments in the scoreboard.
Ссылки
- Broken Link
- Broken Link
- Broken Link
- Broken LinkPatchVendor Advisory
- Third Party Advisory
- Mailing ListThird Party Advisory
- Issue TrackingMailing ListThird Party Advisory
- Issue TrackingMailing ListThird Party Advisory
- Issue TrackingMailing ListThird Party Advisory
- Third Party AdvisoryVDB Entry
- Release NotesVendor Advisory
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
- Broken LinkVendor Advisory
- Broken Link
- Broken Link
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
Одно из
EPSS
7.2 High
CVSS2
Дефекты
Связанные уязвимости
The shared memory scoreboard in the HTTP daemon for Apache 1.3.x before 1.3.27 allows any user running as the Apache UID to send a SIGUSR1 signal to any process as root, resulting in a denial of service (process kill) or possibly other behaviors that would not normally be allowed, by modifying the parent[].pid and parent[].last_rtime segments in the scoreboard.
The shared memory scoreboard in the HTTP daemon for Apache 1.3.x befor ...
The shared memory scoreboard in the HTTP daemon for Apache 1.3.x before 1.3.27 allows any user running as the Apache UID to send a SIGUSR1 signal to any process as root, resulting in a denial of service (process kill) or possibly other behaviors that would not normally be allowed, by modifying the parent[].pid and parent[].last_rtime segments in the scoreboard.
EPSS
7.2 High
CVSS2