Lucene search

[email protected]CVE-2007-3303

HistoryJun 20, 2007 - 10:30 p.m.

CVE-2007-3303

2007-06-2022:30:00

CWE-94

[email protected]

web.nvd.nist.gov

cve-2007-3303

apache

httpd

denial of service

local users

vulnerability

6.6 Medium

AI Score

Confidence

High

4.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

0.0004 Low

EPSS

Percentile

5.3%

JSON

Apache httpd 2.0.59 and 2.2.4, with the Prefork MPM module, allows local users to cause a denial of service via certain code sequences executed in a worker process that (1) stop request processing by killing all worker processes and preventing creation of replacements or (2) hang the system by forcing the master process to fork an arbitrarily large number of worker processes. NOTE: This might be an inherent design limitation of Apache with respect to worker processes in hosted environments.

CPENameOperatorVersion
apache:http_serverapache http servereq2.2.4
apache:http_serverapache http servereq2.0.59

CPE	Name	Operator	Version
apache:http_server	apache http server	eq	2.2.4
apache:http_server	apache http server	eq	2.0.59

References

osvdb.org/37050

security.psnc.pl/files/apache_report.pdf

securityreason.com/securityalert/2814

www.securityfocus.com/archive/1/469899/100/0/threaded

www.securityfocus.com/archive/1/471832/100/0/threaded

www.securityfocus.com/bid/24215

6.6 Medium

AI Score

Confidence

High

4.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

0.0004 Low

EPSS

Percentile

5.3%

JSON

Related for CVE-2007-3303

debiancve1 prion1 ubuntucve1 nessus3