National Vulnerability Database (NVD) National Vulnerability Database (CVE-2007-3304)

National Cyber-Alert System

Vulnerability Summary for CVE-2007-3304

Original release date:06/20/2007

Last revised:09/05/2008

Source: US-CERT/NIST

Overview

Apache httpd 1.3.37, 2.0.59, and 2.2.4 with the Prefork MPM module, allows local users to cause a denial of service by modifying the worker_score and process_score arrays to reference an arbitrary process ID, which is sent a SIGUSR1 signal from the master process, aka "SIGUSR1 killer."

Impact

CVSS Severity (version 2.0):

CVSS v2 Base Score:4.7 (MEDIUM) (AV:L/AC:M/Au:N/C:N/I:N/A:C) (legend)

Impact Subscore: 6.9

Exploitability Subscore: 3.4

CVSS Version 2 Metrics:

Access Vector: Locally exploitable

Access Complexity: Medium

Authentication: Not required to exploit

Impact Type:Allows disruption of serviceUnknown

Vendor Statments (disclaimer)

Official Statement from Apache (07/02/2008): Fixed in Apache HTTP Server 2.2.6, 2.0.61, and 1.3.39: http://httpd.apache.org/security/vulnerabilities_22.html http://httpd.apache.org/security/vulnerabilities_20.html http://httpd.apache.org/security/vulnerabilities_13.html

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

External Source: CONFIRM

Name: https://issues.rpath.com/browse/RPL-1710

Hyperlink:https://issues.rpath.com/browse/RPL-1710

External Source: UBUNTU

Name: USN-499-1

Hyperlink:http://www.ubuntu.com/usn/usn-499-1

External Source: TRUSTIX

Name: 2007-0026

Hyperlink:http://www.trustix.org/errata/2007/0026/

External Source: SECTRACK

Name: 1018304

Hyperlink:http://www.securitytracker.com/id?1018304

External Source: BID

Name: 24215

Hyperlink:http://www.securityfocus.com/bid/24215

External Source: BUGTRAQ

Name: 20070619 Apache Prefork MPM vulnerabilities - Report

Hyperlink:http://www.securityfocus.com/archive/1/archive/1/471832/100/0/threaded

External Source: BUGTRAQ

Name: 20070529 Apache httpd vulenrabilities

Hyperlink:http://www.securityfocus.com/archive/1/archive/1/469899/100/0/threaded

External Source: REDHAT

Name: RHSA-2007:0662

Hyperlink:http://www.redhat.com/support/errata/RHSA-2007-0662.html

External Source: REDHAT

Name: RHSA-2007:0557

Hyperlink:http://www.redhat.com/support/errata/RHSA-2007-0557.html

External Source: REDHAT

Name: RHSA-2007:0532

Hyperlink:http://www.redhat.com/errata/RHSA-2007-0532.html

External Source: FEDORA

Name: FEDORA-2007-2214

Hyperlink:http://www.redhat.com/archives/fedora-package-announce/2007-September/msg00320.html

