CVE-2002-0839

Name	CVE-2002-0839
Description	The shared memory scoreboard in the HTTP daemon for Apache 1.3.x before 1.3.27 allows any user running as the Apache UID to send a SIGUSR1 signal to any process as root, resulting in a denial of service (process kill) or possibly other behaviors that would not normally be allowed, by modifying the parent[].pid and parent[].last_rtime segments in the scoreboard.
Source	CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
References	DSA-187, DSA-188, DSA-195

The information below is based on the following data on fixed versions.

Package	Type	Release	Fixed Version	Origin
apache	source	woody	1.3.26-0woody	DSA-187
apache	source	(unstable)	1.3.27-0.1
apache-perl	source	woody	1.3.26-1-1.26-0woody2	DSA-195
apache-perl	source	(unstable)	1.3.26-1.1-1.27-3-1
apache-ssl	source	woody	1.3.26.1+1.48-0woody3	DSA-188