Bug 245117

Summary: CVE-2007-3303 httpd worker DoS
Product: [Other] Security Response Reporter: Mark J. Cox <mjc>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED NOTABUG QA Contact:
Severity: low Docs Contact:
Priority: low    
Version: unspecifiedKeywords: Security
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2007-06-26 12:57:33 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Mark J. Cox 2007-06-21 08:56:11 UTC 
"Apache httpd 2.0.59 and 2.2.4, with the Prefork MPM module, allows local users
to cause a denial of service via certain code sequences executed in a worker
process that (1) stop request processing by killing all worker processes and
preventing creation of replacements or (2) hang the system by forcing the master
process to fork an arbitrarily large number of worker processes. NOTE: This
might be an inherent design limitation of Apache with respect to worker
processes in hosted environments."
Comment 1 Joe Orton 2007-06-26 12:56:05 UTC 
In the security model used by Apache httpd, the less-privileged child processes
(running as the "apache" user) completely handle the servicing of new
connections. Any local user who is able to run arbitrary code in those children
is therefore able to prevent new requests from being serviced, by design.  Such
users will also be able to "simulate" server load and force the parent to create
children up to the configured limits, by design.

A server with untrusted local users must be configured to use a solution like
"suexec" if it's required to allow the users to execute CGI (etc) scripts.