External Source: SUSE

Name: SUSE-SA:2007:061

Hyperlink:http://www.novell.com/linux/security/advisories/2007_61_apache2.html

External Source: MANDRIVA

Name: MDKSA-2007:142

Hyperlink:http://www.mandriva.com/security/advisories?name=MDKSA-2007:142

External Source: MANDRIVA

Name: MDKSA-2007:140

Hyperlink:http://www.mandriva.com/security/advisories?name=MDKSA-2007:140

External Source: VUPEN

Name: ADV-2007-3494

Type: Advisory

Hyperlink:http://www.frsirt.com/english/advisories/2007/3494

External Source: VUPEN

Name: ADV-2007-3420

Type: Advisory

Hyperlink:http://www.frsirt.com/english/advisories/2007/3420

External Source: VUPEN

Name: ADV-2007-3283

Type: Advisory

Hyperlink:http://www.frsirt.com/english/advisories/2007/3283

External Source: VUPEN

Name: ADV-2007-3100

Type: Advisory

Hyperlink:http://www.frsirt.com/english/advisories/2007/3100

External Source: VUPEN

Name: ADV-2007-2727

Type: Advisory

Hyperlink:http://www.frsirt.com/english/advisories/2007/2727

External Source: AIXAPAR

Name: PK50467

Hyperlink:http://www-1.ibm.com/support/search.wss?rs=0&q=PK50467&apar=only

External Source: AIXAPAR

Name: PK53984

Hyperlink:http://www-1.ibm.com/support/docview.wss?uid=swg1PK53984

External Source: AIXAPAR

Name: PK52702

Hyperlink:http://www-1.ibm.com/support/docview.wss?uid=swg1PK52702

External Source: CONFIRM

Name: http://svn.apache.org/viewvc?view=rev&revision=547987

Hyperlink:http://svn.apache.org/viewvc?view=rev&revision=547987

External Source: CONFIRM

Name: http://support.avaya.com/elmodocs2/security/ASA-2007-363.htm

Hyperlink:http://support.avaya.com/elmodocs2/security/ASA-2007-363.htm

External Source: CONFIRM

Name: http://support.avaya.com/elmodocs2/security/ASA-2007-353.htm

Hyperlink:http://support.avaya.com/elmodocs2/security/ASA-2007-353.htm

External Source: MISC

Name: http://security.psnc.pl/files/apache_report.pdf

Hyperlink:http://security.psnc.pl/files/apache_report.pdf

External Source: GENTOO

Name: GLSA-200711-06

Hyperlink:http://security.gentoo.org/glsa/glsa-200711-06.xml

External Source: SECUNIA

Name: 26993

Type: Advisory

Hyperlink:http://secunia.com/advisories/26993

External Source: SECUNIA

Name: 26842

Type: Advisory

Hyperlink:http://secunia.com/advisories/26842

External Source: SECUNIA

Name: 26822

Type: Advisory

Hyperlink:http://secunia.com/advisories/26822

External Source: SECUNIA

Name: 26790

Type: Advisory

Hyperlink:http://secunia.com/advisories/26790

External Source: SECUNIA

Name: 26759

Type: Advisory

Hyperlink:http://secunia.com/advisories/26759

External Source: SECUNIA

Name: 26611

Type: Advisory

Hyperlink:http://secunia.com/advisories/26611

External Source: SECUNIA

Name: 26508

Type: Advisory

Hyperlink:http://secunia.com/advisories/26508

External Source: SECUNIA

Name: 26443

Type: Advisory

Hyperlink:http://secunia.com/advisories/26443

External Source: SECUNIA

Name: 26273

Type: Advisory

Hyperlink:http://secunia.com/advisories/26273

External Source: SECUNIA

Name: 26211

Type: Advisory

Hyperlink:http://secunia.com/advisories/26211

External Source: SECUNIA

Name: 25920

Type: Advisory

Hyperlink:http://secunia.com/advisories/25920

External Source: SECUNIA

Name: 25830

Type: Advisory

Hyperlink:http://secunia.com/advisories/25830

External Source: SECUNIA

Name: 25827

Type: Advisory

Hyperlink:http://secunia.com/advisories/25827

External Source: REDHAT

Name: RHSA-2007:0556

Hyperlink:http://rhn.redhat.com/errata/RHSA-2007-0556.html

External Source: MLIST

Name: [apache-httpd-dev] 20070622 Re: PID table changes (was Re: svn commit: r547987 - in /httpd/httpd/trunk)

Hyperlink:http://marc.info/?l=apache-httpd-dev&m=118252946632447&w=2

External Source: MLIST

Name: [apache-httpd-dev] 20070629 Re: [PATCH] pid safety checks for 2.2.x

Hyperlink:http://mail-archives.apache.org/mod_mbox/httpd-dev/200706.mbox/%3c20070629141032.GA15192@redhat.com%3e

External Source: CONFIRM

Name: http://httpd.apache.org/security/vulnerabilities_22.html

Hyperlink:http://httpd.apache.org/security/vulnerabilities_22.html

External Source: CONFIRM

Name: http://httpd.apache.org/security/vulnerabilities_20.html

Hyperlink:http://httpd.apache.org/security/vulnerabilities_20.html

External Source: CONFIRM

Name: http://httpd.apache.org/security/vulnerabilities_13.html

Hyperlink:http://httpd.apache.org/security/vulnerabilities_13.html

External Source: HP

Name: HPSBUX02273

Hyperlink:http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01182588

External Source: MISC

Name: http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=245111

Hyperlink:http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=245111

External Source: CONFIRM

Name: http://bugs.gentoo.org/show_bug.cgi?id=186219

Hyperlink:http://bugs.gentoo.org/show_bug.cgi?id=186219

External Source: SGI

Name: 20070701-01-P

Hyperlink:ftp://patches.sgi.com/support/free/security/advisories/20070701-01-P.asc

External Source: XF

Name: apache-child-process-dos(35095)

Hyperlink:http://xforce.iss.net/xforce/xfdb/35095

External Source: REDHAT

Name: RHSA-2008:0261

Hyperlink:http://www.redhat.com/support/errata/RHSA-2008-0261.html

External Source: CONFIRM

Name: http://www.fujitsu.com/global/support/software/security/products-f/interstage-200802e.html

Hyperlink:http://www.fujitsu.com/global/support/software/security/products-f/interstage-200802e.html

External Source: VUPEN

Name: ADV-2007-4305

Hyperlink:http://www.frsirt.com/english/advisories/2007/4305

External Source: SUNALERT

Name: 200032

Hyperlink:http://sunsolve.sun.com/search/document.do?assetkey=1-66-200032-1

External Source: SUNALERT

Name: 103179

Hyperlink:http://sunsolve.sun.com/search/document.do?assetkey=1-26-103179-1

External Source: SREASON

Name: 2814

Hyperlink:http://securityreason.com/securityalert/2814

External Source: SECUNIA

Name: 28606

Hyperlink:http://secunia.com/advisories/28606

External Source: SECUNIA

Name: 28224

Hyperlink:http://secunia.com/advisories/28224

External Source: SECUNIA

Name: 28212

Hyperlink:http://secunia.com/advisories/28212

External Source: SECUNIA

Name: 27732

Hyperlink:http://secunia.com/advisories/27732

External Source: SECUNIA

Name: 27563

Hyperlink:http://secunia.com/advisories/27563

External Source: SECUNIA

Name: 27209

Hyperlink:http://secunia.com/advisories/27209

External Source: SECUNIA

Name: 27121

Hyperlink:http://secunia.com/advisories/27121

Vulnerable software and versions

Configuration 1

* cpe:/a:apache:http_server:1.3.37

* cpe:/a:apache:http_server:2.0.59

* cpe:/a:apache:http_server:2.2.4

* Denotes Vulnerable Software

Technical Details

Vulnerability Type (View All)

Design Error (NVD-CWE-DesignError)

CVE Standard Vulnerability Entry:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3304