Bug 245117 - CVE-2007-3303 httpd worker DoS
CVE-2007-3303 httpd worker DoS
Status: CLOSED NOTABUG
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
unspecified
All Linux
low Severity low
: ---
: ---
Assigned To: Red Hat Product Security
: Security
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2007-06-21 04:56 EDT by Mark J. Cox (Product Security)
Modified: 2007-06-26 08:57 EDT (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2007-06-26 08:57:33 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Mark J. Cox (Product Security) 2007-06-21 04:56:11 EDT
"Apache httpd 2.0.59 and 2.2.4, with the Prefork MPM module, allows local users
to cause a denial of service via certain code sequences executed in a worker
process that (1) stop request processing by killing all worker processes and
preventing creation of replacements or (2) hang the system by forcing the master
process to fork an arbitrarily large number of worker processes. NOTE: This
might be an inherent design limitation of Apache with respect to worker
processes in hosted environments."
Comment 1 Joe Orton 2007-06-26 08:56:05 EDT
In the security model used by Apache httpd, the less-privileged child processes
(running as the "apache" user) completely handle the servicing of new
connections. Any local user who is able to run arbitrary code in those children
is therefore able to prevent new requests from being serviced, by design.  Such
users will also be able to "simulate" server load and force the parent to create
children up to the configured limits, by design.

A server with untrusted local users must be configured to use a solution like
"suexec" if it's required to allow the users to execute CGI (etc) scripts.

Note You need to log in before you can comment on or make changes to this bug.