Bug 150216

Summary: CAN-2005-0596 php readfile() DoS
Product: Red Hat Enterprise Linux 3 Reporter: Josh Bressers <bressers>
Component: phpAssignee: Joe Orton <jorton>
Status: CLOSED NOTABUG QA Contact: David Lawrence <dkl>
Severity: low Docs Contact:
Priority: medium    
Version: 3.0Keywords: Security
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard: impact=low,public=20040125,source=cve
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2005-03-03 21:26:58 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Description Josh Bressers 2005-03-03 19:59:33 UTC
A bug in the readfile() function of php4 could be used to to crash the httpd
running the php4 code when accessing files with a multiple of the architectures
page size leading to a denial of service.

http://bugs.php.net/bug.php?id=27037&edit=3
http://cvs.php.net/diff.php/php-src/sapi/apache2handler/sapi_apache2.c?r1=1.1.2.24&r2=1.1.2.25&ty=u

Comment 1 Joe Orton 2005-03-03 21:26:58 UTC
We use the apache2filter SAPI in RHEL3, this only affected the
apache2handler in old versions of PHP.

This doesn't affect the version of the apache2handler shipped in
either RHEL4 or any current FC releases either.