Intrusion Prevention

Apache.mod_include.Buffer.Overflow

Description

This indicates an attack attempt against a buffer-overflow vulnerability in the Server Side Includes (SSI) functionality of Apache Web Server.
The vulnerability is caused by an error when the mod_include handles a specially crafted SSI document. It allows a remote attacker to execute arbitrary code.

Affected Products

Apache 1.3.32 and prior

Impact

System compromise

Recommended Actions

Update to the latest versions:
http://www.apache.org/

CVE References

CVE-2004-0940