Multiple stack-based buffer overflows in (1) mod_alias and (2) mod_rewrite for Apache before 1.3.29 allow attackers to create configuration files to cause a denial of service (crash) or execute arbitrary code via a regular expression with more than 9 captures.
Although the Configuration utility for F5 Networks products is based on Apache, these products do not provide a way to configure the system to exploit this Apache vulnerability.
Information about this advisory is available at the following location:
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0542>