scoreboard.c in the Apache HTTP Server 2.2.21 and earlier might allow local users to cause a denial of service (daemon crash during shutdown) or possibly have unspecified other impact by modifying a certain type field within a scoreboard shared memory segment, leading to an invalid call to the free function.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Http_server | Apache | 2.0.0 (including) | 2.0.65 (excluding) |
| Http_server | Apache | 2.2.0 (including) | 2.2.22 (excluding) |
| Red Hat Enterprise Linux 5 | RedHat | httpd-0:2.2.3-63.el5_8.1 | * |
| Red Hat Enterprise Linux 6 | RedHat | httpd-0:2.2.15-15.el6_2.1 | * |
| Red Hat JBoss Enterprise Web Server 1 for RHEL 5 | RedHat | httpd-0:2.2.17-15.4.ep5.el5 | * |
| Red Hat JBoss Enterprise Web Server 1 for RHEL 6 | RedHat | httpd-0:2.2.17-15.4.ep5.el6 | * |
| Red Hat JBoss Web Server 1.0 | RedHat | * | |
| Apache2 | Ubuntu | hardy | * |
| Apache2 | Ubuntu | lucid | * |
| Apache2 | Ubuntu | maverick | * |
| Apache2 | Ubuntu | natty | * |
| Apache2 | Ubuntu | oneiric | * |