Apache.mod_ssl.ssl_util_uuencode_binary.Buffer.Overflow
Description
This indicates an attempt to exploit a buffer overflow vulnerability in Apache mod_ssl.
The "ssl_util_uuencode_binary" function in "ssl_util.c" for Apache mod_ssl has a stack-based buffer overflow vulnerability. A remote attacker can execute arbitrary code on a vulnerable system via a client certificate with a long subject DN.
Affected Products
mod_ssl 2.8.16 and prior.
Impact
System compromise: remote code execution.
Recommended Actions
Upgrade to the latest version, available from the following web site:
http://www.apache.org/
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |