CVE-2002-0839

Apache HTTP Server 1.3.0-1.3.26 - Denial of Service via Shared Memory Scoreboard Manipulation

Title source: llm
STIX 2.1

Description

The shared memory scoreboard in the HTTP daemon for Apache 1.3.x before 1.3.27 allows any user running as the Apache UID to send a SIGUSR1 signal to any process as root, resulting in a denial of service (process kill) or possibly other behaviors that would not normally be allowed, by modifying the parent[].pid and parent[].last_rtime segments in the scoreboard.

References (23)

Core 23
Core References
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2002/dsa-188
Mailing List, Third Party Advisory x_refsource_confirm
http://marc.info/?l=apache-httpd-announce&m=103367938230488&w=2
Broken Link vendor-advisory x_refsource_engarde
http://www.linuxsecurity.com/advisories/other_advisory-2414.html
Broken Link vendor-advisory x_refsource_sgi
ftp://patches.sgi.com/support/free/security/advisories/20021105-01-I
Third Party Advisory, VDB Entry vendor-advisory x_refsource_hp
http://online.securityfocus.com/advisories/4617
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2002/dsa-187
Issue Tracking, Mailing List, Third Party Advisory vendor-advisory x_refsource_hp
http://marc.info/?l=bugtraq&m=130497311408250&w=2
Broken Link, Patch, Vendor Advisory mailing-list x_refsource_vulnwatch
http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0012.html
Release Notes, Vendor Advisory x_refsource_confirm
http://www.apacheweek.com/issues/02-10-04
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/5884
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2002/dsa-195
Issue Tracking, Mailing List, Third Party Advisory mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=103376585508776&w=2
Broken Link, Vendor Advisory vdb-entry x_refsource_xf
http://www.iss.net/security_center/static/10280.php
Broken Link vendor-advisory x_refsource_mandrake
http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-068.php
Third Party Advisory vendor-advisory x_refsource_conectiva
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000530
Broken Link mailing-list x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2002-10/0254.html
Broken Link mailing-list x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2002-10/0195.html

Scores

EPSS 0.0094
EPSS Percentile 57.1%

Details

Status published
Products (3)
apache/http_server 1.3.0 - 1.3.27
debian/debian_linux 2.2
debian/debian_linux 3.0
Published Oct 11, 2002
Tracked Since Feb 18, 2026