CVE-2003-1307

Name of the Vulnerable Software and Affected Versions Apache HTTP Server with mod php module (affected versions not specified)

Description The mod php module for the Apache HTTP Server allows local users with write access to PHP scripts to send signals to the server's process group and use the server's file descriptors. This can be demonstrated by sending a STOP signal, then intercepting incoming connections on the server's TCP port. The PHP developer has disputed this issue, stating that it is not a bug in PHP, but rather the responsibility of Apache to protect the file descriptors.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.