Apache Web Server Configuration File Environment Variable Local Buffer Overflow Vulnerability

According to its version number, the remote version of Apache Web Server is prone to a local buffer-overflow vulnerability that affects a configuration file environment variable. This occurs because the application fails to validate user-supplied string lengths before copying them into finite process buffers. An attacker may leverage this issue to execute arbitrary code on the affected computer with the privileges of the Apache webserver process.
The vendor has released an upgrade. Please see http://www.apache.org/dist/httpd/Announcement2.html for more information.