CVE-2002-0839
Description
The shared memory scoreboard in the HTTP daemon for Apache 1.3.x before 1.3.27 allows any user running as the Apache UID to send a SIGUSR1 signal to any process as root, resulting in a denial of service (process kill) or possibly other behaviors that would not normally be allowed, by modifying the parent[].pid and parent[].last_rtime segments in the scoreboard.
Risk Information
Base Score
7.8
MODERATE
Vector
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.141
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Update Apache to version 1.3.24 | Windows |
| Vulnerabilities CVE-2002-0839,CVE-2002-0840,CVE-2002-0843 are fixed in Apache 1.3.2 | Windows |
| Update Apache to version 1.3.24 (For Linux) | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234