DescriptionThe shared memory scoreboard in the HTTP daemon for Apache 1.3.x before 1.3.27 allows any user running as the Apache UID to send a SIGUSR1 signal to any process as root, resulting in a denial of service (process kill) or possibly other behaviors that would not normally be allowed, by modifying the parent.pid and parent.last_rtime segments in the scoreboard.
Overall state of this security issue: Resolved
This issue is currently rated as having important severity.
|National Vulnerability Database|
- SuSE-SA:2002:039, published Thu Oct 31 11:00:00 MET 2002