Apache 'mod_ssl' Log Function Format String Vulnerability

The 'mod_ssl' module is affected by a format-string vulnerability within its logging function. This issue occurs because the application fails to properly implement a formatted-string function.

Successful exploits will most likely allow an attacker to gain control of the execution flow of the affected process and run arbitrary code on the affected computer, but this has not been confirmed.


Privacy Statement
Copyright 2010, SecurityFocus