150216 – CAN-2005-0596 php readfile() DoS

Bug 150216 - CAN-2005-0596 php readfile() DoS

Summary: CAN-2005-0596 php readfile() DoS

Status:	CLOSED NOTABUG
Alias:	None
Product:	Red Hat Enterprise Linux 3
Classification:	Red Hat
Component:	php
Sub Component:	(Show other bugs)
Version:	3.0
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	low
Target Milestone:	---
Assignee:	Joe Orton
QA Contact:	David Lawrence
Docs Contact:
URL:
Whiteboard:	impact=low,public=20040125,source=cve
Keywords:	Security
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2005-03-03 19:59 UTC by Josh Bressers
Modified:	2007-11-30 22:07 UTC (History)
CC List:	0 users
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Story Points:	---
Clone Of:
Environment:
Last Closed:	2005-03-03 21:26:58 UTC
Type:	---
Regression:	---
Mount Type:	---
Documentation:	---
CRM:
Verified Versions:
Category:	---
oVirt Team:	---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Description Josh Bressers 2005-03-03 19:59:33 UTC

A bug in the readfile() function of php4 could be used to to crash the httpd
running the php4 code when accessing files with a multiple of the architectures
page size leading to a denial of service.

http://bugs.php.net/bug.php?id=27037&edit=3
http://cvs.php.net/diff.php/php-src/sapi/apache2handler/sapi_apache2.c?r1=1.1.2.24&r2=1.1.2.25&ty=u

Comment 1 Joe Orton 2005-03-03 21:26:58 UTC

We use the apache2filter SAPI in RHEL3, this only affected the
apache2handler in old versions of PHP.

This doesn't affect the version of the apache2handler shipped in
either RHEL4 or any current FC releases either.

Note You need to log in before you can comment on or make changes to this bug.