Skip to navigation

CVE Database

CVE-2007-3304

Impact: Moderate
Public: 2007-06-19
Bugzilla: 245111: CVE-2007-3304 httpd scoreboard lack of PID protection

Details

The MITRE CVE dictionary describes this issue as:

Apache httpd 1.3.37, 2.0.59, and 2.2.4 with the Prefork MPM module, allows local users to cause a denial of service by modifying the worker_score and process_score arrays to reference an arbitrary process ID, which is sent a SIGUSR1 signal from the master process, aka "SIGUSR1 killer."

Find out more about CVE-2007-3304 from the MITRE CVE dictionary and NIST NVD.

Red Hat security errata

Platform Errata Release Date
Red Hat Application Stack v1 for Enterprise Linux AS (v.4) (httpd) RHSA-2007:0557 July 13, 2007
Red Hat Certificate System 7.3 for 4AS RHSA-2010:0602 August 04, 2010
Red Hat Enterprise Linux version 2.1 (apache) RHSA-2007:0532 June 26, 2007
Red Hat Enterprise Linux version 3 (httpd) RHSA-2007:0662 July 13, 2007
Red Hat Enterprise Linux version 4 (httpd) RHSA-2007:0662 July 13, 2007
Red Hat Enterprise Linux version 5 (httpd) RHSA-2007:0556 June 26, 2007
Red Hat Satellite 5.0 (RHEL v.4 AS) RHSA-2008:0261 May 20, 2008
Red Hat Satellite Proxy v 4.2 (RHEL v.3 AS) RHSA-2008:0523 June 30, 2008
Red Hat Satellite Proxy v 4.2 (RHEL v.4 AS) RHSA-2008:0523 June 30, 2008
Red Hat Satellite Proxy v 5.0 (RHEL v.4 AS) RHSA-2008:0263 May 20, 2008
Red Hat Satellite v 4.2 (RHEL v.3 AS) RHSA-2008:0524 June 30, 2008
Red Hat Satellite v 4.2 (RHEL v.4 AS) RHSA-2008:0524 June 30, 2008

External References

This page is generated automatically and has not been checked for errors or omissions.

For clarification or corrections please contact the Red Hat Security Response Team.