Description
The shared memory scoreboard in the HTTP daemon for Apache 1.3.x before 1.3.27 allows any user running as the Apache UID to send a SIGUSR1 signal to any process as root, resulting in a denial of service (process kill) or possibly other behaviors that would not normally be allowed, by modifying the parent[].pid and parent[].last_rtime segments in the scoreboard.
Remediation
References
Related Vulnerabilities
Moment.js Other Vulnerability (CVE-2022-31129)
WordPress 3.4 Multiple Vulnerabilities (3.4)
CubeCart Improper Authentication Vulnerability (CVE-2014-2341)
YetiForce CRM Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2022-0269)
WordPress Plugin Mapplic-Custom Interactive Map Server-Side Request Forgery (6.1)