FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

php -- readfile() DoS vulnerability

Affected packages
	mod_php4-twig	<	4.3.5_7
	php4	<	4.3.5_7
	php4-cgi	<	4.3.5_7
	php4-cli	<	4.3.5_7
	php4-dtc	<	4.3.5_7
	php4-horde	<	4.3.5_7
	php4-nms	<	4.3.5_7
	mod_php	<	4.3.5_7,1
	mod_php4	<	4.3.5_7,1

Details

VuXML ID	07f3fe15-a9de-11d9-a788-0001020eed82
Discovery	2004-01-25
Entry	2005-04-10

A SUSE Security advisory reports:

A bug in the readfile() function of php4 could be used to to crash the httpd running the php4 code when accessing files with a multiple of the architectures page size leading to a denial of service.

[source]

References

Bugtraq ID	12665
CVE Name	CVE-2005-0596
URL	http://bugs.php.net/bug.php?id=27037
URL	http://www.novell.com/linux/security/advisories/2005_06_sr.html