DEBIAN-CVE-2007-3304

Advisory lineage Upstream: 1 Downstream: 0

Upstream

CVE-2007-3304

Published: 20 Jun 2007, 22:30

Last modified:28 Apr 2026, 20:09

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

20 Jun 2007, 22:30

Published

Vulnerability first disclosed

28 Apr 2026, 20:09

Last Modified

Vulnerability information updated

Description

Apache httpd 1.3.37, 2.0.59, and 2.2.4 with the Prefork MPM module, allows local users to cause a denial of service by modifying the worker_score and process_score arrays to reference an arbitrary process ID, which is sent a SIGUSR1 signal from the master process, aka "SIGUSR1 killer."

Affected Systems

debian•apache2
< 2.2.4-2 | < 2.2.4-2 | < 2.2.4-2 | < 2.2.4-2

References (1)

https://security-tracker.debian.org/tracker/CVE-2007-3304