Bug 150216 - CAN-2005-0596 php readfile() DoS
CAN-2005-0596 php readfile() DoS
Status: CLOSED NOTABUG
Product: Red Hat Enterprise Linux 3
Classification: Red Hat
Component: php (Show other bugs)
3.0
All Linux
medium Severity low
: ---
: ---
Assigned To: Joe Orton
David Lawrence
impact=low,public=20040125,source=cve
: Security
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2005-03-03 14:59 EST by Josh Bressers
Modified: 2007-11-30 17:07 EST (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2005-03-03 16:26:58 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Josh Bressers 2005-03-03 14:59:33 EST
A bug in the readfile() function of php4 could be used to to crash the httpd
running the php4 code when accessing files with a multiple of the architectures
page size leading to a denial of service.

http://bugs.php.net/bug.php?id=27037&edit=3
http://cvs.php.net/diff.php/php-src/sapi/apache2handler/sapi_apache2.c?r1=1.1.2.24&r2=1.1.2.25&ty=u
Comment 1 Joe Orton 2005-03-03 16:26:58 EST
We use the apache2filter SAPI in RHEL3, this only affected the
apache2handler in old versions of PHP.

This doesn't affect the version of the apache2handler shipped in
either RHEL4 or any current FC releases either.

Note You need to log in before you can comment on or make changes to this bug.