Apache Httpd < 1.3.39 : Signals to arbitrary processes

2006-05-15T00:00:00
ID HTTPD:B63CF0157386C00B8FF9E943DA8F9A2F
Type httpd
Reporter Apache Team Foundation
Modified 2007-09-07T00:00:00

Description

The Apache HTTP server did not verify that a process was an Apache child process before sending it signals. A local attacker with the ability to run scripts on the HTTP server could manipulate the scoreboard and cause arbitrary processes to be terminated which could lead to a denial of service.