php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #12280 $file=fopen("http://".$HTTP_SERVER_VARS["SERVER_NAME"].$PHP_SELF, "r");
Submitted: 2001-07-20 08:36 UTC Modified: 2002-04-23 00:37 UTC
From: forester at vzljot dot ru Assigned:
Status: Not a bug Package: Scripting Engine problem
PHP Version: 4.0.6 OS: linux 2.2.18
Private report: No CVE-ID: None
View Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
If you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: forester at vzljot dot ru
New email:
PHP Version: OS:

 

 [2001-07-20 08:36 UTC] forester at vzljot dot ru 
$file=fopen("http://".$HTTP_SERVER_VARS["SERVER_NAME"].$PHP_SELF, "r");

DoS in Apache 1.3.20+PHP 4.0.6.

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2001-07-20 11:29 UTC] cynic@php.net 
this is not the only way you can crash PHP - how about recursive functions? I don't think this can/will/should be fixed. -> suspended.
 [2002-04-23 00:37 UTC] sniper@php.net 
bogus is better..there's one suspended already..
 
PHP Copyright © 2001-2025 The PHP Group
All rights reserved. 		Last updated: Tue Jul 01 04:01:36 2025 UTC