icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

Apache mod_ssl < 2.8.10 Off-by-one Overflow

Medium

Synopsis

The remote server is running a web server that is affected by a vulnerability

Description

The remote Apache server is running a version of mod_ssl which contains a off-by-one buffer overflow. An attacker with write access to a .htacess file could exploit this bug to execute arbitrary code on this host with the privileges the web server is running.

Solution

Upgrade to mod_ssl 2.8.10 or higher.