Description
The shared memory scoreboard in the HTTP daemon for Apache 1.3.x before 1.3.27 allows any user running as the Apache UID to send a SIGUSR1 signal to any process as root, resulting in a denial of service (process kill) or possibly other behaviors that would not normally be allowed, by modifying the parent[].pid and parent[].last_rtime segments in the scoreboard.
Remediation
References
Related Vulnerabilities
WordPress Plugin WP Custom Pages 'url' Parameter Local File Disclosure (0.5.0.1)
WordPress Plugin Service Area Postcode Checker Cross-Site Scripting (2.0.8)
IBM RTC Generation of Error Message Containing Sensitive Information Vulnerability (CVE-2020-4544)
Python Integer Overflow or Wraparound Vulnerability (CVE-2008-1679)